Cybercriminals use Trojan-Ransom.Win32.Rector for disrupting the normal performance of computers and for unauthorized modification of data making it unusable. Once the data has been taken hostage (blocked), its owner (user) receives a ransom demand. The victim is supposed to deliver the ransom in exchange for pirate's promise to send a utility that would restore the data or repair the PC.
Kaspersky Lab specialists have developed a special utility for decrypting the data encrypted by Trojan-Ransom.Win32.Rector. The utility has a GUI.
Do the following to decrypt files encrypted by Trojan-Ransom.Win32.Rector:
Download the utility RectorDecryptor.zip to an infected computer;
Extract its content using an archiver (WinZip, e.g.);
Run the file RectorDecryptor.exe; The utility starts working by clicking the button Start scan.
It finds and decrypts encrypted files. Select the option Delete crypted files after decryption to delete copies of encrypted files with extensions .vscrypt, .infected, .bloc, .korrektor, etc. after successful decryption.