Les informations contenues dans cette rubrique de notre site web sont constamment mises à jour. Afin de vous garantir un contenu le plus actualisé possible, elles sont uniquement diffusées en anglais.

Virus Profile: Ransom-N

Threat Search
Imprimer
   
Virus Profile information details
Risk Assessment: Home Low-Profiled | Corporate Low-Profiled
Date Discovered: 03/11/2009
Date Added: 03/11/2009
Origin: N/A
Length: Varies
Type: Trojan
Subtype: Trojan
DAT Required: 5792
Removal Instructions
   
 
 
   

Description

-- Update November 3, 2009 --
The risk assessment of this threat has been updated to Low-Profiled due to media attention at:
http://www.theregister.co.uk/2009/11/03/ransomware_ruse/

--

Ransom-N is a Trojan that on execution encrypts all the recently used files on the user's system.The user has to pay for the attackers' software to decrypt and recover their files.

Indication of Infection

Presence of files with the ".vicrypt" extension on the user's system.

Methods of Infection

Trojans are not viruses, and as such do not contain any method to replicate by themselves. However they may be downloaded by other viruses and/or Trojans to be installed on the user's system. Alternatively they may be installed by visiting a malicious web page (either by clicking on a link, or by the website hosting a scripted exploit which installs the malwares).

Aliases

Trojan.Ramvicrype (Symantec)
   

Virus Characteristics

Ransom-N is a Trojan that on execution encrypts all the recently used files on the user's system. The encrypted files are renamed with a ".vicrypt" extension.

Further the user is shown error messages like this:

The Trojan runs in the background and keeps encrypting files as they are used.

   

All Users:
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

   

Un ordinateur infecté ? Obtenez l'aide d'un expert !

McAfee
Service de suppression des virus

Contactez l'un de nos spécialistes en sécurité par téléphone. Regardez votre PC pendant que nous résolvons le problème à distance.

$89.95 (USD)

Publicité