Jump to content

Search the Community

Showing results for tags 'gandcrab'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 4 results

  1. Is there an available decryption process for files encryptrd by Gandcrab V5.1?
  2. Hi y'all. My HP Pavilion Sleekbook running Windows 8.1 just had its entire hard drive nuked without any warning, and I'm pretty sure GandCrab V4 had something to do with it. I haven't found any documented incidents of GandCrab causing data erasure, but I do know that the ransom note it creates does mention the possibility of "loss of your data forever." Is it possible that the ransomware somehow failed in encrypting my files, and instead decided to delete them all? When I was trying to download some files onto my laptop, I accidentally ran an executable with the good old .(file extension I want).exe trick. My fault for never turning on file extensions. The file didn't do much of anything, and my Avast Premier didn't detect anything. I ran Avast and MBAM free just to be sure, but everything came back clean. I figured the executable was probably just broken or something, and even if it was something nasty, I'd be alright because I have network discovery disabled and I don't have anything important on there. My laptop worked fine as usual for a couple days until it refused to boot. Windows kept giving me a startup repair loop and said it couldn't find anything. Refreshing wouldn't work as it said that the drive was locked, and resetting the drive wouldn't work either. No system restore images were found (odd considering my laptop just had a major update), and the HP recovery manager couldn't even perform a factory reset. After trying the HP factory reset, I shut down my computer in anger and turned it on again a bit later. This time, instead of booting into startup repair, a message appeared that no operating system was found on the hard disk. I got a Windows 8.1 ISO, and when I booted into it and got the directory of the C drive in command prompt, it was completely empty. I decided to look in the D drive, which was previously used for HP recovery, and found nothing but the GandCrab V4 ransom note telling me to cough up some money or else my files would stay encrypted. I find it odd that all my files were deleted and the ransom note happened to be the only file that survived on the entire hard disk. There were no .KRAB files, no Windows folder, nothing. Just the note in the D drive. Is it possible that this is a new manifestation of GandCrab? TLDR: It looks like GandCrab nuked my hard disk instead of encrypting my files. Is that even possible??
  3. this has taken over my system. added ,gdbc extension to all my files which has made them unusable. any idea on how i can remove this? ran malwarebyte but it did not detect it
  4. We have a user machine that is affected by the GandCrab ransomware. This machine has both Anti-Malware and Anti-Exploit installed. Virustotal results for the hash: https://www.virustotal.com/en/file/760cdf98264ebefdc2bcfb0c90e88ea9cd26130041260f12bb89b79a94134ec7/analysis/
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.