Help! Ransomware! Multiple drivers affected..

[Lance1]

You would think that with more than 20 years experience I would have control. But No.. I`m cocky I know.. Here's were I stand. My system has 3 dedicated HDD. And The boot Drive is SSD. So. Me and the wife went out. And when we came back the desktop had changed. See Image. I opening this file you see and I`m thinking YA Shite! I made an image of my system a week ago so I shut my system down.. Disconnected all my HDD drives. Connected my HDD with the image of my system and booted up. I using Easeus Todo Backup and it ran flawlessly.. So I shut down and reconnected my other drives and booted up. What I found is that all the files no matter what the extension is are all changed to .DOCM. Except for the SSD boot drive.. For example see the image.. So the question! How to change all the file extensions on all 3 drive! I`m looking around myself.. HELP!

 

[Lance1]

You know! never mind. I have a TB drive with all my important data on it that`s on the shelf. My Main SSD OS is fine. so I`m cleaning off all that old useless data that I should have gotten rid of years ago anyway. My wife calls me a data hoarder and I have come to the conclusion that she is right. Time to start clean. Definitely getting better protection on my system from now on that`s for sure. This has been a wakeup call for me that`s for sure. It`s going to be fun starting from scratch. There's so much new stuff to find out there! I'll wait till tomorrow to see if someone may have a solution.

I Ran:

Avast
Malware bytes
Spy hunter

Nothing came of it. I`ll check in the morning. If there`s no posting! I`m blowing it all away.

 

[Alejandro85]

There isn't much doing right now, your system is already infected and your data probably compromised or destroyed. So the best advice is just the standard.

Stop using the computer right now. Reformat it. Restore your data from backups.
There is no other way to reaction to an infected system.

 

[Lance1]

There isn't much doing right now, your system is already infected and your data probably compromised or destroyed. So the best advice is just the standard.

Stop using the computer right now. Reformat it. Restore your data from backups.
There is no other way to reaction to an infected system.

As to my first post I restored an image form a week ago and the OS is up and running clean. I scanned the new image install with M-Bytes Spyhunter 5 and avast and came up clean. As for my other drives.. Just for fun I'm running decryption software on then right now. Data Recovery Pro is the first one. This tool is not free. I'm running it as an evaluation. If it can decrypt even one file I'll pay for it. If not.. I'll go for the next one on the list which is EmsiSoft Decryptor (Free) And if it works! Free is better. I tried the payed version first as it had the higher rating. And if nothing work... I'll miss my collection of many years. But I have had to start form scratch before from HDD death.. Anyway I'll keep this post updated as to any success or failure.

 

[samuria]

Depending on the infections it may well jump to other devices on the network that's how it killed the NHS

 

[Alejandro85]

As to my first post I restored an image form a week ago and the OS is up and running clean. I scanned the new image install with M-Bytes Spyhunter 5 and avast and came up clean.

That's not a reliable way to ensure your system is safe, as the image from that point could be as well infected too. You cannot tell for sure if the virus that caused havoc originally wasn't present at that point, you can only tell for sure that you haven't noticed it, which isn't the same.

As for the antiviruses, they're not a reliable way of telling for sure that a system is virus-free. For one, they've already failed to stop the infection the first time, so I find difficult to believe that they'll catch it on a second chance, if it really is there.

So my advice remains, the only safe choice at that point is a clean install. It's generally best practice not to take any chances against viruses, specially ransomware.

 

[johnhoh]

1) Hope you get it worked out, wish I had some advice for you.
2) This thread will be super helpful to a lot of people if after you get it worked out, you post what specifically you could have done to prevent it from happening.

 

[Lance1]

well that was a waste of time. That's a no go on the recovery. Other than that Image I also another TB drive with selected file backup from 2 or 3 weeks back. Redundancy... It's a good thing! I'm going to take Alejandro 85 advice and go completely clean on all drives. Thanks for everyone's input. I hope you don't take this as a cop out on my part. I just don't want this recurring. I'm glad I'm broke or I'd have a case of beer beside me right now. Well I might as well get to it.

 

[Windower7]

Have you tried contacting the evil doers? They said they can decrypt one file for free. Worth the try!

 

[samuria]

The encryption you have seems secure and no solutions yet a lot seem to be getting it GlobeImposter Ransomware Support (.Crypt & .PSCrypt ext - !back_files!.html ) - Ransomware Help & Tech Support

 

[Lance1]

Have you tried contacting the evil doers? They said they can decrypt one file for free. Worth the try!

NO! I don't talk to scumbage trash like that.

Just to Update. I have a clean install in place. I downloaded Bitdefender's 30 day trial to take it for a test run. Not longer after the install I found that Bitdefender had a 90 day trial. I clicked the link and it brought me to there site. They said that I already had a 30 trial and would I like to add the 90 day to my account! I said yes! So now I have 120 day trial!! Here's the link to the 90 Trial---> Bitdefender 2019 If you want 120 days... Go to there site and download there 30 trial, install it, then go to the link and follow the instructions. O! You can install this on 5 separate systems. And when you log into Bitdefender Central you can track you systems. At least something good happened today...

 

[Windower7]

If you want 120 days... Go to there site and download there 30 trial, install it, then go to the link and follow the instructions. O! You can install this on 5 separate systems. And when you log into Bitdefender Central you can track you systems. At least something good happened today...

Thanks man. I think I am going to try it.

Regarding their VPN product, how much bandwidth (per month) do they allow you to use with their Total Security product? I think only the Premium Security product has unlimited VPN traffic.

 

[Windower7]

Thanks man. I think I am going to try it.

Regarding their VPN product, how much bandwidth (per month) do they allow you to use with their Total Security product? I think only the Premium Security product has unlimited VPN traffic.

I think their VPN is part of their premium service. So either you pay for it separately or it is included in the Premium Security Product Version.