Server malware removal and backup


#1

Hi there!

I was wondering if anyone out there has dealt with cleaning up a Windows Server 2008 of malware?

I just came across a client that hired me to setup a NAS as a backup server. But in getting ready to purchase the NAS they informed me that their server was hit with malware. I’ll be done setting up the NAS soon (it’s currently being shipped) and they asked if I can send them a proposal to clean up their server as well.

My Windows Server experience is limited, plus I’ve never worked with anything older than Windows Server 2016. I explained my lack of experience with Windows Servers but they still wanted a proposal sent since they were looking for someone to do it.

So anyone have any suggestions on cleaning up a Windows 2008 Server? Or should I run to the hills? (<–Iron Maiden reference)


#2

On January 14, 2020, Microsoft will be officially ending its support for Windows Server 2008 R2 so I would push them for a new server as cleaning up an unknown server that you don’t have a history on is asking for trouble.


#3

My thoughts exactly! Thanks for the feedback.


#4

But, in the case they dont comply with your request (as Tom suggested) and you have no choice as to perform the clean up. My suggestion is to get BitDefender protection for Servers as a free trial for 30 days, and with that clean up the Server (before the 30 days trial ends).
I may get crucified for saying this but…if the company does not have sensitive materials, you can also try Kaspersky Endpoint Security for Servers (free trial for 30 days) and try that software.
I personally dont trust Kaspersky Labs Software much, but I have people who used it in the corporate environment and they tell me they never got ransomware or had any problems in many years.
Anyways, good luck!


#5

That is good Tom but if the client is running a LOB application tied to a particular version could be a problem. Ask a lot more questions and if necessary contact LOB vendor before making upgrade decision. Words of wisdom been there done that got the t-shirt.


#6

Thanks for feedback everyone!

I’ve been in contact with the client the past couple of days regarding this request. And for now I’m just consulting them on an upgrade path. I did take a look at Bitdefender Protection as @pedracho suggested because I realized if they don’t get that server cleaned up, their backups are going to be infected as well.