IBM x3400 Server getting virus problem after formatting

IBM X3400 Server
HI Everyone I have an IBM x3400 server, in which I  have install Windows server 2003 R2 Standard Addition with service pack 2 with SQL 2005 Standard. In this server ERP running on our multiple office. The problem are when I have format my server and install all software, then after 2 or three days that are getting Request timed out when I have ping any public network in time interval, and after two days there some unknown service started. and after one week I'm unable to login that server and require to formatting. I have install different antivirus software like mcafee total protection, mcafee 7.5, quick heal total protection, spyware terminator, but nothing are working. I have also a hardware firewall Fortigate 50a, in which i have mapped my server public to private network, and open only 1433 and 1433 port. I'm also open that port in windows firewall and another all port and web access are totally closed. but after that why my server are infected through virus or spyware. Every two or three weeks I have format my server. I have also call IBM Service and he was also change the system board and HDD of server, but its getting same problem. Please someone help me. Thanks Sanjay

Answer Wiki

Thanks. We'll let you know when a new response is added.

Be sure the server OS is fully patched and kept up to date. Run the Microsoft Malicious Software Removal Tool (MRT) when you suspect virus problems – especially if other products do not detect issues. This tool scans all files and may take a while to complete but is a good free tool against malware. Port filtering does not completely protect your system or data against compromise. You need to be sure the application/service is hardened. The application will need to be properly configured against attacks like SQL injection. Please provide more information about the “unknown service” that gets started after a few days. We might be able to help you identify the malware and suggest the appropriate steps to secure your system.

In the IT trenches? So am I – read my IT-Trenches blog.

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • carlosdl
    What was that unknown service ? did you investigate ? Did you check the event log ? Are you completely sure it is a virus infection ? Also, there are more people with physical access to that server ? Why did IBM change the system board and HDD of the server ?
    85,005 pointsBadges:
  • Kevin Beaver
    So you're opening SQL Server from the Internet to your internal network?? If so, the exploitation could be coming through that if SQL Server is not properly patched, hardened, and otherwise secured. Go to and sign-up for a free scan of theirs for your public IP and see if anything's exploitable.
    27,520 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: