Search the Community

It happened to me unexpectedly. I was building mini pc for my kids so they could have some simple games to play on. After installing windows and first software I found that on C drive are some modified files and on my network location some new file had showed up next to xpenology icon. Dont remember exactly what was written after I had click on it, I just remember an info that files are become crypted. I immediately turn of my pc and jump on my laptop to check what is going on. From there I went on network share/xpenology and I saw that that on my 2 drives and xpenoboot pendrive same files had appeared / after that I also shut it down. I read on the internet that my problem could cause KMSpico which really is a ransomware and somehow it spread over my home network. I scan my laptop with malwarebytes antyrootkit, antyransomware, adwcleaner and EmsisoftEmergencyKit - everything was ok. Now big question is what should I do with my nas??? Should I go on with this instruction synolocker ransomware-affecting dsm? Before I found this topic I was thinking about 2 other options. First option is to take out all drives, put empty one, install dsm and scan hdd+ xpenoboot pendrive to remove or decrypt files with f.ex Hidden Tear BruteForcer. Afterwards put next drive and scan it/ after that another and another. Second option is to take out hdds, connect it to pc and make a scan (but I dont know is it possible to do in windows because they are linux drives/ maybe with f.ex DiskInternals Linux Reader ). What do You suggest to do? I have dsm 5.2 and 8x 2-6tb drives (only couple of them have backup on external drives).

Привет. Принес сотрудник на работу флешку в локальную сеть, там был вирус, с его рабочего компа вирус может добраться до открытых портов самбы на DSM Sinology, провести шифрование. Может, если там есть уязвимость. Вот, разработчики самбы выпустили обновление для нее https://www.samba.org/samba/history/security.html Есть опыт установки патча?