About Site Map Submit Contact Us Log in | Create an account
Create an account Log In
Average Rating
User Rating:
Visitors Rating:
My rating:

Write review
  • License: Freeware
  • Last update: 3 years ago
  • Total downloads: 208
  • Price: Free |
  • Operating system: WinXP, Win2003, Win2000, Win Vista, Windows 7, Windows XP X64, Windows Vista64, Windows 7 x64, Windows 8, Windows 8 x64
  • Publisher: Kaspersky (23 other programs)
See full specifications

XoristDecryptor iconXoristDecryptor Publisher's description

There is a utility to confront malware of the family Trojan-Ransom.Win32.Xorist

Malware of the family Trojan-Ransom.Win32.Xorist is designed for unauthorized modification of data on a victim computer. It makes computers uncontrollable or blocks its normal performance. After taking the data as a “hostage” (blocking it), a ransom is demanded from the user.

The victim is supposed to deliver the ransom to the pirate, who is promising to send in return a program which would release the data or restore normal performance of the computer.

There is a utility to confront malware of the family Trojan-Ransom.Win32.Xorist - XoristDecryptor.exe.

Disinfection of an infected system:

1. Download the archive XoristDecryptor.zip.
Extract its contents using an archiver program, WinZip for example.
2. Execute the file XoristDecryptor.exe.

If you run the utility without any switches, it searches for the key used to encrypt the data. As soon as the key is found, it is used to decrypt all files.

Additional command line switches:

-l - log file name.
-y – close the window after the utility work is over.

Signs of infection

* The user is displayed with messages demanding to send an SMS to decrypt the files. The text is in Cyrillic, so it possible that you will see some hieroglyphic symbols instead.

* Another sign is presence of a file named “Прочти Меня - как рас�?ифровать файлы” on disk C.

* There is a file in the folder Windows named CryptLogFile.txt.

The trojan program encrypts all files with the following extensions:

doc, xls, docx, xlsx, db, mp3, waw, jpg, jpeg, txt, rtf, pdf, rar, zip, psd, msi, tif, wma, lnk, gif, bmp, ppt, pptx, docm, xlsm, pps, ppsx, ppd, tiff, eps, png, ace, djvu, xml, cdr, max, wmv, avi, wav, mp4, pdd, html, css, php, aac, ac3, amf, amr, mid, midi, mmf, mod, mp1, mpa, mpga, mpu, nrt, oga, ogg, pbf, ra, ram, raw, saf, val, wave, wow, wpk, 3g2, 3gp, 3gp2, 3mm, amx, avs, bik, bin, dir, divx, dvx, evo, flv, qtq, tch, rts, rum, rv, scn, srt, stx, svi, swf, trp, vdo, wm, wmd, wmmp, wmx, wvx, xvid, 3d, 3d4, 3df8, pbs, adi, ais, amu, arr, bmc, bmf, cag, cam, dng, ink, jif, jiff, jpc, jpf, jpw, mag, mic, mip, msp, nav, ncd, odc, odi, opf, qif, qtiq, srf, xwd, abw, act, adt, aim, ans, asc, ase, bdp, bdr, bib, boc, crd, diz, dot, dotm, dotx, dvi, dxe, mlx, err, euc, faq, fdr, fds, gthr, idx, kwd, lp2, ltr, man, mbox, msg, nfo, now, odm, oft, pwi, rng, rtx, run, ssa, text, unx, wbk, wsh, 7z, arc, ari, arj, car, cbr, cbz, gz, gzig, jgz, pak, pcv, puz, r00, r01, r02, r03, rev, sdn, sen, sfs, sfx, sh, shar, shr, sqx, tbz2, tg, tlz, vsi, wad, war, xpi, z02, z04, zap, zipx, zoo, ipa, isu, jar, js, udf, adr, ap, aro, asa, ascx, ashx, asmx, asp, aspx, asr, atom, bml, cer, cms, crt, dap, htm, moz, svr, url, wdgt, abk, bic, big, blp, bsp, cgf, chk, col, cty, dem, elf, ff, gam, grf, h3m, h4r, iwd, ldb, lgp, lvl, map, md3, mdl, mm6, mm7, mm8, nds, pbp, ppf, pwf, pxp, sad, sav, scm, scx, sdt, spr, sud, uax, umx, unr, uop, usa, usx, ut2, ut3, utc, utx, uvx, uxx, vmf, vtf, w3g, w3x, wtd, wtf, ccd, cd, cso, disk, dmg, dvd, fcd, flp, img, iso, isz, md0, md1, md2, mdf, mds, nrg, nri, vcd, vhd, snp, bkf, ade, adpb, dic, cch, ctt, dal, ddc, ddcx, dex, dif, dii, itdb, itl, kmz, lcd, lcf, mbx, mdn, odf, odp, ods, pab, pkb, pkh, pot, potx, pptm, psa, qdf, qel, rgn, rrt, rsw, rte, sdb, sdc, sds, sql, stt, t01, t03, t05, tcx, thmx, txd, txf, upoi, vmt, wks, wmdb, xl, xlc, xlr, xlsb, xltx, ltm, xlwx, mcd, cap, cc, cod, cp, cpp, cs, csi, dcp, dcu, dev, dob, dox, dpk, dpl, dpr, dsk, dsp, eql, ex, f90, fla, for, fpp, jav, java, lbi, owl, pl, plc, pli, pm, res, rnc, rsrc, so, swd, tpu, tpx, tu, tur, vc, yab, 8ba, 8bc, 8be, 8bf, 8bi8, bi8, 8bl, 8bs, 8bx, 8by, 8li, aip, amxx, ape, api, mxp, oxt, qpx, qtr, xla, xlam, xll, xlv, xpt, cfg, cwf, dbb, slt, bp2, bp3, bpl, clr, dbx, jc, potm, ppsm, prc, prt, shw, std, ver, wpl, xlm, yps, md3.

System Requirements:

No special requirements.
Program Release Status: Major Update
Program Install Support: Install and Uninstall

XoristDecryptor Tags:

Click on a tag to find related softwares

Is XoristDecryptor your software?

Manage your software

Most Popular

windows default icon Hotspot Shield 3.20
Hotspot Shield : ensure you are private, secure, and anonymous online!
McAfee SuperDAT Update 7354 icon McAfee SuperDAT Update 7354
McAfee virus pattern and engine updates.
Avira Antivir Virus Definition File Update 19-02-2014 icon Avira Antivir Virus Definition File Update 19-02-2014
A comprehensive, easy to use antivirus program, designed to offer reliable virus protection to home-users only... Read more
windows default icon Hack password 1.0.1
Hides the windows password character. Finally you can see what you type.
windows default icon Quick Heal AntiVirus 2012
Quick Heal AntiVirus 2010, with its intuitive and easy-to-use interface

Related Category

» Access Control (455)
» Firewalls (60)
» Other (1171)