Run a Vulnerability scan on the system in question as well as a virus scan using any or all of the following:

• http://vil.nai.com/vil/stinger/
• http://housecall65.trendmicro.com/
• http://safety.live.com/site/en-US/center/howsafe.htm

Once you have ensured the server is not compromised proceed with the following:

• Install only options/services required
• Install latest OS service patches as recommended at

http://v4.windowsupdate.microsoft.com/en/default.asp

• Install all needed "critical updates"
• Install all needed "Windows OS updates"
• If office is installed Install latest Office updates as recommended at

http://office.microsoft.com/productupdates/

• Update XML to MSXML6:
• http://www.microsoft.com/downloads/details.aspx?FamilyID=993c0bcf-3bcf-4009-be21-27e85e1857b1&DisplayLang=en
• And the apply the patch for it here:

http://www.microsoft.com/downloads/info.aspx?na=22&p=10&SrcDisplayLang=en&SrcCategoryId=&SrcFamilyId=&u=%2fdownloads%2fdetails.aspx%3fFamilyID%3dfd513435-fa6d-407c-bedc-5fd03e5b7d6c%26DisplayLang%3den

• Run Microsoft Baseline Security Analyzer (MBSA) that can be found at

http://www.microsoft.com/downloads/details.aspx?FamilyId=4B4ABA06-B5F9-4DAD-BE9D-7B51EC2E5AC9&displaylang=en