Security Software Lmas virus
- Thread starter 0techie
- Start date
Btw.. what were ypu doing when you executed this ransomware. FYI there is no decryptor available for this ransomware.
Searching on Google they gave different steps to stop the ransomware. I would suggest format everything and start a new. I know your data would be lost but since no decryptor is available no one can help you.
Searching on Google they gave different steps to stop the ransomware. I would suggest format everything and start a new. I know your data would be lost but since no decryptor is available no one can help you.
Unfortunately, there is no decryptor yet for this ransomware. Pre existing backup and format is the only way to recover.
This might help- https://www.bleepingcomputer.com/forums/t/748506/lmas-ransomware/
This might help- https://www.bleepingcomputer.com/forums/t/748506/lmas-ransomware/
How did this happen ?
Even I want to know that. Even if he is using windows defender. It should have the signatures of the ransomware.
nRiTeCh
Level N
Curious to know if you opened any spam doc or xls file or an exe or .torrent file.
Which exe.. where did you download it.
nRiTeCh
Level N
Fake download site like crackware.
nRiTeCh
Level N
Actually everyone doesn't have patience to run every warez in virtualbox. Its a lazy practice.
I have analyzed few such exe files where the actual crack is present in the file but one needs to extract it manually but 98% people will simply download, run and bang get infected.
The outer exe is linked to a suspicious exe inside the archive/package which gets triggers while some exes wont show any gui when launched, instead will download some code from xyz site in the background while you are busy running the same exe multiple times and when you see taskmanager you will see those multiple exes running and by that time those exes might had even taken control of your system where you wont even be able to terminate the exes and system gets injected with code and infected.
And gone are the years where one used to get a plain cracked.exe etc. warez in just one click of a link but now its all scam around with fake or infected crap around.
I have analyzed few such exe files where the actual crack is present in the file but one needs to extract it manually but 98% people will simply download, run and bang get infected.
The outer exe is linked to a suspicious exe inside the archive/package which gets triggers while some exes wont show any gui when launched, instead will download some code from xyz site in the background while you are busy running the same exe multiple times and when you see taskmanager you will see those multiple exes running and by that time those exes might had even taken control of your system where you wont even be able to terminate the exes and system gets injected with code and infected.
And gone are the years where one used to get a plain cracked.exe etc. warez in just one click of a link but now its all scam around with fake or infected crap around.