Do I need a new SSD after getting hacked? STOP/DJVU

Page 1 of 4 123 ... LastLast

  1. Posts : 14
    Windows 10 Pro
       #1

    Do I need a new SSD after getting hacked? STOP/DJVU


    About 40 days ago, I downloaded a sketchy file on my PC and it was a trojan. It downloaded as a zip file and once I extracted it countless executable files started to run and my PC slowed down a bit. So, I restarted it and found that somebody had posted on my Instagram account. Then, I opened my file explorer, and unfortunately, every single file, except windows files, had been encrypted.

    The next day I found out that this was the STOP/DJVU ransomware, which is the most common ransomware type. I tried many things but I am sure I cannot get back my files for at least another five years. Now, I just want to start fresh on my PC.

    So, is it ok to just reinstall windows or do I need to buy a new SSD? Also, do I need to buy a new windows key or just a clean reinstall with formatting will be ok? I just want every file to be deleted so once I start over there isn't anything else. Also, I don't think that anybody has access to the pc, just the data. But let's say somebody does, what do I need to do then?
      My Computer


  2. Posts : 1,091
    Windows 10
       #2

    Try running these tools in order
    STOP Djvu decryptor - Emsisoft: Free Ransomware Decryption Tools

    SFC scan would also be a good idea as it would replace any infected system files

    You would also want to run MSERT
    https://learn.microsoft.com/en-us/mi...o365-worldwide

    - - - Updated - - -

    Also if you have the zip file still or know the download link then scan it with Virus total and paste the link here as it would help to know what Malware it is so that we can tailor towards cleaning the PC.

    If you are going to reinstall windows then formatting the drive means that it will be fine for further use just do a multi pass format on the drive.
      My Computer


  3. Posts : 7,987
    windows 10
       #3

    If you reinstall delete all partitions during installation
      My Computer


  4. Posts : 2,282
    Windows 10 Pro/Windows 7 Ultimate
       #4

    1) You don't need a new hard drive like an SSD. Unless the ransomware touches disk firmware (software on the hard drive chip) which is doubtful. But some very sophisticated malware can...

    2) If you own a Windows product key or Windows installation media, you can reinstall. The Windows boot media will give you the option to delete and then partition the whole drive, do so.

    Depending on the malware, it's typical to write zeros to the entire drive, but I don't think it's really necessary in this case.

    Next time scan ALL downloads at VirusTotal. (Even images believe it or not. But that's REALLY going out there in most cases). The general consensus is four hits and you toss/delete. But it depends on what you have and your ability to know how to read the included Relations and Behaviors. If you're not very computer savvy (admit it) and VirusTotal has that scanned download marked with at least four anti-virus engines, then pres and hold the Shift key and delete the file on site. Sometimes false positives at VirusTotal are possible due to the sheer number of virus engines used for scanning and their ability to reliably indicate real malware or not. Don't trust any comments posted to VirusTotal. At least take them with a grain of salt. Or as I like to say, a mine cart of salt. Meaning, be suspicious of the comments.
      My Computer


  5. Posts : 1,091
    Windows 10
       #5

    Assuming it sounds like a self extracting Archive that means there could be all sorts of malware not just the ransomware, run those tools or multi pass the drive.
      My Computer


  6. Posts : 14
    Windows 10 Pro
    Thread Starter
       #6

    updated


    F22 Simpilot said:
    Depending on the malware, it's typical to write zeros to the entire drive, but I don't think it's really necessary in this case.
    I'm not sure I understand what this means.

    And also what do I need to be suspicious of in the comments?
      My Computer


  7. Posts : 9,746
    Mac OS Catalina
       #7

    hamza8978 said:
    I'm not sure I understand what this means.

    And also what do I need to be suspicious of in the comments?
    What it means is format the drive with a utility that will write all 0's on it which overwrites anything on it. And no you do not need to go out and get a new hard drive because you got hit with malware. Also nothing to be suspicious of in the comments.
      My Computer


  8. Posts : 14
    Windows 10 Pro
    Thread Starter
       #8

    bro67 said:
    What it means is format the drive with a utility that will write all 0's on it which overwrites anything on it.
    do you know any?
      My Computer


  9. Posts : 31,165
    10 Home x64 (22H2) (10 Pro on 2nd pc)
       #9

    bro67 said:
    What it means is format the drive with a utility that will write all 0's on it which overwrites anything on it....
    hamza8978 said:
    do you know any?
    You shouldn't write 0's to every sector of an SSD, it shortens its life. If this SSD is the Samsung 970 Evo Plus in your specs then you can use Samsung Magician to perform a Secure Erase. This will create a bootable usb, boot from this to erase the SSD completely. A secure erase resets every cell to 'empty' without wearing it out by writing to it.

    Samsung Magician & SSD Tools & Software Update | Samsung Semiconductor Global

    Do I need a new SSD after getting hacked? STOP/DJVU-image.png
      My Computers


  10. Posts : 14
    Windows 10 Pro
    Thread Starter
       #10

    Bree said:
    You shouldn't write 0's to every sector of an SSD, it shortens its life. If this SSD is the Samsung 970 Evo Plus in your specs then you can use Samsung Magician to perform a Secure Erase. This will create a bootable usb, boot from this to erase the SSD completely.
    Yes, it is the same 970EVO Plus.
    To summarise, can I have the steps in order to do this?
    (formatting and reinstalling windows)
    Also, do I need a new windows key or can I use the same one I used last time?
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 04:57.
Find Us




Windows 10 Forums