Utility for decrypting files affected by Trojan-Ransom.Win32.Rannoh infection

Posted on Updated on

The RannohDecryptor utility allows decrypting files affected by Trojan-Ransom.Win32.Rannoh infection.

How to use the utility

  1. Run RannohDecryptor.exe.
  2. Click Start scan to begin the process.
  3. To delete copies of encrypted files named like “locked-<original_name>.<4 random characters>” after a successful decryption, use the option Delete crypted files after decryption.
  4. By default, the utility log is saved on system disk (the one with the operating system installed).
    Log file name is UtilityName.Version_Date_Time_log.txt.
    For example, C:\RannohDecryptor.1.1.0.0_02.05.2012_15.31.43_log.txt

Command line options:

-l <log_file_name> – create a log file with given name.
-y – close the utility after decryption.

Free KAV antivirus utilities

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s