Download Avast Ransomware Decryption Tools - A collection of Avast ransomware decryption tools that can help decrypt files encrypted by different forms of ransomware
Avast Ransomware Decryption Tools is a collection of free Avast ransomware decryption tools that can help decrypt files encrypted by different forms of ransomware.
- AES_NI is a ransomware strain that first appeared in December 2016. Since then, we’ve observed multiple variants, with different file extensions. For encrypting files, the ransomware uses AES-256 combined with RSA-2048.
- Alcatraz Locker is a ransomware strain that was first observed in the middle of November 2016. For encrypting user's files, this ransomware uses AES 256 encryption combined with Base64 encoding.
- Apocalypse is a form of ransomware first spotted in June 2016.
- BadBlock is a form of ransomware first spotted in May 2016
- Bart is a form of ransomware first spotted at the end of June 2016.
- Acknowledgement: We'd like to thank Peter Conrad, author of PkCrack, who granted us permission to use his library in our Bart decryption tool.
- BigBobRoss encrypts user's files using AES128 encryption. The encrypted files have new extension ".obfuscated" appended at the end of the file name.
- BTCWare is a ransomware strain that first appeared in March 2017. Since then, we observed five variants, that can be distinguished by encrypted file extension. The ransomware uses two different encryption methods – RC4 and AES 192.
- Crypt888 (also known as Mircop) is a form of ransomware first spotted in June 2016.
- CryptoMix (also known as CryptFile2 or Zeta) is a ransomware strain that was first spotted in March 2016. In early 2017, a new variant of CryptoMix, called CryptoShield emerged. Both variants encrypt files by using AES256 encryption with a unique encryption key downloaded from a remote server.
- CrySiS (JohnyCryptor, Virus-Encode, Aura, Dharma) is a ransomware strain that has been observed since September 2015. It uses AES-256 combined with RSA-1024 asymmetric encryption.
- EncrypTile is a ransomware that we first observed in November of 2016. After a half-year development, we caught a new, final version of this ransomware. It uses AES-128 encryption, using a key that is constant for a given PC and user.
- Globe HiddenTear
- Legion NoobCrypt