Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help! Ransomware! Multiple drivers affected..

06 Jun 2019   #1
Lance1

Windows 7 Ultimate, Service Pack 1, 64 bit
 
 
Help! Ransomware! Multiple drivers affected..

You would think that with more than 20 years experience I would have control. But No.. I`m cocky I know.. Here's were I stand. My system has 3 dedicated HDD. And The boot Drive is SSD. So. Me and the wife went out. And when we came back the desktop had changed. See Image. I opening this file you see and I`m thinking YA Shite! I made an image of my system a week ago so I shut my system down.. Disconnected all my HDD drives. Connected my HDD with the image of my system and booted up. I using Easeus Todo Backup and it ran flawlessly.. So I shut down and reconnected my other drives and booted up. What I found is that all the files no matter what the extension is are all changed to .DOCM. Except for the SSD boot drive.. For example see the image.. So the question! How to change all the file extensions on all 3 drive! I`m looking around myself.. HELP!




Attached Thumbnails
Help! Ransomware! Multiple drivers affected..-untitled.png  
Attached Images
Help! Ransomware! Multiple drivers affected..-docm.png Help! Ransomware! Multiple drivers affected..-ssd-boot.png 
My System SpecsSystem Spec
.
06 Jun 2019   #2
Lance1

Windows 7 Ultimate, Service Pack 1, 64 bit
 
 

You know! never mind. I have a TB drive with all my important data on it that`s on the shelf. My Main SSD OS is fine. so I`m cleaning off all that old useless data that I should have gotten rid of years ago anyway. My wife calls me a data hoarder and I have come to the conclusion that she is right. Time to start clean. Definitely getting better protection on my system from now on that`s for sure. This has been a wakeup call for me that`s for sure. It`s going to be fun starting from scratch. There's so much new stuff to find out there! I'll wait till tomorrow to see if someone may have a solution.

I Ran:

Avast
Malware bytes
Spy hunter

Nothing came of it. I`ll check in the morning. If there`s no posting! I`m blowing it all away.
My System SpecsSystem Spec
07 Jun 2019   #3
Alejandro85

Windows 7 Ultimate x64
 
 

There isn't much doing right now, your system is already infected and your data probably compromised or destroyed. So the best advice is just the standard.

Stop using the computer right now. Reformat it. Restore your data from backups.
There is no other way to reaction to an infected system.
My System SpecsSystem Spec
.

07 Jun 2019   #4
Lance1

Windows 7 Ultimate, Service Pack 1, 64 bit
 
 

Quote   Quote: Originally Posted by Alejandro85 View Post
There isn't much doing right now, your system is already infected and your data probably compromised or destroyed. So the best advice is just the standard.

Stop using the computer right now. Reformat it. Restore your data from backups.
There is no other way to reaction to an infected system.
As to my first post I restored an image form a week ago and the OS is up and running clean. I scanned the new image install with M-Bytes Spyhunter 5 and avast and came up clean. As for my other drives.. Just for fun I'm running decryption software on then right now. Data Recovery Pro is the first one. This tool is not free. I'm running it as an evaluation. If it can decrypt even one file I'll pay for it. If not.. I'll go for the next one on the list which is EmsiSoft Decryptor (Free) And if it works! Free is better. I tried the payed version first as it had the higher rating. And if nothing work... I'll miss my collection of many years. But I have had to start form scratch before from HDD death.. Anyway I'll keep this post updated as to any success or failure.
My System SpecsSystem Spec
07 Jun 2019   #5
samuria

win 8 32 bit
 
 

Depending on the infections it may well jump to other devices on the network that's how it killed the NHS
My System SpecsSystem Spec
07 Jun 2019   #6
Alejandro85

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by Lance1 View Post
As to my first post I restored an image form a week ago and the OS is up and running clean. I scanned the new image install with M-Bytes Spyhunter 5 and avast and came up clean.
That's not a reliable way to ensure your system is safe, as the image from that point could be as well infected too. You cannot tell for sure if the virus that caused havoc originally wasn't present at that point, you can only tell for sure that you haven't noticed it, which isn't the same.

As for the antiviruses, they're not a reliable way of telling for sure that a system is virus-free. For one, they've already failed to stop the infection the first time, so I find difficult to believe that they'll catch it on a second chance, if it really is there.

So my advice remains, the only safe choice at that point is a clean install. It's generally best practice not to take any chances against viruses, specially ransomware.
My System SpecsSystem Spec
07 Jun 2019   #7
johnhoh

Win7 pro x64
 
 

1) Hope you get it worked out, wish I had some advice for you.
2) This thread will be super helpful to a lot of people if after you get it worked out, you post what specifically you could have done to prevent it from happening.
My System SpecsSystem Spec
.
07 Jun 2019   #8
Lance1

Windows 7 Ultimate, Service Pack 1, 64 bit
 
 

well that was a waste of time. That's a no go on the recovery. Other than that Image I also another TB drive with selected file backup from 2 or 3 weeks back. Redundancy... It's a good thing! I'm going to take Alejandro 85 advice and go completely clean on all drives. Thanks for everyone's input. I hope you don't take this as a cop out on my part. I just don't want this recurring. I'm glad I'm broke or I'd have a case of beer beside me right now. Well I might as well get to it.
My System SpecsSystem Spec
07 Jun 2019   #9
Windower7

Win 7 Ultimate 64-bit
 
 

Have you tried contacting the evil doers? They said they can decrypt one file for free. Worth the try!
My System SpecsSystem Spec
07 Jun 2019   #10
samuria

win 8 32 bit
 
 

The encryption you have seems secure and no solutions yet a lot seem to be getting it GlobeImposter Ransomware Support (.Crypt & .PSCrypt ext - !back_files!.html ) - Ransomware Help & Tech Support
My System SpecsSystem Spec
Reply

 Help! Ransomware! Multiple drivers affected..




Thread Tools




Similar help and support threads
Thread Forum
Multiple Mouse & Keyboard Drivers
I installed a new wireless desktop, Microsoft Wireless 3050 Desktop, and noticed that I've got multiple drivers installed in device manager. I uninstalled the duplicate drivers and rebooted and they all appear to have reinstalled. The screen shot posted below shows the drivers. Is this normal? If...
Hardware & Devices
Multiple BSOD Multiple Drivers - Fresh Install (atikmdag.sys = main)
Hi, i had been having issues with bluescreens once every week or so. I took action by updating my drivers etc but this did not fix the issue. I re-installed windows and got all my drivers on and such yet the problem persists with more bluescreens, more often and with more driver causes. Before the...
BSOD Help and Support
BSOD from multiple drivers
I have been getting these crashes over and over for a very long time, but it only started getting unbearable since i started playing Battlefield 3. The crashes inexplicably increases the occurrence of crashes from randomly to about 75% of the time upon running the game for a short period. The...
BSOD Help and Support
Random problems only while gaming (BSOD, CTD); multiple games affected
I have recently assembled my computer. During normal non-gaming use, I have yet to have any type of issue or problem. However I have had numerous stability issues while gaming and have yet to determine a cause, so I'm hoping to get some assistance. While gaming, I have had occasional Blue...
BSOD Help and Support
Multiple BSOD at Random Times with Multiple Drivers Identified
I am trying to get my wife's new computer up and running without any BSOD or program failures. Note that the system was not initially set up to capture the dmp files so all the earliest ones are missing. I presented the initial problems to the original seller who recommended sticking with MSE and...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:29.
Twitter Facebook