PDF Files Recovery-Trojan.GenericKDZ.83579

Hi, I hav many PDF files infected with malware or like a Trojan.GenericKDZ.83579

its called by various names W32.Tempedreve.C!inf OR W32/PdfCrypt.b!638DAAA70AA1

Only PDF files were infected and modified as .exe file and hence could not open those files.

If any one have solutions/work arounds to recover such infected files, please share with me.

Thanks

Answers

  • Gjoksi
    Gjoksi Defender of the month mod
    edited April 17

    Hello.
    You should try the Bitdefender Ransomware Recognition Tool:

    https://www.bitdefender.com/blog/labs/bitdefender-ransomware-recognition-tool/
    and see if you can get the appropriate decryption tool, if it exists.

    You could also contact Bitdefender Consumer Support by chat, telephone or e-mail:

    https://www.bitdefender.com/consumer/support/help/
    Chat is the fastest way to get in touch with Bitdefender Consumer Support.
    NOTE: Bitdefender telephone support is not toll-free!

    Regards.

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello again.

    Forgot to mention that you should also scan (and disinfect, if needed) your PC with Bitdefender Rescue Environment:

    https://www.bitdefender.com/consumer/support/answer/29132/

    Regards.

  • Hi Gjoksi

    Thanks for your immediate response. I tried with recognition tool. Attached the screen shots for your reference.

    In the note path, it allows to select only particular files. Hence I selected an infected file.

    In the files path, I selected a temporary folder

    Unable to identify the ransomware!….. is the result…

    What next ? Please suggest if you can go further on this..

  • [Deleted User]
    [Deleted User] ✭✭✭✭✭

    @Eswaran Siva ,

    Welcome to the Bitdefender Forums. Sorry to hear about the possible ransomware infection.

    Bleeping Computer has a dedicated Forum for Ransomware identification, advice, and whether decryptor keys are available for specific strains of ransomware.

    If the Bitdefender program does not recognize the ransomware and my colleagues here are unable to assist you further, then you could go there for assistance.

    If you do go there for assistance, you should ask a Moderator here to close your topic. It is considered bad "netiquette" to post simultaneously about the same issue on multiple Forums.

    Good luck. Have a great day.

    Regards,

    Phil

  • Flexx
    Flexx mod
    edited April 18

    To add here, you can upload the ransom note and encrypted file on https://id-ransomware.malwarehunterteam.com/ , which boasts the largest collection of known ransomware. If it detects the variant, it will inform you whether a decryptor is available for that specific ransomware.

    Additionally, https://www.nomoreransom.org/en/decryption-tools.html hosts the largest collection of ransomware decryptors for those that can be decrypted.

    If you can, kindly send me any ransom-encrypted file via PM along with the ransom text file. I'll check if there's a decryptor available.

    After reviewing your uploaded images, I found that the ransom note is in .exe format, which won't function properly. It should be a text file with a .txt extension. Also, you only need to check a folder with at most one encrypted file. The encrypted file can have any extension, depending on the ransomware type, but avoid .exe or other well-known extensions. And this could be one of the reasons why Bitdefender's ransomware recognition tool couldn't identify the type of ransomware that affected your system.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)