Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Executable files are created in HDD's and corrupts installers.

4 Weeks Ago   #1
Markitoo22

Windows 7 Ultimate x64
 
 
Executable files are created in HDD's and corrupts installers.

Hello good afternoon. My name is Mark, I'm from Argentina, Buenos Aires. I happened to comment on my case. The issue is that took my pen drive to a graphics company to make some flyers advertising. He was inserted into the machine, and when I'm connected to my PC, I was infected with a particular virus ... The issue is that .exe files are created on the HDD of the machine, files that have the name " direct access to MS-DOS program, "and I can not remove anything, the .EXE that is created with the following names, all random," nhmu "-" faivv "-" LBGP "-... that is, pass any number of Anti-Malware, Anti-Rootkit, Anti-Spyware, whatever you want ... the eliminated, but after a certain time, reappear. Also, we must consider that damages me installers who are in the other Ruled disks, ie, installers programs, games, all kinds of things, giving me a message saying: "The setup files are corrupted, or are incompatible with This version of Setup. Please correct the problem or Obtain a new copy of the program. "... Please dedicate myself to the computer more than 10 years ago, and never happened to me something, honestly, I surfed by more than 500 pages, in order to find information, and nobody can fix ... I set in the Windows registry in the background processes, services of the machine, not quite find anything .. I use the machine for will work, and always take care, this time, it was a mistake to have "confident" the company display advertising ... If you need images, is the way, no problem. I hope answers thanks and greetings!


My System SpecsSystem Spec
.
4 Weeks Ago   #2
samuria

win 8 32 bit
 
 

Welcome to the forum. This is a type of ransom ware which is encrypting all your files to exe if you try and run any they will add more infections. You need to look for svhost running from a strange directory and kill it in task manager you can try downloading rkill see if that kills it delete once you have killed it. We can then fun our scans
My System SpecsSystem Spec
4 Weeks Ago   #3
Markitoo22

Windows 7 Ultimate x64
 
 

Hello. Thanks for answering. The issue is this, I have a lot of processes are called svhost ... As I can realize that this is having problems? I think this has no solution, I can not give the key ...
My System SpecsSystem Spec
.

4 Weeks Ago   #4
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi:

Unfortunately, in most cases, you either have to pay the ransom or your files are toast.
(Sometimes they are toast even if you do pay.)

If it's a ransomware variant for which no decryption key/solution is available now, some experts suggest the following:
  • Remove the entire drive and save it for possible recovery in the future, if/when a key is released.
    • It's a long-shot, but if you have no data backups, it may be the only hope for ever recovering your files.
  • Replace the hard drive with a new one and reinstall Windows from scratch on that new drive.
You can get expert help with general cleanup on the affected system, especially for other malware on it.
But, once the files are encrypted they are pretty much gone unless you have backups.
The ransomware itself is often "gone" once it has done its thing, as it cleans up after it encrypts your files.



Some of the more general computer fora and those that specialize in malware removal have entire sections devoted to ransomware and cryptovirology. You may find additional or more specific advice there, under the circumstances.


Sorry,
MM
My System SpecsSystem Spec
4 Weeks Ago   #5
Markitoo22

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by MoxieMomma View Post
Hi:

Unfortunately, in most cases, you either have to pay the ransom or your files are toast.
(Sometimes they are toast even if you do pay.)

If it's a ransomware variant for which no decryption key/solution is available now, some experts suggest the following:
  • Remove the entire drive and save it for possible recovery in the future, if/when a key is released.
    • It's a long-shot, but if you have no data backups, it may be the only hope for ever recovering your files.
  • Replace the hard drive with a new one and reinstall Windows from scratch on that new drive.
You can get expert help with general cleanup on the affected system, especially for other malware on it.
But, once the files are encrypted they are pretty much gone unless you have backups.
The ransomware itself is often "gone" once it has done its thing, as it cleans up after it encrypts your files.



Some of the more general computer fora and those that specialize in malware removal have entire sections devoted to ransomware and cryptovirology. You may find additional or more specific advice there, under the circumstances.


Sorry,
MM

Good afternoon. These days I was rested, because honestly I was around 50hs trying to solve the problem, and I have not accomplished. From what I can understand it is that you tell me that there is no solution regarding the problem that I'm having, right? That is, by the evolution that had the virus on my PC, I can no longer recover the installation, that is a super powerful virus, and at the end of the account, I was working with more than 14 programs to clean the system, and it became impossible ... so the only alternative is to pay a remote service to an entity that is responsible for eliminating this type of virus, and if not, try to save all my personal information, and format the primary disk, am I Right? Please, if there really is no hope more, decimelo, so start formatting the system and everything back to normal, because I need the PC to work ... I am very grateful and I hope answers, greetings!
My System SpecsSystem Spec
4 Weeks Ago   #6
RolandJS

Windows 7 Professional 64-bit
 
 

Do you have a local business-oriented computer fix-it shop; or a computer store with a fix-it department inside? If yes, and you trust the particular place:
-- print out your two or three posts, take your proof of ownership, and the computer to that shop, be prepared to pay them to:
-- clone the problematic hard-drive, so a ransomware solutions can be attempted on HD's data folders and files
-- purchase a replacement HD and get your Windows Prime installed; you will have to reinstall your 3rd party programs
-- if not purchasing a replacement HD, the original HD can be DBAN'd and the Clone HD can "operated" upon to attempt to rescue your data folders and files
I do not know if paying the ransom will get your data folders and files back.
Going forward, when all of this has been resolved, and you have your computer back safe & sound,
please begin making routine OS and data partition full image backups onto external media.
My System SpecsSystem Spec
4 Weeks Ago   #7
samuria

win 8 32 bit
 
 

In most cases paying just means they demand more money or Rob you. Did you try rkill if you look for svhost running one will be in a none window's folder the longer you run the PC with it running the more it will encrypt it is slow running so you need to get any files that are on off quick. It doesn't effect windows so once you kill the file and delete it your OK
My System SpecsSystem Spec
4 Weeks Ago   #8
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Quote   Quote: Originally Posted by RolandJS View Post
-- purchase a replacement HD and get your Windows Prime installed;
Just curious, @RolandJS: what is "Windows Prime"?
I've never heard of that.

<just trying to learn>

@Markitoo22:

Yes, as far as I know, your data files are likely lost forever if you did not have robust backups somewhere that was not hit by the encryption.
Otherwise, the only real (*faint*) hope, as was already suggested, would be to pull out the hard drive and save it for the future unlikely possibility that a decryption tool may someday be released for that particular ransomware variant.

Several of the busy, reputable computer fora that specialize in computer security have large sections devoted just to ransomware as its own, special topic.

Sorry about that,
MM
My System SpecsSystem Spec
4 Weeks Ago   #9
RolandJS

Windows 7 Professional 64-bit
 
 

"...Just curious, @RolandJS: what is "Windows Prime"? I've never heard of that...." --MoxieMomma
I just got back onto the computer, my definition of Windows Prime means anything/everything that comes out of a Microsoft Windows install DVD and/or from a Microsoft web site [some but not all things].
My System SpecsSystem Spec
4 Weeks Ago   #10
Markitoo22

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by MoxieMomma View Post
Quote   Quote: Originally Posted by RolandJS View Post
-- purchase a replacement HD and get your Windows Prime installed;
Just curious, @RolandJS: what is "Windows Prime"?
I've never heard of that.

<just trying to learn>

@Markitoo22:

Yes, as far as I know, your data files are likely lost forever if you did not have robust backups somewhere that was not hit by the encryption.
Otherwise, the only real (*faint*) hope, as was already suggested, would be to pull out the hard drive and save it for the future unlikely possibility that a decryption tool may someday be released for that particular ransomware variant.

Several of the busy, reputable computer fora that specialize in computer security have large sections devoted just to ransomware as its own, special topic.

Sorry about that,
MM
Hello good day! Well, I am absolutely grateful to everyone for giving me answers regarding this important issue ... It is incredible, as today, in the 21st century, we still have problems to eliminate this type of virus ... That is, perhaps Microsoft does not have the solution for these things? Perhaps the great companies of anti-virus, that fill the mouth of words, and in the end, can not solve this type of failure, considering that they are the most important failures to solve, in the life of a Technician Informatico ... Thank you very much, seeing that in the end, this has no solution, I will proceed to clean my system, file by computer, and then format the computer. I remain calm, that is not a failure, but this was a success, since now we learned, that when this virus makes contact with your machine, there is very little chance of recovering the system ... I was traveling more than 500 pages, and I invested more than 50 hours in trying to solve the problem, it was not achieved, anyway, I now have a lot of information, and I know that in the future, if I find the same case, I will be able to respond quickly and solve quick way. Imagine, if I had decided to speak in this forum, I would still be thinking about how to solve the problem, and spending TOO much time, trying to solve something, now that you, I clarified the panorama, things are totally different, that makes me happy! Thanks for everything! Greetings from Argentina, Buenos Aires!
My System SpecsSystem Spec
Reply

 Executable files are created in HDD's and corrupts installers.




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Warning - KB3004394 corrupts system files
In today's set of Windows 7 updates there is the above KB that corrupts system files - at least in my system. I immediately noticed that my Magnifier .exe was dead and it also mucked around with my Rocket Dock. When you run the updates, you better deselect or hide that one.
Windows Updates & Activation
Deleting corrupt files corrupts more files?
Laptop: Acer Aspire 5552 OS: Windows 7 Home Premium AV: Avast! Antivirus Pro I have an 2TB external hard drive (Toshiba) where I keep my music, movies, etc. About two months ago, I had an issue where the drive became inaccessible due to the data cable disconnecting during file transfers. The...
Hardware & Devices
No Installers Work at all, Not Even Official Installers
As the title says, not a single installer works, even official installers for programs, I trued using the Microsoft FixIt Tool, which shockingly worked, and it said there are no problems so no fixes were made. I also do not have a virus because I have three antivirus programs, and also use Chrome...
Installation & Setup
Non-Executable Files Won't Unpin from Start Menu
I noticed a bit of a weird error with the Windows 7 start menu. Whenever you drag an item into the start menu that isn't an executable file or a shortcut to an executable, it will create an entry, but it doesn't give you the full range of menu options to unpin it when you right click it. For...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 13:34.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App