Infection or Bug?
Posted on 2009-06-30
I have a server running Server 2003 Standard that I manage. The company also has a person who handles their rental software. Ever since he took over, setup SQL on the server and has had login rights, the server has had two virus infections. Now it's happening again, and what usually tips me off is there will be tons of cmd.exe in the task manager, and a cmd.exe error followed by a cacls.exe error that appears repeatedly. Evertime I have done the clean, it pulls files out of the SQL directories. I am starting to have my doubts as to whether or not it's truly been infected, or if SQL is causing a bug and maybe the anti-virus (Avast) is seeing SQL files as being suspicious. Any help is greatly appreciated!