Ransomware attack aftermath

[Izzdy]

Hi, I'm not sure where to post this but I wanna my share experience dealing with this.  A bit of a context is that a friend of mine called me to look at her laptop. She said some files were corrupted and it turns out that EVERY file of her's are corrupted. *sigh*

 

The specifics of the type of file is an LMAS (.lma) type file. After looking around i saw a readme.txt file. Inside stated in short, pay 960 in bitcoin to some gibberish email. 

 

To be honest, I am not an expert to deal this sort of stuff and I just reset her laptop via Windows10 setting. 

 

Is there any benefits with my action taken there and I know the consequences that she will lose all of stuff. 

 

Please share your thoughts on this or any of you good people here have dealt with the same situation 

 

[jaslion]

REINSTALL IT NOW.

 

Like full wipe a reset via the windows settings DOES NOT DELETE ALL FILES. That ransomware can easily still be on the system right now and go into action again. So get a usb stick, put windows 10 on it via the windows media creation tool, select custom install, delete and format all partitions and reinstall all that is needed.

[Vishera]

1.Never pay ransom

2.Always backup your data

3.Keep the backup offline,don't connect it to your PC when you don't have to

4.Properly wipe the drive and start a new.

[Vishera]

Just now, jaslion said:

REINSTALL IT NOW.

 

Like full wipe a reset via the windows settings DOES NOT DELETE ALL FILES. That ransomware can easily still be on the system right now and go into action again. So get a usb stick, put windows 10 on it via the windows media creation tool, select custom install, delete and format all partitions and reinstall all that is needed.

The USB stick could be infected as well.

[WaggishOhio383]

1 minute ago, Vishera said:

The USB stick could be infected as well.

Hence why you should ALWAYS have a spare Windows USB install laying around somewhere

[jaslion]

1 minute ago, Vishera said:

The USB stick could be infected as well.

How? I'm just telling them to get a usb stick and put windows on it? Format the drive after and put malwarebytes on the system to check again.

[Vishera]

3 minutes ago, jaslion said:

How? I'm just telling them to get a usb stick and put windows on it? Format the drive after and put malwarebytes on the system to check again.

If the USB drive was ever connected to that PC,even after the reset,there is still a chance that it's infected.

[jaslion]

Just now, Vishera said:

If the USB drive was ever connected to that PC,even after the reset,there is still a chance that it's infected.

That is true. Hence th malwarebyte scan and format. I mean there is only so much you can do up to a point. Best thing to do really is connect the hdd to a linux install and wipe them both that way. Then there is not trace left and then start reinstalling windows.

[Vishera]

Just now, jaslion said:

That is true. Hence th malwarebyte scan and format. I mean there is only so much you can do up to a point. Best thing to do really is connect the hdd to a linux install and wipe them both that way. Then there is not trace left and then start reinstalling windows.

The safest way is to use a live CD that loads it self into a RAM Disk,then you remove the clean drive with the live CD,

And only then start cleaning things up.

Hiren's BootCD PE is an excellent one to use,it even has tools to wipe the drive and several anti-viruses.

[Applefreak]

12 minutes ago, WaggishOhio383 said:

Hence why you should ALWAYS have a spare Windows USB install laying around somewhere

For me: External USB to SATA adapter and a 5.25" DVD-Drive, can't infect what you can't write to.

[jaslion]

9 minutes ago, Vishera said:

The safest way is to use a live CD that loads it self into a RAM Disk,then you remove the clean drive with the live CD,

And only then start cleaning things up.

Hiren's BootCD PE is an excellent one to use,it even has tools to wipe the drive and several anti-viruses.

That is indeed the smartest.

[LogicalDrm]

-> Moved to Programs, Apps and Websites