I have a Windows Server running Plesk 12 with MailEnable, I suspect my server is being compromised as it is sending out spam and the log shows that the spams are from 127.0.0.1.
I run a virus scan and it found no virus.
Is there a way to trace and find out the issues?
I have changed the Windows server administrator password, I notice there are some accounts created by Plesk (IME_ADMIN, IMS_USER, Plesk Administrator), can i reset the password for those accounts as well? So that I can eliminate the possibilities of those accounts being compromised?
Thanks.
Patrick
I run a virus scan and it found no virus.
Is there a way to trace and find out the issues?
I have changed the Windows server administrator password, I notice there are some accounts created by Plesk (IME_ADMIN, IMS_USER, Plesk Administrator), can i reset the password for those accounts as well? So that I can eliminate the possibilities of those accounts being compromised?
Thanks.
Patrick