XoristDecryptor v.2.3.10.0

Advertisement
Advertisement

Malware of the family Trojan-Ransom.Win32.Xorist is designed for unauthorized modification of data on a victim computer. It makes computers uncontrollable or blocks its normal performance. After taking the data as a d-deDUhostaged-deDt (blocking it), a ransom is demanded from the user.The victim is supposed to deliver the ransom to the pirate, who is promising to send in return a program which would release the data or restore normal performance of the computer.There is a utility to confront malware of the family Trojan-Ransom.Win32.Xorist - XoristDecryptor.exe.Disinfection of an infected system 1. Download the archive XoristDecryptor.zip. Extract its contents using an archiver program, WinZip for example. 2. Execute the file XoristDecryptor.exe.If you run the utility without any switches, it searches for the key used to encrypt the data. As soon as the key is found, it is used to decrypt all files.Additional command line switches: -l - log file name. -y d-deOCt close the window after the utility work is over.Signs of infection * The user is displayed with messages demanding to send an SMS to decrypt the files. The text is in Cyrillic, so it possible that you will see some hieroglyphic symbols instead. * Another sign is presence of a file named d-deDUd Dcdided DLdiOCidiOCUd DL d DUd TAd dudidC - d Dod T-d Do dided T-didad¬DSdu?d DLdiOC?dided DLd dcd T-diOCUdidO diOC?d T-d Oald T¬diOC¦d-deDt on disk C. * There is a file in the folder Windows named CryptLogFile.txt.The trojan program encrypts all files with the following extensions:doc, xls, docx, xlsx, db, mp3, waw, jpg, jpeg, txt, rtf, pdf, rar, zip, psd, msi, tif, wma, lnk, gif, bmp, ppt, pptx, docm, xlsm, pps, ppsx, ppd, tiff, eps, png, ace, djvu, xml, cdr, max, wmv, avi, wav, mp4, pdd, html, css, php, aac, ac3, amf, amr, mid, midi, mmf, mod, mp1, mpa, mpga, mpu, nrt, oga, ogg, pbf, ra, ram, raw, saf, val, wave, wow, wpk, 3g2, 3gp, 3gp2, 3mm, amx, avs, bik, bin, dir, divx, dvx, evo, flv, qtq, tch, rts, rum, rv, scn, srt, stx, svi, swf, trp, vdo, wm, wmd, wmmp, wmx, wvx, xvid, 3d, 3d4, 3df8, pbs, adi, ais, amu, arr, bmc, bmf, cag, cam, dng, ink, jif, jiff, jpc, jpf, jpw, mag, mic, mip, msp, nav, ncd, odc, odi, opf, qif, qtiq, srf, xwd, abw, act, adt, aim, ans, asc, ase, bdp, bdr, bib, boc, crd, diz, dot, dotm, dotx, dvi, dxe, mlx, err, euc, faq, fdr, fds, gthr, idx, kwd, lp2, ltr, man, mbox, msg, nfo, now, odm, oft, pwi, rng, rtx, run, ssa, text, unx, wbk, wsh, 7z, arc, ari, arj, car, cbr, cbz, gz, gzig, jgz, pak, pcv, puz, r00, r01, r02, r03, rev, sdn, sen, sfs, sfx, sh, shar, shr, sqx, tbz2, tg, tlz, vsi, wad, war, xpi, z02, z04, zap, zipx, zoo, ipa, isu, jar, js, udf, adr, ap, aro, asa, ascx, ashx, asmx, asp, aspx, asr, atom, bml, cer, cms, crt, dap, htm, moz, svr, url, wdgt, abk, bic, big, blp, bsp, cgf, chk, col, cty, dem, elf, ff, gam, grf, h3m, h4r, iwd, ldb, lgp, lvl, map, md3, mdl, mm6, mm7, mm8, nds, pbp, ppf, pwf, pxp, sad, sav, scm, scx, sdt, spr, sud, uax, umx, unr, uop, usa, usx, ut2, ut3, utc, utx, uvx, uxx, vmf, vtf, w3g, w3x, wtd, wtf, ccd, cd, cso, disk, dmg, dvd, fcd, flp, img, iso, isz, md0, md1, md2, mdf, mds, nrg, nri, vcd, vhd, snp, bkf, ade, adpb, dic, cch, ctt, dal, ddc, ddcx, dex, dif, dii, itdb, itl, kmz, lcd, lcf, mbx, mdn, odf, odp, ods, pab, pkb, pkh, pot, potx, pptm, psa, qdf, qel, rgn, rrt, rsw, rte, sdb, sdc, sds, sql, stt, t01, t03, t05, tcx, thmx, txd, txf, upoi, vmt, wks, wmdb, xl, xlc, xlr, xlsb, xltx, ltm, xlwx, mcd, cap, cc, cod, cp, cpp, cs, csi, dcp, dcu, dev, dob, dox, dpk, dpl, dpr, dsk, dsp, eql, ex, f90, fla, for, fpp, jav, java, lbi, owl, pl, plc, pli, pm, res, rnc, rsrc, so, swd, tpu, tpx, tu, tur, vc, yab, 8ba, 8bc, 8be, 8bf, 8bi8, bi8, 8bl, 8bs, 8bx, 8by, 8li, aip, amxx, ape, api, mxp, oxt, qpx, qtr, xla, xlam, xll, xlv, xpt, cfg, cwf, dbb, slt, bp2, bp3, bpl, clr, dbx, jc, potm, ppsm, prc, prt, shw, std, ver, wpl, xlm, yps, md3.

Malware of the family ... There is a utility to confront malware of the family Trojan-Ransom.

program, utility, decrypt, files, performance, family, messages, command

 
  • XoristDecryptor
  • 2.3.10.0
  • Kaspersky
  • WinXP, Win2003, Win2000, Win Vista, Windows 7, Windows 8
  • Freeware
  • 542 Kb
  • 138
  • Free
 
 

Review XoristDecryptor

  • captcha
 

Other software of Kaspersky

New Antivirus software
  • Dr.Web Security Space  v.12.0.2.7240Comprehensive anti-virus security solution for your Windows PC. Real time protection. Installation and operation in an infected system and exceptional resistance to viruses. Efficient detection and neutralization of all types of threats.
  • Dr.Web for Android  v.12.6.4Comprehensive protection for mobile devices from all types of malicious software used by fraudsters to cmiit cybercrimes. Protection components: anti-virus, anti-spam, anti-theft, firewall, URL filter, Security Auditor ...
  • Dr.Web Katana  v.1.0.14.10080Dr.Web KATANA - Kills Active Threats And New Attacks. A non-signature anti-virus. Combats threats that are brand-new and unknown to your anti-virus: encryption ransomware, blockers, and web injectors. Does not conflict with third-party anti-viruses.