(For moderators: If I posted this in wrong section can you please move this thread to a proper section?)
Hi guys,
Going through the worst nightmare. Recently I started seeing a file named IVRGVHQ-DECRYPT.txt in my folders. Mostly in my projects folder I didn't bother because I thought maybe it's related to software until recently I started seeing this file everywhere on my PC.
Now the issue is a lot of my projects are encrypted with this ransomware there is one notepad file which states install tor & go to the link (Which is in that text file I mentioned earlier) other than that there is a Gandcrab key at the end. I don't see my system locked out or any notification of time to pay ransom of anything else. Let me know what I can do to recover those files.
The worst part is that it kept growing in background & it also infected my backup because I didn't realise until today. When I wanted to restore some stuff from my backup. I see the date created (of encryption text file) as today on most files but the earliest I found is two to three months old. Need your help & fast so it doesn't spread more than it have already.
Update: Unable to download Gandcarb decrypt tool mentioned by bitdefender. Gets stuck at 99%.
Update 02: Tried using bit defender & Avast decryptor but they didn't decrypt the files. Maybe the decrypt key file is missing?
Does anyone have idea where the decrypt file is stored or how can I make sure that the ransomware if not active on my pc anymore?
Hi guys,
Going through the worst nightmare. Recently I started seeing a file named IVRGVHQ-DECRYPT.txt in my folders. Mostly in my projects folder I didn't bother because I thought maybe it's related to software until recently I started seeing this file everywhere on my PC.
Now the issue is a lot of my projects are encrypted with this ransomware there is one notepad file which states install tor & go to the link (Which is in that text file I mentioned earlier) other than that there is a Gandcrab key at the end. I don't see my system locked out or any notification of time to pay ransom of anything else. Let me know what I can do to recover those files.
The worst part is that it kept growing in background & it also infected my backup because I didn't realise until today. When I wanted to restore some stuff from my backup. I see the date created (of encryption text file) as today on most files but the earliest I found is two to three months old. Need your help & fast so it doesn't spread more than it have already.
Update: Unable to download Gandcarb decrypt tool mentioned by bitdefender. Gets stuck at 99%.
Update 02: Tried using bit defender & Avast decryptor but they didn't decrypt the files. Maybe the decrypt key file is missing?
Does anyone have idea where the decrypt file is stored or how can I make sure that the ransomware if not active on my pc anymore?
/malwaretips.com/blogs/remove-gandcrab-v5-0-4-ransomware/
Facebook
Twitter