Koj cov ntaub ntawv tau raug muab tshaj tawm - yuav ua li cas?

Ib qho ntawm cov teeb meem nyob rau niaj hnub no yog Trojan los yog tus kab mob uas nkag mus cov ntaub ntawv ntawm tus neeg siv lub disk. Qee cov ntaub ntawv no tuaj yeem decrypted, thiab qee qhov tseem tsis tau. Phau ntawv qhia muaj cov algorithms ua tau rau kev nqis tes ua nyob rau ob qho xwm txheej, txoj hauv kev los txiav txim ib hom kev txheeb ze ntawm Tsis Muaj Ntxiv Ransom thiab ID Ransomware cov kev pabcuam, nrog rau lub ntsiab lus luv luv ntawm cov haujlwm rau kev tiv thaiv tiv thaiv tus kab mob ransomware.

Muaj ntau qhov kev hloov kho ntawm cov kab mob zoo li no lossis ransomware Trojans (thiab cov tshiab tau tshwm sim tas li), tab sis cov ntsiab lus dav dav ntawm kev ua haujlwm rwj mus rau qhov tseeb tias tom qab kev txhim kho ntawm koj lub khoos phis tawj koj cov ntaub ntawv, cov duab thiab lwm cov ntaub ntawv tseem ceeb tau muab zais nrog kev hloov pauv txuas ntxiv thiab tshem cov ntawv qub, tom qab uas koj tau txais cov lus hauv readme.txt ntawv uas tag nrho koj cov ntaub ntawv tau raug encrypted, thiab rau decrypt lawv koj yuav tsum xa qee qhov nyiaj mus rau tus neeg tawm tsam. Nco tseg: Windows 10 Lub Caij Nplooj Ntoos Zeeg Tsim Tshiab hloov tshiab muaj kev tiv thaiv tiv thaiv tus kab mob ransomware.

Yuav ua li cas yog tias txhua cov ntaub ntawv tseem ceeb tau muab zais

Txog cov pib, qee cov ncauj lus dav dav rau cov uas tau sau cov ntawv tseem ceeb hauv lawv lub computer. Yog tias cov ntaub ntawv tseem ceeb ntawm koj lub khoos phis tawm tau muab zais, tom qab ntawd ua ntej, tsis txhob ntshai.

Yog tias koj muaj cov sijhawm zoo ntawd, los ntawm lub koos pij tawj ntawm lub pl thaiv uas tus kab mob ransomware tau tshwm sim, luam qhov chaw mus rau lwm qhov chaw sab nraud (USB flash drive) ib qho piv txwv ntawm cov ntaub ntawv nrog tus neeg siv cov ntawv thov rau decryption, ntxiv rau qee daim ntawv luam ntawm cov ntawv zais, thiab tom qab ntawd, cov cib fim, tua lub khoos phis tawm kom tus kab mob txuas tsis tau txuas mus txuas ntxiv cov ntaub ntawv, thiab ua cov haujlwm tseem tshuav hauv lwm lub computer.

Cov kauj ruam tom ntej yog siv cov ntaub ntawv uas twb muaj lawm cov ntaub ntawv tawm kom paub meej txog hom kab mob zais koj cov ntaub ntawv: rau qee tus lawv muaj tus lej txiav txim (qee qhov kuv yuav qhia ntawm no, qee qhov muaj npe ze ntawm qhov kawg ntawm tsab xov xwm), rau qee qhov - tseem tsis tau. Tab sis txawm tias qhov xwm txheej no, koj tuaj yeem xa cov piv txwv ntawm cov ntaws tawm cov ntaub ntawv mus rau lub chaw soj ntsuam tiv thaiv kab mob (Kaspersky, Dr. Web) rau kev tshuaj xyuas.

Yuav ua li cas kom paub meej? Koj tuaj yeem ua qhov no siv Google, pom pom cov lus sib tham lossis hom cryptor los ntawm kev sib txuas lus ntxiv. Cov kev pabcuam kuj tau pib tshwm sim los txiav txim siab txog hom phiaj ntawm ransomware.

Tsis muaj nqe dua

Tsis Muaj Ntxiv Kev Ransom yog ib qho kev txhim kho uas muaj kev txhawb nqa los ntawm kev tsim kev ruaj ntseg thiab muaj nyob rau hauv Lavxias version, tsom mus rau kev sib ntaus cov kab mob nrog ransomware (ransomware Trojans).

Yog tias muaj kev vam meej, Tsis Muaj Peev Xwm ntxiv tuaj yeem pab txiav koj cov ntawv, cov chaw khaws ntaub ntawv, cov duab thiab lwm yam ntaub ntawv, rub tawm cov txheej txheem txiav tawm tsim nyog, thiab tseem tau txais cov ntaub ntawv uas yuav pab kom tsis txhob muaj kev hem thawj yav tom ntej.

Ntawm Tsis Muaj Ransom Ntxiv, koj tuaj yeem sim decrypt koj cov ntaub ntawv thiab txiav txim siab hom encryption yam li hauv qab no:

1. Nyem "Yes" rau ntawm nplooj ntawv tseem ceeb ntawm kev pab www.nomoreransom.org/en/index.html
2. Nplooj ntawv Crypto Sheriff qhib, qhov twg koj tuaj yeem rub tawm cov piv txwv ntawm cov ntaub ntawv tsis muaj ntau dua 1 MB hauv qhov loj me (Kuv pom zoo rub tawm yam tsis muaj cov ntaub ntawv tsis pub lwm tus paub), nrog rau sau cov chaw nyob email lossis cov chaw uas cov scammers xav tau tus nqe txhiv (lossis rub cov ntaub ntawv readme.txt los ntawm yuav tsum tau).
3. Nyem "Kos" khawm thiab tos rau daim tshev kom tiav thiab nws cov txiaj ntsig.

Ib qho ntxiv, cov ntu muaj nyob rau ntawm lub xaib:

• Decryptors yuav luag txhua qhov kev siv tam sim no rau decrypting cov ntaub ntawv encrypted los ntawm cov kab mob.
• Kev tiv thaiv kev kis kab mob - cov ntaub ntawv tsuas yog siv los ntawm cov siv novice, uas tuaj yeem pab zam kev kis mob rau yav tom ntej.
• Cov lus nug thiab lus teb - cov ntaub ntawv rau cov neeg uas xav kom nkag siab zoo dua kev ua haujlwm ntawm ransomware virus thiab kev ua haujlwm nyob rau kis thaum koj ntsib qhov tseeb tias cov ntaub ntawv hauv lub koos pis tawj tau muab zais.

Niaj hnub no, Tsis Muaj Ntxiv Ransom yog tej zaum qhov tseem ceeb tshaj plaws thiab muaj peev txheej muaj feem cuam tshuam txog kev txiav txim siab cov ntaub ntawv rau cov neeg siv Lavxias hais lus, Kuv pom zoo.

Ransomware ID

Lwm qhov kev pabcuam no yog //id-ransomware.malwarehunterteam.com/ (txawm tias kuv tsis paub tias nws ua haujlwm zoo npaum li cas rau cov lus Lavxias-hom lus ntawm tus kabmob, tabsis nws tsimnyog sim, pub rau cov kev pabcuam ua piv txwv ntawm cov ntawv (encrypted file thiab cov ntawv sau nrog cov ntawv thov them tus nqi)).

Tom qab txiav txim siab txog hom encryption, yog tias koj ua tiav, sim nrhiav kom tau cov nqi hluav taws xob rau kev txiav txim siab cov kev xaiv no raws li cov lus nug xws li: Decryptor encryption_type. Cov peev xwm zoo li no yog pub dawb thiab tawm los ntawm cov tsim tawm antivirus, piv txwv li, ntau qhov kev siv tau nyob ntawm Kaspersky lub vev xaib //support.kaspersky.ru/viruses/utility (lwm yam kev siv hluav taws xob tau ze rau qhov kawg ntawm tsab xov xwm). Thiab, raws li tau hais dhau los, tsis txhob yig tau hu rau tus tiv thaiv cov kab mob tsim tawm ntawm lawv cov kev sib tham lossis mus rau qhov kev pabcuam txhawb nqa los ntawm kev xa ntawv.

Hmoov tsis zoo, txhua qhov no tsis tas yuav pab thiab tsis muaj ib txwm ua haujlwm cov ntaub ntawv txiav txim ntawm tus kheej. Hauv qhov xwm txheej no, cov xwm txheej txawv: ntau tus them tus neeg tawm tsam, txhawb lawv kom txuas ntxiv cov haujlwm no. Cov kev zov me nyuam rau kev rov qab cov ntaub ntawv hauv computer pab qee tus neeg siv (txij li muaj kab mob, los ntawm kev ua cov ntawv zais), txiav tawm cov ntaub ntawv tseem ceeb, uas yog hais txog qhov rov qab ua tau).

Cov ntaub ntawv hauv lub koos pis tawj hloov nyob rau hauv xtbl

Ib qho ntawm cov hloov tshiab tshaj plaws ntawm tus kab mob ransomware nkag rau cov ntaub ntawv, hloov lawv nrog cov ntawv nrog qhov txuas ntxiv .xtbl thiab ib lub npe uas muaj cov cim ntawm cov cim.

Nyob rau tib lub sijhawm ntawd, cov ntawv nyeem readme.txt tau muab tso rau hauv lub computer nrog cov ntsiab lus hauv qab no: "Koj cov ntaub ntawv tau raug muab zais lawm. Yuav kom txiav txim siab ntawm lawv, koj yuav tsum xa cov lej rau email chaw nyob [email protected], [email protected] lossis [email protected] Koj yuav tau txais tag nrho cov lus qhia tsim nyog. Kev sim txiav txim siab ntawm cov ntaub ntawv koj tus kheej yuav ua rau cov ntaub ntawv tsis muaj qhov tsis txaus ntseeg "(qhov chaw nyob xa ntawv thiab cov ntawv yuav txawv).

Hmoov tsis, tam sim no tsis muaj txoj hauv kev rau decrypt .xtbl (sai li sai tau, qhov kev qhia yuav raug kho dua tshiab). Qee tus neeg siv uas muaj cov ntaub ntawv tseem ceeb ntawm lawv lub koos pij tawj tau tshaj tawm txog cov xov xwm tiv thaiv tus kabmob kasmoos uas lawv tau xa cov ntawv sau txog tus kab mob 5,000 rubles lossis lwm tus nqi uas yuav tsum tau thiab tau txais tus lej txiav tawm, tab sis qhov no muaj kev pheej hmoo heev: koj yuav tsis tau dab tsi.

Yuav ua li cas yog tias cov ntaub ntawv tau hloov hauv hauv .xtbl? Kuv cov lus pom zoo yog li hauv qab no (tab sis lawv txawv ntawm cov nyob hauv ntau lwm qhov chaw them yug, qhov twg, piv txwv li, lawv pom zoo kom tshem tawm lub computer tam sim ntawd los ntawm lub hwj huam los yog tsis tshem tus kab mob. Hauv kuv lub tswv yim, qhov no tsis tsim nyog, thiab nyob rau qee qhov xwm txheej muaj txawm tias teeb meem, txawm li cas los xij, koj txiav txim siab.):

1. Yog tias koj tuaj yeem, cuam tshuam cov txheej txheem encryption los ntawm kev tshem tawm cov haujlwm uas tau ua hauv tus thawj tswj haujlwm, txiav tawm lub khoos phis tawm ntawm Is Taws Nem (qhov no yuav yog qhov tsim nyog rau kev siv encryption)
2. Nco ntsoov lossis sau cov cai uas cov neeg tawm tsam yuav tsum xa mus rau qhov chaw nyob email (tsuas yog tsis nyob hauv kab ntawv ntawm lub computer xwb, tsuas yog tias nws tseem tsis tig los ua qhov yuam kev).
3. Siv Malwarebytes Antimalware, ib qho kev sim ntawm Kaspersky Internet Security lossis Dr.Web Kho Nws, tshem tus kab mob tawm ntawm cov ntaub ntawv (txhua yam ntawm cov cuab yeej tau teev tseg tuaj yeem ua qhov no zoo). Kuv qhia koj kom lem rov qab siv thawj zaug thiab thib ob cov khoom los ntawm cov npe (txawm li cas los xij, yog tias koj muaj qhov thaiv kev tiv thaiv, txhim kho qhov thib ob “txij saud” yog qhov tsis tsim nyog, vim nws tuaj yeem ua rau muaj teeb meem hauv lub computer.)
4. Cia siab tias lub decryptor los ntawm cov tuam txhab tiv thaiv kab mob tshwm sim. Hauv ntej ntawm no yog Kaspersky Lab.
5. Koj tseem tuaj yeem xa ib qho piv txwv ntawm cov ntawv luam tawm (encrypted file) thiab tus lej xav tau [email protected]yog tias koj muaj daim ntawv luam tawm ntawm tib cov ntaub ntawv hauv daim foos tsis xaj nrog, xa nws dhau. Hauv txoj kev xav, qhov no tuaj yeem ua kom pom qhov nrawm ntawm qhov kev txiav txim siab.

Dab tsi yuav tsum tsis txhob ua:

• Hloov npe cov ntawv hloov tshiab, hloov pauv txuas ntxiv thiab muab rho tawm yog tias lawv yog qhov tseem ceeb rau koj.

Ntawd yog tej zaum txhua yam kuv tuaj yeem hais txog ntaub ntawv encrypted nrog .xtbl txuas ntxiv ntawm lub sijhawm no.

Ntaub ntawv tau encrypted zoo_call_saul

Tus kab mob tshiab ntawm ransomware yog Qhov Zoo Tshaj yog Xa-u (Trojan-Ransom.Win32.Shade), uas yog nruab ib .better_call_saul txuas ntxiv rau cov ntaub ntawv tawm. Yuav ua li cas rau decrypt cov ntaub ntawv zoo li no tseem paub tsis meej. Cov neeg siv uas tau hu rau Kaspersky Lab thiab Dr.Web tau txais cov ntaub ntawv hais tias qhov no tseem tsis tuaj yeem ua tiav (tab sis tseem sim xa nws - ntau cov piv txwv ntawm cov ntawv zais ntawm cov neeg tsim tawm = tseem yuav nrhiav txoj hauv kev).

Yog tias nws hloov tawm tias koj pom txoj kev decryption (uas yog, nws tau tshaj tawm rau qee qhov, tab sis kuv tsis ua raws nws), thov qhia cov lus hauv cov lus.

Trojan-Ransom.Win32.Aura thiab Trojan-Ransom.Win32.Rakhni

Cov nram qab no Trojan uas nkag tau cov ntaub ntawv thiab teeb tsa txuas ntxiv los ntawm daim ntawv:

• .cov
• .crypto
• .kraken
• .AES256 (tsis tas yuav tsum tau siv cov Trojan, muaj lwm tus txhim kho qhov txuas ntxiv).
• .codercsu @ gmail_com
• .enc
• .oshooj
• Thiab lwm tus.

Txhawm rau txiav txim siab cov ntaub ntawv tom qab kev ua haujlwm ntawm cov kab mob no, Kaspersky lub vev xaib muaj cov nqi hluav taws xob ua haujlwm siv NigerniDecryptor, muaj nyob rau ntawm nplooj ntawv official //support.kaspersky.ru/viruses/disinfection/10556.

Kuj tseem muaj cov lus qhia ntxaws qhia txog kev siv hluav taws xob no, qhia yuav ua li cas thiaj rov qab tau cov ntaub ntawv tawm, los ntawm qhov uas kuv xav kom tshem tawm cov kev xaiv "Rho tawm cov ntaub ntawv tawm tom qab ua tiav decryption" (txawm hais tias kuv xav tias txhua yam yuav zoo nrog xaiv xaiv).

Yog tias koj muaj daim ntawv tso cai Dr.Web antivirus, koj tuaj yeem siv daim ntawv rho tawm dawb los ntawm lub tuam txhab no ntawm //support.drweb.com/new/free_unlocker/

Ntau qhov sib txawv ntawm cov kab mob ransomware

Tsawg tsawg dua, tab sis kuj tseem muaj cov npe hauv qab no uas hloov cov ntaub ntawv thiab yuav tsum tau nyiaj rau decryption. Cov kab ntawv txuas no tsis yog muaj cov kev siv hluav taws xob nkaus xwb rau koj cov ntaub ntawv rov qab, tab sis kuj piav qhia txog cov cim uas yuav pab txiav txim siab tias koj muaj tus kab mob no tshwj xeeb. Txawm hais tias nyob rau hauv dav dav, txoj kev zoo: siv Kaspersky Anti-Virus, luam theej duab cov kab ke, nrhiav kom paub lub npe Trojan los ntawm kev faib tawm ntawm lub tuam txhab no, thiab tom qab ntawd nrhiav cov nqi hluav taws xob los ntawm lub npe no.

• Trojan-Ransom.Win32.Rector - free RectorDecryptor decryption utility thiab phau ntawv qhia siv muaj nyob ntawm no: //support.kaspersky.ru/viruses/disinfection/4264
• Trojan-Ransom.Win32.Xorist - ib tus Trojan zoo sib xws uas qhia lub qhov rai kom koj xa ib qho SMS them lossis tiv tauj rau hauv email kom tau txais cov lus qhia decryption. Cov lus qhia kom rov ua cov ntaub ntawv encrypted thiab XoristDecryptor cov khoom siv rau qhov no muaj nyob rau ntawm //support.kaspersky.ru/viruses/disinfection/2911
• Trojan-Ransom.Win32.Rannoh, Trojan-Ransom.Win32.Fury - nqi hluav taws xob RannohDecryptor //support.kaspersky.ru/viruses/disinfection/8547
• Trojan.Encoder.858 (xtbl), Trojan.Encoder.741 thiab lwm tus uas muaj tib lub npe (thaum tshawb los ntawm Dr.Web antivirus lossis Kho Nws nqi hluav taws xob) thiab nrog cov lej sib txawv - sim tshawb Is Taws Nem rau lub npe ntawm Trojan. Rau qee qhov ntawm lawv muaj Dr.Web decryption hlauv taws xob, tseem, yog tias koj tsis tuaj yeem nrhiav pom cov nqi hluav taws xob, tab sis muaj Dr.Web daim ntawv tso cai, koj tuaj yeem siv nplooj ntawv official //support.drweb.com/new/free_unlocker/
• CryptoLocker - los txiav txim siab cov ntaub ntawv tom qab CryptoLocker ua haujlwm, koj tuaj yeem siv lub xaib //decryptcryptolocker.com - tom qab xa cov qauv ntaub ntawv, koj yuav tau txais tus yuam sij thiab qhov nqi hluav taws xob rau rov qab koj cov ntaub ntawv.
• Rau ntawm tus xaib//bitbucket.org/jadacyrus/ransomwareremovalkit/rub mus saib tau Ransomware Tshem Tawm Cov Khoom Siv - cov ntaub ntawv loj loj nrog cov ntaub ntawv ntawm ntau hom encryption thiab decryption hlauv taws xob (ua lus Askiv)

Zoo, los ntawm cov xov xwm tshiab tshaj tawm - Kaspersky Lab, ua ke nrog cov tub ceev xwm los ntawm Netherlands, tsim Ransomware Decryptor (//noransom.kaspersky.com) los txiav txim siab cov ntaub ntawv tom qab CoinVault, tab sis qhov no ransomware tseem tsis tau tshwm sim hauv peb cov latitudes.

Ransomware lossis ransomware tiv thaiv tus kab mob

Raws li Ransomware kis tau, ntau lub tuam txhab tsim tawm ntawm antivirus thiab anti-malware cov cuab yeej pib tshaj tawm lawv tus kheej cov kev daws teeb meem kom tiv thaiv tsis tau cov zais ntawm kev ua haujlwm ntawm lub khoos phis tawm, ntawm cov no:

• Malwarebytes Anti-Ransomware
• BitDefender Anti-Ransomware
• WinAntiRansom

Thawj ob tus tseem nyob hauv beta version, tab sis pub dawb (nyob rau tib lub sij hawm lawv txhawb cov lus txhais ntawm tsuas yog muaj kev txwv cov kab mob ntawm cov hom no - TeslaCrypt, CTBLocker, Locky, CryptoLocker. WinAntiRansom yog cov khoom lag luam them nyiaj uas cog lus tias yuav tiv thaiv tsis tau encryption los ntawm yuav luag txhua tus qauv ntsuas, muab kev tiv thaiv ob leeg hauv nroog thiab network drives.

Tab sis: cov kev pab no tsis yog tsim rau decryption, tab sis tsuas yog los tiv thaiv encryption ntawm cov ntaub ntawv tseem ceeb hauv lub computer. Txawm li cas los xij, nws zoo li rau kuv tias cov haujlwm no yuav tsum raug siv rau hauv cov khoom lag luam tawm tsam, tsis li nws yog qhov xwm txheej txawv: tus neeg siv yuav tsum muaj anti-virus, lub cuab yeej los tawm tsam AdWare thiab Malware, thiab tam sim no tseem muaj Anti-ransomware company, ntxiv rau thaum kis siv.

Los ntawm txoj kev, yog tias nws cia li hloov tawm tias koj muaj qee yam ntxiv (vim tias kuv tsis tuaj yeem taug qab qhov tshwm sim nrog cov kev qhia tawm), ceeb toom hauv cov lus, cov ntaub ntawv no yuav muaj txiaj ntsig rau lwm tus siv uas tau ntsib teeb meem.