That could be from a number of causes. Not keeping your computers current
with critical security updates and using weak share permissions with no or
weak passwords are probably the main cause. You should also be using a
firewall to block access to your network and your antivirus should be kept
current with definitions, scan all email/files, and monitor the computer.
Sensitive servers also need to be physically secured to some degree if there
is any chance than a malicious or untrusted user could access it. Users can
also be tricked into installing trojans on there computers if they are not
careful and this also applies to administrators. Servers should not be used
for email and web browsing.
You should take your computer off of any network [possibly connecting it to
a quarantine network] to do repairs. Do a full malware scan and take
measures to prevent such from happening again. Do not connect it to the
network until it has been "hardened". You can use the Microsoft Baseline
Security Analyzer to check for many common vulnerabilities. A fresh install
of the operating system would be the best solution but that is your call.
Problems may persist otherwise as the attacker may have installed backdoors
or scripts to continue to gain access. The links below may help. The last
link is to the free Microsoft Antivirus in Depth Guide. It is a really good
read if you are serious about fixing your problem. --- Steve
http://www.microsoft.com/athome/security/protect/default.mspx -- Protect
Your PC
http://www.microsoft.com/technet/security/tools/mbsahome.mspx -- MBSA
http://support.microsoft.com/default.aspx?scid=KB;en-us;q300958
http://www.microsoft.com/technet/security/topics/serversecurity/avdind_0.mspx