Author Topic: A trojan infected file that Comodo was not able to detect  (Read 1663 times)

Offline ReeceN

  • Comodo Loves me
  • ****
  • Posts: 173
  • Paranoid B#st#rd - CIA
New Gandcrab decryptor released by Bitdefender
« Reply #15 on: February 20, 2019, 06:48:43 AM »
It is a GrandCrab Ransom Trojan

All files on my mycloud storage are encrypted.

Trendmicro online scanner was able to detect it

[attachment deleted by admin]

A new decryptor has been released by Bitdefender that decrypts files encrypted by GandCrab up to version 5.1.

You can download it here: https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/
« Last Edit: March 12, 2019, 12:30:06 PM by EricJH »

Offline ribozyme

  • Newbie
  • *
  • Posts: 15
Re: A trojan infected file that Comodo was not able to detect
« Reply #16 on: February 20, 2019, 08:32:58 AM »
Thanks ReeceN. It works very well with 5.0.4. Tested and decryption continues without any error.

Offline ReeceN

  • Comodo Loves me
  • ****
  • Posts: 173
  • Paranoid B#st#rd - CIA
Re: A trojan infected file that Comodo was not able to detect
« Reply #17 on: February 20, 2019, 08:37:22 AM »
Fantastic news!

Glad it works for you. :)

Offline ribozyme

  • Newbie
  • *
  • Posts: 15
Re: A trojan infected file that Comodo was not able to detect
« Reply #18 on: February 20, 2019, 08:58:58 AM »
finished. All files are back. Thanks again  :-TU

Offline ReeceN

  • Comodo Loves me
  • ****
  • Posts: 173
  • Paranoid B#st#rd - CIA
Re: A trojan infected file that Comodo was not able to detect
« Reply #19 on: February 20, 2019, 09:56:54 AM »
Pleasure :)

Offline liosant

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 999
  • Terra é circo onde nós somos palhaços...
Re: A trojan infected file that Comodo was not able to detect
« Reply #20 on: February 20, 2019, 10:20:10 AM »
1. If you already have the comodo internet security or comodo cloud antivirus, just do a scan, download the shadow explorer https://shadowexplorer.com/

2. With the system clean and protected with the comodo internet security or comodo cloud antivirus, install the shadow explorer and open it;

3. After it appears on your screen, click where the unit indication will be (C: D: ...);

4. Select the drive if you have more than one partition or devices, navigate to the folders where the files were before they were encrypted, create a separate folder, drag and drop or copy and paste the files you want to recover using shadow explorer
or if the above steps are confusing, you can see the link for how to use the shadow explorer program: https://shadowexplorer.com/documentation/manual.html

NOTE: Decrypt files infected by trojancrypt, only allowed thanks to restore points (a kind of non-complete system image), then shadow explorer, allows ordinary users how do I access files.

Sorry my english and and repeating text.
« Last Edit: February 22, 2019, 03:56:06 PM by liosant »

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek