We have a company in angola that got Ransomware and as expected had no backup. They contacted me asking for help to solve the problem.
Do we have any way to solve a post-infection with the end point?
We could sell, install the endpoint to remove the threat, but would it install with the infected machine?
As far as I know, after infecting if encrypted the files were already ... the only solution would be to remove the ransonware and protect it from happening any more.
What is the recommendation to clean the machines before installing the endpoint?