Trojan-Ransom.Win32.Rector malware encrypts JPG, DOC, PDF and RAR files on a computer and demands ransom for decryption. To decrypt the files encrypted by malware, use the Kaspersky RectorDecryptor tool.
To avoid infection:
- Download and install Kaspersky Internet Security, which will protect your computer against screen-locking and file-encrypting malware.
- Follow the instructions in this article.
How to decrypt files with Kaspersky RectorDecryptor
- Download the Kaspersky RectorDecryptor tool.
- Run RectorDecryptor.exe on the infected computer.
- Carefully read the Kaspersky Lab End User License Agreement. Click Accept if you agree with all the points.
- Click Change parameters.
- Select the checkbox Delete crypted files after decryption to delete the copies of the encrypted files with VSCRYPT, INFECTED, BLOC or KORREKTOR extensions.
- Click OK.
- Copy the encrypted files to one folder (if folder extensions haven’t been changed by malware).
- Click Start scan.
- Specify the path to the encrypted file or to the folder with encrypted files.
Files will be decrypted and their copies will be deleted.
The report will be created on a system drive (usually, disk C:\). The report is saved under the following name: RectorDecryptor.Tool_version_Date_Time_log.txt.
What to do if the tool did not help
If the tool didn’t help, contact Kaspersky technical support by choosing the topic and filling out the form.
Source : Official Kaspersky Brand
Editor by : BEST Antivirus KBS Team
(Visited 26 times, 1 visits today)