As I was browsing my folders today, I saw one strange file setting somewhere in one of the folders and when I opened it, it was none other than a text file showing instructions on how to decrypt my files. I was hit by grandcrab 5.1. Fortunately, my NAS newwork drive which holds all valuable actual data isn't hit. I took it immediately offline and turned it off. Now I have to back it up before hooking it up again just in case. I have another NAS laying around. But I need to free my local drives and all my pc's in my local network from the infection. Fortunately for the 2nd time, I can see that there is a working decrypter tool from bitdefender, so I will go try it with the files in my local drives. What I couldn't find is a dedicated removal tool for this grandcrab 5.1 ransomware.
What would be the best way to remove this ? Probably boot into a live CD, scan and remove infections there like we used to do in the old days? Boot into safe mode and scan?
Maybe I need to disable system restore?
What about the registry? I think it needs to be scanned as well.
I want to absolutely get rid of this sh*t, and I will admit I'm not the best when it comes to this. This is the machine in my sig. Damn, I really hate ransomware, it is the worst.
What would be the best way to remove this ? Probably boot into a live CD, scan and remove infections there like we used to do in the old days? Boot into safe mode and scan?
Maybe I need to disable system restore?
What about the registry? I think it needs to be scanned as well.
I want to absolutely get rid of this sh*t, and I will admit I'm not the best when it comes to this. This is the machine in my sig. Damn, I really hate ransomware, it is the worst.