Kaspersky
Solved

Kaspersky Small Office not prevent Ransom Attack on our Computer

  • 20 April 2019
  • 6 replies
  • 847 views

Today i'm so sad, My computer got attack from gancrab ver 5.2.

I really supprise because i using kaspersky small office security and always update the DB.

Even after the attack i tried use kaspersky to scan and hopefully able to remove the virus but no luck at all.

Kaspersky not able to detect anything and right now all my files got encrypted by this virus

Hopefully kaspersky able to help me to fix this problem
icon

Best answer by Caos 21 April 2019, 11:01

Today i'm so sad, My computer got attack from gancrab ver 5.2.

I really supprise because i using kaspersky small office security and always update the DB.

Even after the attack i tried use kaspersky to scan and hopefully able to remove the virus but no luck at all.

Kaspersky not able to detect anything and right now all my files got encrypted by this virus

Hopefully kaspersky able to help me to fix this problem

Hi,

Aditionally, please upload the necessary information so that we can help you (Version and build of Kaspersky installed, OS and servicepack installed, upload your getsysteminfo (gsi) using the latest available version of it, you must send the URL of the Web that is generated with the report, to review it, etc ...).

To generate the getsysteminfo (gsi) check this link: https://support.kaspersky.co.uk/common/diagnostics/3632#block7

Getsysteminfo (GSI) direct download: http://media.kaspersky.com/utilities/ConsumerUtilities/GetSystemInfo6.2.zip

In addition to attaching the gsi file, it is advisable to send the URL link of the Web that is generated with the report, to facilitate the work.

Please review and configure KSOS using this: https://support.kaspersky.com/14801
Review also how ransomware works: https://www.kaspersky.com/blog/ransomware-faq/13387/

How did the GandCrab vb5.2 ransomware get on my devices?
The GandCrab V5.2 ransomware is distributed via spam email containing infected attachments or links to malicious websites. Cyber-criminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx. The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made.
Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link embedded inside the email). And with that, your computer is infected with the GandCrab V5.2 ransomware.

Never open attachments from emails received from unknown recipients, no matter how scary was not the headline.
And if there is an executable file (extension .exe, .com, .bat, .cmd, .scr, etc...), it is 99 (9)% trap for you.

Remember that any Antivirus can´t guarantee the 100% of protection, detection, etc...

There is no decryption tool available for the GandCrab V5.2 ransomware. However, you can try to search these sites for updates:

Open a support ticket in my Kaspersky account, send them sample of an encrypted file, and if you had the same file without encrypting.

Regards
View original

6 replies

Userlevel 7
Badge +6
Hello Yustian,
Sorry to read your bad news.
Not sure if you've read any other Community posts, if not please read post from Junob8rock, he/she reported the same infection https://community.kaspersky.com/kaspersky-anti-virus-12/solution-gandcrab-5-2-688.

Even tho they're using KAV & you're using KSO, (imo) the information would be the same across platforms.
have read

https://community.kaspersky.com/kaspersky-anti-virus-12/solution-gandcrab-5-2-688.

But no solution on that thread
Userlevel 7
Badge +6
Hello Yustian,
I guess it depends on your expectations (imo) there are solutions and advice.
Perhaps reach out to the Kaspersky Support Team, I'm sure they'll help.
Thanks!
Userlevel 7
Badge +9
Today i'm so sad, My computer got attack from gancrab ver 5.2.

I really supprise because i using kaspersky small office security and always update the DB.

Even after the attack i tried use kaspersky to scan and hopefully able to remove the virus but no luck at all.

Kaspersky not able to detect anything and right now all my files got encrypted by this virus

Hopefully kaspersky able to help me to fix this problem

Hi,

Aditionally, please upload the necessary information so that we can help you (Version and build of Kaspersky installed, OS and servicepack installed, upload your getsysteminfo (gsi) using the latest available version of it, you must send the URL of the Web that is generated with the report, to review it, etc ...).

To generate the getsysteminfo (gsi) check this link: https://support.kaspersky.co.uk/common/diagnostics/3632#block7

Getsysteminfo (GSI) direct download: http://media.kaspersky.com/utilities/ConsumerUtilities/GetSystemInfo6.2.zip

In addition to attaching the gsi file, it is advisable to send the URL link of the Web that is generated with the report, to facilitate the work.

Please review and configure KSOS using this: https://support.kaspersky.com/14801
Review also how ransomware works: https://www.kaspersky.com/blog/ransomware-faq/13387/

How did the GandCrab vb5.2 ransomware get on my devices?
The GandCrab V5.2 ransomware is distributed via spam email containing infected attachments or links to malicious websites. Cyber-criminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx. The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made.
Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link embedded inside the email). And with that, your computer is infected with the GandCrab V5.2 ransomware.

Never open attachments from emails received from unknown recipients, no matter how scary was not the headline.
And if there is an executable file (extension .exe, .com, .bat, .cmd, .scr, etc...), it is 99 (9)% trap for you.

Remember that any Antivirus can´t guarantee the 100% of protection, detection, etc...

There is no decryption tool available for the GandCrab V5.2 ransomware. However, you can try to search these sites for updates:

Open a support ticket in my Kaspersky account, send them sample of an encrypted file, and if you had the same file without encrypting.

Regards
Can anyone suggest me decryptor tool for .heroset ransomware... it encrypted my all data in 3 pc.. Please suggest..
Userlevel 7
Badge +1
Welcome. Please contact Tech Support: https://my.kaspersky.com/support/

Please attach the following items to your Tech Support request:

a. Description of the issue.
b. Screenshot, as needed.
c. GSI

Reply / Ответить