Jump to content

Gandcrab 5.0.4 Malware


Recommended Posts

My Pc is infected by Gandcrab 5.0.4 Ransomeware virus.

My Pc got 3 partitions. C: only system files D: and E:  Data files

All got infected. I Reinstalled windows and my C: drive is clear now

But my D and E drive all files got encrypted. I have important files in it.

How can I decrypt my Files. All folders have that text files which holds that encryption information.


Kindly help me to recover my files.

Awaiting your replies


Link to post
Share on other sites

Hello @Raju and :welcome:

If indeed the encrypted file names end in .GDBC or .CRAB it still would be best to use the ID Ransomware site to verify with added certainty.

Then, if indeed the files are Gandcrab 5.0.4 encrypted, the GandCrab Ransomware Help & Support Topic (.GDCB, .CRAB & CRAB-DECRYPT.txt) topic at BleepingComputer.com is a part of a clearinghouse of accurate and current ransomware information.

Do not be lured by websites that promise decryption solutions.  Scam sites are all too common.



Edited by 1PW
Link to post
Share on other sites

Hello @Raju:

As you likely have determined, that .onion URL is definitely on the Darknet and may only be accessed with a Tor Browser connection.  Great caution is advised!

If you are entertaining any thoughts of visiting that Darknet site, a Tails built USB stick or Tails built Live DVD might be the minimum safe method (Still Not Recommended) to isolate the C:, D:, and E; drives from being victimized again..

You are far better off recovering your data from your last backup, if available.

TOR Payment Site.jpg

TOR Payment Site

Edited by 1PW
Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.