Server hack (ransom ware)

Is that what you get when you boot up the computer?  If so, not a lot you can do.  Do you have daily backup of the server?

Last resort, you can attached each hard drives on another computer equipped with Malware Bytes then scan each one.  Let MB detect and fix the problem.  Of course it goes without saying that you do this on a test machine so you won't have to worry about the malware spreading.

I have already tried that, the external backup HD and the internal HD's are not recognize in nay kid of PC (windows, mac and Linux) every time I put one of those in another PC I get the message to format the drive.  This is similar to the Petya ransom ware in some ways but I cannot figure out which one it is. Still thanks for your comment.

Just start your RAID controller's utility and remove the disks from the array. Then create new arrays and restore your system from your backups. There is no point in trying to find out what has encrypted your system, you wouldn't be able to do anything about it when you knew that anyway.

There are no backups, only backup was on the external drive which seems to be encrypted in a similar way. This is new client, they did not have any real IT assistance. Still if someone has seen this before and has been able to identify the name of the ransom ware it will be very helpful. Thanks.

Well I will wait to see if anyone else has seen this before and has any solution. Thanks for your answers.

The petya app it's not able to see teh disk. Since there is  no backup I'm still looking for anything that would help.

The experts has suggested the solution and means since the HDD is encrypted as shared. Get the HDD decrypted then check further on the encrypted file using idransom or cyber sheriff.

Eventually recommendation if attempt is futile, continue to still establish clean machine and get data from backup as last resort.