Trojan download

[jerebord]

Someone downloaded an apparently malicious file, and the computer got infected with viruses. Word files were encrypted and their file extension changed to ".gatz" now.
I used different antivirus and antimalware but I think it is still infected.

1.log
CollectionLog-2023.08.05-10.30.zip

[dragokas]

Hi,
thank you for the log.
We'll return to you as soon as possible.

---

Please, note that only members of VIRUSNET-Association are allowed to respond to PC cure topics.
Ignore any recommendations given by other users, including PM !!!

Assistance is provided free of charge in our free time. If you found our help useful, you can thank us with any amount using this form or you can leave feedback in Guestbook.

[Sandor-Helper]

Hi,
Please zip a couple of encrypted files (with .gatz extention) along with the ransome note (if you have one) and attach it to your next post.
In addition:
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce logs called FRST.txt and Addition.txt in the same directory the tool is run from.
• Please attach the logs back here.

[jerebord]

Encrypted files (with .gatz extention).
Desktop.zip

Farbar Recovery Scan Tool files.
FRST.txt
Shortcut.txt
Addition.txt

[Sandor-Helper]

Thanks for the logs.
Can you please also attach this file?

C:_readme.txt

[jerebord]

_readme.txt

[Sandor-Helper]

Type of ransome is STOP (Djvu). Decryption for this encryptor was available only for early versions.

I see that you've already try to use it with no luck.