GrandCrab stands for a ransomware, i.e. the software that asks users to pay certain ransom. The peculiarity of GrandCrab ransomware is that it starts encrypting the majority of important documents and files within the system. There will be clear message by the ransomware about such files being encrypted and the necessity to pay the ransom to have such data restored (decrypted).
The problem with GrandCrab ransomware is that its developers do not give you any guarantee that they will keep their promises. According to the reviews of some people who have paid such ransom before, they still could not restore their important files, photos, etc. They simply remain encrypted and thus could not be returned back.
GrandCrab ransomware, unfortunately, is spread widely in the web today. Typically injection of this junk software takes place when users download and install some cost-free software. It’s surely always very important that you do not authorize any concealed installations to take place in your system. For this goal make sure you always thoroughly read the EULAs (End User License Agreements) related to free programs you intend to install into the system. In case you find the information about some additional programs you do not need, make sure to switch to the advanced (custom) installation mode to avoid such unwanted interference.
GrandCrab removal is not a complex process when you know a great malware removal tool for this purpose. We strongly advise that you perform a thorough scanning of your system using proven virus removal software as clearly suggested in the remainder of the guide below.
STEP 1. Recover files from GrandCrab ransomware encryption
Nowadays ransomware are becoming increasingly popular. Some of them are more dangerous removing backups of your system to make the recovery process impossible.
Please Note: Not all ransomware infections are able to remove backups of your system, so it is always worth to try a windows recovery method below. In order to protect your backups from this danger, try our Anti-Ransomware product.
We recommend use Safe Mode with command prompt to safely perform a recovery of your files. You will have to reboot your computer, so you better save this instruction some where on your hard drive or read if from second computer.
- Windows 10 users: Press the “Power” button from Windows login screen or Settings. Hold the Shift key on your keyboard and click on “Restart”
- After your computer reboots – Click on “Troubleshoot” – press “Advanced options” – “Startup Settings”
- Click the “Restart” button and your computer will reload again and show you the list with all options. You need to choose the “Safe Mode with Command Prompt”
- When your windows loads, enter the following line: cd restore and press Enter.
- After that type rstrui.exe line and press Enter.
- A recovery window will open before you, Click Next to proceed.
- In the next window, you need to choose a Restore point. All files in protected drives will be recovered at the time when this point was created (prior to the infection with GrandCrab). In the case when ransomware removes these backups, there will be no Restore points listed. Select a Restore point and click “Next”.
- Click “Finish” in this window and confirm the recovery process by pressing “Yes“.
Simple example of how to recover your files from ransomware infection:
STEP 2. Get rid of GrandCrab ransomware
After recovery process is done, we strongly recommend you to scan computer with a GridinSoft Anti-Malware, because there are big chances that GrandCrab ransomware left traces of virus. Usually ransomware removing themslf right after encryption, but sometimes cybercriminals can leave traces of virus for own purposes.
- Run GridinSoft Anti-Malware and chose the type of scan, we recommend to click on the “Full Scan” to be sure, that your whole system is checked and scanned.
- Wait while GridinSoft Anti-Malware scans your system, it won’t take a lot of time. Duration depends on overall perfarmance of your computer and total amount of files on it:
- When scan is finished you will see the list of detected files. We recommend move to quarantine all viruses and unwanted programs.
- Greetings! Your system is clean! Moreover you can use On-run protection that prevents different types of viruses and can worn you about downloading malicious file, such as GrandCrab.
STEP 3. Prevent the GrandCrab ransomware infection with GridinSoft Anti-Ransomware
As we already said, usually ransomware removes backups of your OS, so you are not able to restore system. That is why we recommend usuing our product GridinSoft Anti-Ransomware that protects back-ups from being removed. It detects when malicious programs try to delete backups, intercepts this request and blocks the sending process.
Preventing viruses it’s not just about antivirus, it’s about your daily behavior. Make these simple rules a habit to be secured.
- Avoid spam letters. One of the most popular way of spreading viruses is emails. Pay attention to your downloads. It’s important to download and install software from officia;from its official website.
- Do backups regularly. We recommend storing your important files in few different places for more safety.
- Make your system free from any virus. The infected computer i smuch more vulnerable to other malicious files and ransomware.
- Be a level-headed person. Don’t pay the ransom fee right when you see message from cybercriminals, it is always best to search on the internet for some answers. It is possible that someone have developed a decryption tool that might help you.