“Doctor Web” created an utility for restoring files damaged by Trojan attacksMonday, September 15th, 2008 at 12:14 pm
A new Trojan program Trojan.Encoder.21 (quite similar to the previous Encoder.19 version) has been detected by Doctor Web. Encoder.19’s principle of functioning is similar to Gpcode that was recently discovered by Kaspersky’s lab. The virus encrypts user files (.jpg, .psd, .cdr, .mov, .doc, .xls, .ppt, .rar, .zip, .mp3, .pdf, etc) stored on the hard drives, and the files become inaccessible. After encryption is performed, the virus creates the “crypted.txt” file that demands the user to pay $89 for a decoder, using a specific payment system. The previous versions of the virus used temporary links, while the new version is constantly stored on some websites (already known as Trojan-“distributing”). This can enable the virus to spread more quickly than before. Experts do not recommend paying the bleeders. Doctor Web created a free utility te19decrypt.exe that decodes the encrypted files and creates new versions without “.crypt” ending. The utility has a graphic interface module that makes the program very handy.
You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.