• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 87
  • Last Modified:

File type and modified date altered on NAS drive

Hello - a number of files on our NAS drive are showing their file type as APPLICATION instead of their correct file type plus their last modified dates have all been changed to the same date / time - 15/02/2015 18:10. This is some form of virus I guess. Any ideas what tool to use to fix it? We are using PCs, a number of which have the NAS as a mapped drive.
0
TedMorey
Asked:
TedMorey
  • 3
  • 2
1 Solution
 
rindiCommented:
Disconnect the PC's from the LAN and scan them for malware using malwarebytes. What type of extensions do the files get?
0
 
TedMoreyAuthor Commented:
Hello Rindi

Thanks for getting in touch. I went with your suggestion + purchased a license for Malwarebytes, here's what I've learned...

1. The drive is infected with Win32 Crytor virus.
2. All file names have had '.exe' appended to them - i.e. mydocument.docx has become mydocument.docx.exe.
3. Malwarebytes only offers me the option to quarantine the affected files - no option to repair them.
4. I was incorrect describing this as a NAS drive - it is a Windows 2008 file server.

Any ideas on how to proceed - to a) remove the virus + b) restore the files?

Thanks
Ed
0
 
rindiCommented:
First make sure you have scanned all of the PC's that connect to the server, as it is most likely at least one of them that is infected, and not the server. Then remove all the malware found first.

Once none of the PC's nor the server is infected anymore, I would just delete those renamed files and restore them from your backups.
0
 
TedMoreyAuthor Commented:
Hello Rindi - thanks for your input on this problem. We have scanned all of the machines currently in the office and no problems were found, which is a relief. This leads me to believe that maybe one of our remote users that only comes into the office once in a while may be the root of the problem - we'll monitor that. However it does not solve the problem of the infected server and we have reluctantly decided to turn it off until such time we can decide on a resolution.
0
 
rindiCommented:
Why is restoring the files from your backups a problem?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now