Koj cov ntaub ntawv tau raug encrypted - dab tsi ua?

Ib qho teeb meem tshaj plaws ntawm malware hnub no yog trojan los yog kab mob uas encrypts ntaub ntawv ntawm tus neeg siv disk. Ib co ntawm cov ntaub ntawv no tau decrypted, thiab ib txhia - tseem tsis tau. Phau ntawv muaj cov ntsiab lus tau ua rau kev ua yeeb yam hauv ob qho xwm txheej, txoj kev los txiav txim siab txog hom kev encryption ntawm No Cov Kev Tsis Pom Zoo Ntxiv thiab ID Ransomware, nrog rau cov ntsiab lus luv luv ntawm kev tiv thaiv kab mob software tiv thaiv (ransomware).

Muaj ntau cov kev hloov kho ntawm cov kab mob los yog ransomware Trojans (thiab cov tshiab tuaj yeem tshwm sim), tiam sis qhov feem ntau ntawm txoj hauj lwm yog tias tom qab kev txhim kho cov ntaub ntawv, cov duab thiab lwm cov ntaub ntawv uas tseem ceeb, lawv yog encrypted nrog tus extension thiab deletion ntawm cov thawj cov ntaub ntawv. ces koj tau txais cov lus nyob rau hauv readme.txt cov ntaub ntawv hais tias tag nrho koj cov ntaub ntawv tau raug encrypted, thiab kom decrypt lawv koj yuav tsum xa ib tus nqi rau tus attacker. Ceeb toom: Qhov rai 10 Fall Creators Hloov tshiab tam sim no muaj kev tiv thaiv thaiv kab mob tiv thaiv kab mob.

Yog tias tag nrho cov ntaub ntawv tseem ceeb yog encrypted

Rau cov pib, qee cov ntaub ntawv rau encrypting cov ntaub ntawv tseem ceeb ntawm koj lub computer. Yog tias cov ntaub ntawv tseem ceeb ntawm koj lub computer tau encrypted, ces ua ntej ntawm txhua yam koj yuav tsum tsis txhob panic.

Yog tias koj muaj lub sijhawm no, luam cov ntaub ntawv thov nrog cov ntawv nyeem los ntawm tus neeg tawm tsam txog kev lees paub, ntxiv rau cov ntaub ntawv ntawm cov ntaub ntawv encrypted, rau sab nraud tsav (flash drive) los ntawm lub computer disk uas tus kab mob-encryptor (ransomware) tau tshwm sim. Qhib lub koos pis tawj kom tus kab mob tseem tsis tuaj yeem rov qab muab cov ntaub ntawv ntxiv, thiab ua cov haujlwm ntxiv rau lwm lub computer.

Lub sij hawm tom ntej yog kom paub seb hom kab mob koj cov ntaub ntawv yog encrypted siv cov ntaub ntawv muaj encrypted: rau qee leej lawv muaj descramblers (qee qhov kuv yuav taw tes tawm ntawm no, ib txhia yog qhia closer rau qhov kawg ntawm tsab xov xwm), rau ib txhia - tsis tau. Tab sis txawm tias nyob rau hauv cov ntaub ntawv no, koj tuaj yeem xa cov qauv ntawm cov ntaub ntawv encrypted rau cov kev cai tshawb fawb tiv thaiv kab mob (Kaspersky, Dr. Web) rau txoj kev kawm.

Raws nraim li cas thiaj paub? Koj tuaj yeem ua tau qhov no siv Google, nrhiav kev sib tham los yog ib hom cryptographer ntawm cov ntaub ntawv txuas ntxiv. Kuj tau pib tshwm sim cov kev pabcuam los txiav txim siab txog hom kev ransomware.

Tsis Muaj Kev Tiv Thaiv Ntxiv

Tsis Muaj Cov Kev Ransom Ntau Tshaj Plaws yog ib qhov kev txhawb nqa los ntawm cov neeg tsim khoom siv kev ruaj ntseg thiab muaj nyob hauv Russian version, uas yog los mus sib tiv thaiv cov kab mob ntawm cov kws kho tshuab (Trojans-extortionists).

Muaj hmoo, Tsis muaj ntau Ransom tuaj yeem pab daws koj cov ntaub ntawv, cov chaw khaws ntaub ntawv, duab thiab lwm yam ntaub ntawv, download tau cov kev pabcuam tsim nyog rau kev sau ntawv, thiab tseem yuav tau txais cov ntaub ntawv uas yuav pab tau kom tsis txhob muaj kev hem rau yav tom ntej.

On No More Ransom, koj tuaj yeem sim ua kom decrypt koj cov ntaub ntawv thiab txiav txim seb hom kab mob encryption raws li nram no:

1. Nyem "Yes" nyob rau ntawm nplooj ntawv ntawm qhov kev pabcuam yog http://www.nomoreransom.org/ru/index.html
2. Crypto Sheriff nplooj ntawv yuav qhib, qhov twg koj tuaj yeem download tau piv txwv ntawm encrypted cov ntaub ntawv tsis loj tshaj 1 Mb ua luaj li (Kuv xav uploading tsis muaj cov ntaub ntawv npog cia), thiab kuj qhia email chaw nyob los yog qhov chaw uas fraudsters thov tus nqe txhiv (los yog download tau cov ntawv nyeem readme.txt yuav tsum tau).
3. Nias lub khawm "Check" khawm thiab tos rau daim tshev thiab qhov nws ua tiav.

Tsis tas li ntawd, lub vev xaib muaj cov nqe lus tseem ceeb:

• Decryptors - yuav luag tag nrho cov kev pabcuam tam sim no rau decrypting virus-encrypted files.
• Kev tiv thaiv ntawm tus kab mob - cov ntaub ntawv tiv thaiv feem ntau ntawm cov neeg siv ntawm novice, uas tuaj yeem pab tiv thaiv tsis tau tus kab mob yav tom ntej.
• Cov lus nug thiab cov lus teb - cov ntaub ntawv rau cov neeg uas xav kom nkag siab txog kev ua hauj lwm ntawm cov kab mob encryption thiab cov kev ua thaum muaj kev nyuaj siab tias cov ntaub ntawv ntawm koj lub computer tau encrypted.

Niaj hnub no, Tsis muaj ntau Ransom yog qhov tseem ceeb tshaj plaws thiab muaj txiaj ntsim kev pab cuam nrog rau kev sau cov ntaub ntawv rau cov neeg siv Lavxias, Kuv pom zoo.

Id ransomware

Lwm qhov kev pabcuam yog /id-ransomware.malwarehunterteam.com/ (txawm tias kuv tsis paub tias nws ua haujlwm zoo licas rau cov kabmob Lavxias-hais lus ntawm tus kabmob, tabsis nws tsim nyog los ntawm qhov kev pabcuam ntawm qhov kev pabcuam ntawm cov ntaub ntawv thiab cov ntaub ntawv uas muaj tus nqe txhiv).

Tom qab txiav txim siab txog hom cryptographer, yog tias koj ua tiav, sim nrhiav ib qho kev pabcuam kom decrypt qhov kev xaiv no rau queries zoo li: Decryptor Type_Chiler. Cov kev pabcuam no yog dawb thiab raug tsim los ntawm cov neeg tsim kev vev xaib, xws li ntau qhov kev pabcuam no nyob rau hauv Kaspersky site //support.kaspersky.ru/viruses/utility (lwm cov nqi hluav taws xob nyob ze rau qhov kawg ntawm tsab xov xwm). Thiab, raws li twb tau hais lawm, tsis txhob yig los tiv tauj cov neeg tsim tawm ntawm cov kev pabcuam antivirus hauv lawv qhov kev sib tham lossis kev pabcuam xa ntawv.

Hmoov tsis, tag nrho cov no tsis tas yuav pab thiab muaj tsis tas ua haujlwm decrypters. Hauv qhov no, qhov scenarios sib txawv: ntau them nyiaj rau cov neeg tuaj yeem, txhawb kom lawv mus txuas ntxiv mus. Qee cov neeg siv tau pab los ntawm ib qho kev pab cuam kom rov qab tau cov ntaub ntawv ntawm lub computer (vim tias tus kab mob virus, los ntawm kev ua ntaub ntawv encrypted, deletes ib txwm, cov ntaub ntawv tseem ceeb uas yuav muab theoretically zoo).

Cov ntaub ntawv ntawm lub computer yog encrypted nyob rau hauv xtbl

Ib qho ntawm cov kab variants tseeb ntawm ransomware tus kab mob encrypts ntaub ntawv, hloov lawv nrog cov ntaub ntawv nrog lub .xtbl extension thiab lub npe uas muaj cov txheej txheem ntawm cov cim random.

Tsis tas li ntawd, cov ntaub ntawv text readme.txt muab tso rau hauv lub computer nrog rau cov lus hauv qab no: "Koj cov ntaub ntawv tau encrypted .. Kom decrypt lawv, koj yuav tsum xa cov cai rau email address [email protected], [email protected] los yog [email protected]. koj yuav tau txais tag nrho cov lus qhia uas tsim nyog.Qhov kom daws tau cov ntaub ntawv koj tus kheej yuav ua rau tsis paub ntaub ntawv "(mail address thiab text yuav txawv).

Hmoov tsis, muaj tam sim no tsis muaj txoj kev decrypt .xtbl (kom sai li sai tau, cov kev qhia yuav raug hloov tshiab). Qee cov neeg siv cov ntaub ntawv tseem ceeb ntawm lawv cov ntawv xov xwm hauv computer los ntawm kev sib tham txog cov kab mob vwm uas lawv xa 5000 rubles los yog lwm tus nqi yuav tsum tau sau rau tus kws sau kab lus ntawm tus kab mob thiab tau txais kev tso cai, tab sis qhov no yog qhov txaus ntshai: koj yuav tsis tau txais dab tsi.

Yuav ua li cas yog tias cov ntaub ntawv tau encrypted hauv .xtbl? Cov lus pom zoo yog raws li hauv qab no (tab sis lawv txawv ntawm cov neeg nyob hauv ntau qhov chaw, qhov twg, piv txwv tias, lawv xav kom koj tua lub computer ntawm lub hwj chim tam sim ntawd los yog tsis tshem tus kab mob no. teeb meem, tab sis koj txiav txim siab.):

1. Yog tias koj tuaj yeem, cuam tshuam qhov txheej txheem encryption los ntawm kev tshem cov haujlwm ua haujlwm hauv tus thawj tswj haujlwm, tshem koj lub computer tawm hauv Internet (qhov no yuav yog ib qho tsim nyog rau kev encryption)
2. Nco ntsoov los yog sau cov code uas tus attackers yuav tsum xa mus rau qhov email chaw nyob (tsis yog nyob rau hauv ib phau ntawv cia hauv lub computer, hauv rooj plaub, thiaj li tias nws tseem tsis tig tawm kom tau encrypted).
3. Siv Malwarebytes Antimalware, kev sib tw ntawm Kaspersky Internet Security los yog Dr.Web Kho Nws tshem tawm cov kab mob uas encrypts ntaub ntawv (tag nrho cov cuab yeej saum toj no ua tau zoo nrog txoj haujlwm no). Kuv qhia rau koj seb koj yuav lem siv thawj zaug thiab ob yam khoom los ntawm daim ntawv (txawm tias, yog tias koj muaj ib qho antivirus, txhim kho qhov thib ob "saum toj" tsis tsim nyog, vim nws tuaj yeem ua rau muaj teeb meem hauv computer lub lag luam.)
4. Tos rau lub tuam txhab anti-virus tuaj tshwm. Ntawm lub forefront ntawm no yog Kaspersky Lab.
5. Koj tuaj yeem xa ib qho piv txwv ntawm cov ntaub ntawv encrypted thiab cov cai uas yuav tsum tau ua [email protected], yog tias koj muaj ib daim qauv ntawm cov ntaub ntawv tib yam nyob rau hauv daim ntawv tsis raug siv, xa nws mus. Hauv kev tshawb xav, qhov no tuaj yeem ua kom pom qhov zoo li lub decoder.

Yuav ua li cas tsis ua:

• Rename cov ntaub ntawv encrypted, hloov qhov ncua ntxiv thiab rho tawm yog tias lawv yog qhov tseem ceeb rau koj.

Qhov no yog tej zaum txhua yam kuv tau hais txog cov ntaub ntawv encrypted nrog .xtbl txuas ntawm qhov no thaum sij hawm.

Cov ntaub ntawv yog encrypted better_call_saul

Qhov tseeb encryption tus kab mob yog zoo hu hu ua Xaib (Trojan-Ransom.Win32.Shade), uas teev rau .better_call_saul extension rau encrypted ntaub ntawv. Yuav ua li cas kom decrypt xws li cov ntaub ntawv yog tseem tsis tau meej. Cov neeg siv hu rau Kaspersky Lab thiab Dr.Web tau txais cov ntaub ntawv tias qhov no tuaj yeem tsis ua li cas tam sim no (tab sis sim xa khoom ntxiv - ntau cov qauv ntawm cov ntaub ntawv encrypted ntawm cov neeg tsim khoom = feem ntau yuav nrhiav tau ib txoj kev).

Yog hais tias nws hloov tawm tias koj tau pom ib txoj kev los txiav txim siab (piv txwv li, nws tau muab tso rau qhov chaw, tab sis kuv tsis ua raws li), thov qhia cov lus qhia hauv cov lus.

Trojan-Ransom.Win32.Aura thiab Trojan-Ransom.Win32.Rakhni

Cov nram qab no Trojan uas encrypts ntaub ntawv thiab installs extensions ntawm daim ntawv:

• xauv
• .crypto
• .kraken
• .EES256 (tsis tas ua no trojan, muaj lwm tus uas txhim kho ntxiv tib lub sijhawm).
• .codercsu @ gmail_com
• .enc
• .oshit
• Thiab lwm tus.

Rov qab kho cov ntaub ntawv tom qab ua haujlwm ntawm cov kab mob no, Kaspersky lub website muaj ib qho kev pabcuam dawb, RakhniDecryptor, muaj nyob rau ntawm daim nplooj nplooj ntawv http://support.kaspersky.com/viruses/disinfection/10556.

Muaj ntau cov lus qhia txog kev siv cov kev pabcuam no, uas qhia txog kev yuav rov qab tau cov ntaub ntawv encrypted, uas kuv yuav cia li tshem tawm cov khoom "Delete encrypted files tom qab zoo decryption" (tab sis kuv xav tias txhua yam yuav zoo nrog qhov kev xaiv ntsia).

Yog tias koj muaj ib daim ntawv pov thawj Dr.Veb tus kab mob, koj tuaj yeem siv qhov kev rho tawm dawb ntawm qhov chaw ua haujlwm no ntawm //support.drweb.com/new/free_unlocker/

Ntau hom kab mob ntawm tus kab mob encryption

Ntau dua, tab sis kuj muaj cov Trojans nram qab no, encrypting cov ntaub ntawv thiab nyiaj ntxiv rau kev ua. Cov kev sib txuas uas tau muab yog tsis yog cov nqi hluav taws xob nkaus xwb rau qhov xa rov qab ntawm koj cov ntaub ntawv, tab sis kuj qhia txog cov cim qhia tias yuav pab txiav txim tias koj muaj tus kab mob no. Txawm tias feem ntau, qhov zoo tshaj plaws: nrog kev pab los ntawm Kaspersky Anti-Virus, luam theej duab, nrhiav lub npe ntawm Trojan raws li qhov kev faib tawm ntawm lub tuam txhab no, thiab mam li tshawb nrhiav lub npe ntawm lub npe.

• Trojan-Ransom.Win32.Rector yog ib qho kev pab cuam RectorDecryptor dawb rau kev siv qiv nyiaj thiab kev qhia siv tau nyob ntawm no: //support.kaspersky.com/viruses/disinfection/4264
• Trojan-Ransom.Win32.Xorist yog tus Trojan zoo ib yam uas qhia txog lub qhov rai uas koj xa ib daim SMS los yog tiv tauj ntawm e-mail rau cov lus qhia txog kev daws teeb meem. Cov lus qhia rau recovering encrypted cov ntaub ntawv thiab lub chaw pabcuam XoristDecryptor rau qhov no yog nyob nplooj http://support.kaspersky.com/viruses/disinfection/2911
• Trojan-Ransom.Win32.Rannoh, Trojan-Ransom.Win32.Fury - RannohDecryptor //support.kaspersky.com/viruses/disinfection/8547 utility
• Trojan.Encoder.858 (xtbl), Trojan.Encoder.741 thiab lwm tus nrog tib lub npe (thaum searching los ntawm Dr.Web los tiv thaiv kab mob los yog qhov kho hluav taws xob) thiab ntau tus lej - sim tshawb hauv Internet los ntawm lub npe ntawm Trojan. Muaj qee leej kuj muaj Dr.Web cov kev siv fais fab, zoo li, yog tias koj tsis tuaj yeem pom lub chaw ua haujlwm, tabsis muaj Dr.Web daim ntawv tso cai, koj siv tau cov nplooj ntawv hauv nplooj ntawv //support.drweb.com/new/free_unlocker/
• CryptoLocker - los txheeb xyuas cov ntaub ntawv tom qab uas khiav CryptoLocker, koj tuaj yeem siv lub vev xaib //decryptcryptolocker.com - tom qab xa cov qauv ntaub ntawv, koj yuav tau txais ib qhov tseem ceeb thiab nqi hluav taws xob rov qab tau koj cov ntaub ntawv.
• Ntawm qhov chaw//bitbucket.org/jadacyrus/ransomwareremovalkit/downloads Ransomware Removal Kit - ib qhov chaw loj nrog cov lus qhia txog ntau hom cryptographers thiab decryption hlauv taws xob (hauv Askiv)

Zoo, los ntawm cov xov xwm tshiab - Kaspersky Lab, ua ke nrog tub ceev xwm khiav tawm hauv Netherlands, tsim Ransomware Decryptor (//noransom.kaspersky.com) los txhawm rau cov ntaub ntawv tom qab CoinVault, li cas los xij, qhov no extortionist tseem tsis tau pom nyob rau hauv peb cov latitudes.

Anti-virus encryptors los yog ransomware

Nrog lub loj hlob ntawm Ransomware, ntau cov manufacturers ntawm anti-tus kab mob thiab anti-malware cov cuab yeej pib tso lawv cov kev daws los tiv thaiv encryption nyob rau hauv lub computer, ntawm lawv yog:

• Malwarebytes Anti-ransomware
• BitDefender Anti-Ransomware
• WinAntiRansom

Tes thib ob yog tseem nyob hauv beta, tab sis pub dawb xwb (lawv tsuas txhawb lub ntsiab lus ntawm ib hom kab mob ntawm no - TeslaCrypt, CTBLocker, Locky, CryptoLocker - cov khoom them nqi uas cog lus kom tiv thaiv tau encryption nrog luag txhua tus qauv ransomware, network drives.

Tab sis: cov kev pab cuam no tsis yog tsim los thim tau, tab sis tsuas yog los tiv thaiv cov encryption ntawm cov ntaub ntawv tseem ceeb ntawm koj lub computer. Thiab feem ntau, nws zoo nkaus li kuv tias cov haujlwm no yuav tsum tau ua hauv cov khoom ua kom tsis muaj kabmob, txwv tsis pub coj txawv txawv tshwm sim: tus neeg siv yuav tsum tau ua kom muaj kev tiv thaiv ntawm lub computer, ib qho txhais tau tias yuav tau tiv thaiv AdWare thiab Malware, thiab tam sim no kuj Anti- ransomware utility, plus in case Anti- siv.

Los ntawm txoj kev, yog tias dheev nws dhau tawm tias koj muaj ib yam dab tsi ntxiv (vim tias thaum kuv tsis muaj sijhawm los saib xyuas qhov teeb meem nrog txoj kev xaiv), qhia tawm hauv cov lus, cov ntaub ntawv no yuav pab tau rau lwm cov neeg uas tau ntsib teeb meem.