I have a small network of several Windows 10 machines (all protected by BitDefender 2020 Total Security), one of which acts as server with Firebird database.
For some time the database is deteriorating – in some random records some fields have altered values. I completly changed the server machine for a brand new with fresh Windows 10 installation and antivirus, on which the database was recreated from GBK archive. The primary machine was carefully check for RAM errors (with MemTest86) and SSD errors (CrystalDiskInfo and ADATA SSD ToolBox) – everything was in 100% fine.
I don’t have no suspicions other than that the server was hacked, but it looks like an alleged malware / virus must move inside database (even packed GBK archive), because only GBK file was moved to new machine (on verified pendrive).
Is it even possible that the virus is stored inside the database (e.g. in the form of stored procedures, etc.) and it transfers with GBK archive? If so, how to detect and remove it from database?
(Firebird database is stored in the form of single FDB file, which was scanned by BitDefender without any results)