erixniko 0 Posted July 21, 2014 Share Posted July 21, 2014 Hello I have problem with that malvare I have infected server with that virus.How i understand that malware be infected throught RDP Sign of infection be a web page in startup for instruction how to deactivate all and archive many files with password ((!! to get password email id 639079408 to fshelpinfo@gmail.com !!).exe ) and database files too I read in forums what can help Kaspersky removall tools. XoristDecryptor.exe. But when open and place that rar file as pach . Then nothing find Maybe anyone have a idea. What can i doo to desinfected that files ??? With best regards Eriks from Latvia Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted July 21, 2014 Administrators Share Posted July 21, 2014 If I'm not mistaken, it's detected by ESET as Win32/Filecoder.NAC. If that's the case, it should be possible to decrypt at least some files. Please email an example of an encrypted file to samples[at]eset.com. What oper. system do you use? Link to comment Share on other sites More sharing options...
sempre 0 Posted August 20, 2014 Share Posted August 20, 2014 If I'm not mistaken, it's detected by ESET as Win32/Filecoder.NAC. If that's the case, it should be possible to decrypt at least some files. Please email an example of an encrypted file to samples[at]eset.com. What oper. system do you use? Hello! Detested by Win32/Filecoder.NAC is files archive many files with password ((!! to get password email id xxxxxxxx to brhelpinfo@gmail.com !!).exe ) Help-me?? Link to comment Share on other sites More sharing options...
Diego Araujo 0 Posted June 9, 2015 Share Posted June 9, 2015 Hello,Any news on this case? I am having the same problem my server was hacked and apparently all files were encrypted. We had ESET File Security for Microsoft Windows Server installed on the server, the operating system is Windows Server 2003 STD.I look back and appreciate the attention. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted June 9, 2015 Administrators Share Posted June 9, 2015 Hello, Any news on this case? I am having the same problem my server was hacked and apparently all files were encrypted. We had ESET File Security for Microsoft Windows Server installed on the server, the operating system is Windows Server 2003 STD. I look back and appreciate the attention. The only 100% reliable protection against Filecoders are regular backups of important files. You can submit a couple of encrypted files (ideally doc or xls files), files with payment instructions and the output from ESET Log Collector to samples[at]eset.com so that we can check if there's a chance to decode them. Also I'd suggest upgrading to EFSW v6 and keeping LiveGrid enabled for maximum protection. Link to comment Share on other sites More sharing options...
Recommended Posts