Tuesday, August 14, 2012

Remove W32/XDocCrypt.a and decode MS files encrypted with RC4 method

W32/XDocCrypt.a typically comes as a content attached to spam email. In some versions of email mangers installed onto computer system the attachment is able to exploit vulnerabilities and crawl into the memory.
The malware modifies MS data files using RC4 coding method, including Word, Excel. It also targets some executables. On completing the modification, the resulted files get another extension.
Original technology does not provide for the removal of W32/XDocCrypt.a on terms of undoing the modifications to the files affected, as well as may fail to encompass every instance of the worm. Click here in order to initiate free scan and get rid of W32/XDocCrypt.a restoring encrypted with RC4 algorithm and eliminating the source of encryption. 

No comments: