Le ntsholongwane ngemfihlo iifayile kunye igama. Indlela ukususa iifayile intsholongwane zombhalo

Kutshanje kuye kubekho nokulatyuza umsebenzi isizukulwana esitsha lweenkqubo zekhompyutha ngolunya. Bavela ixesha elide (6 - kwiminyaka 8 eyadlulayo), kodwa isantya ukuphunyezwa yabo lalonyukile ngoku. It ijongene ngokwandileyo nesibakala ukuba ifayile intsholongwane ibhalwe ngokufihlisa.

Thina kakade siyazi ukuba oku akuthethi nje isoftwe abangekaphuhli eyingozi, umzekelo, uvimba ikhompyutha (ebangela blue screen), kunye neenkqubo kakhulu ezijoliswe umonakalo, njengoko umthetho, i-data kwengxelo. Bathi ukubethela yonke iifayile kusemandleni, kuquka 1C data, docx, xlsx, jpg, doc, xls, pdf, zip.

iintsholongwane yingozi Special ingqalelo

Ihlala yokuba oku kusebenza RSA-ezingundoqo, nto leyo ebotshelelwe khompyutha umsebenzisi ethile kaThixo, ngenxa yoko, le idikhowuda jikelele (decryptor) engekhoyo. Virus ukuba esebenzayo kwelinye kweekhompyutha, ukuze asebenze kwenye.

Ingozi nayo kukuba ngaphezu konyaka kwi-Internet obekwe ulungele iinkqubo-abakhi (Builder), ukuvumela ukuphuhlisa yintsholongwane enjalo, nditsho kulhatskeram (abantu abacinga imigewu, kodwa hayi ukufunda lwenkqubo).

Okwangoku, kukho ukuguqulwa ezinamandla ngakumbi.

indlela ukuqaliswa database Malware

virus Newsletter eziveliswe ngenjongo, njengoko umthetho, isebe locwangciso yenkampani. Okokuqala, eziqokelelayo amasebe e-mail abasebenzi, ebangela amasebe-lwazi ezifana, ngokomzekelo, hh.ru. Okulandelayo ithumela iileta. Bona ziqulathe rhoqo isicelo malunga nokwamkelwa isikhundla esithile. Loo leta iqhotyoshelweyo ifayile kunye nesishwankathelo, apho uxwebhu kanye nge ukufakwa ole-object (pdf-ifayile kunye virus).

Kwiimeko apho abasebenzi accounting nangoko lasungula uxwebhu, emva Iqalisa kulandelayo lwenzeka: yivayirasi yaye igama le fayile obubhalwe, uze self-ngokwawo.

Olu hlobo ncwadi idla eyaneleyo ebhaliweyo wathumela ukuba nespamerskogo ibhokisi (igama lihambelane Utyikityo). LweZithuba isoloko kucelwa ngokusekelwe iprofayili imisebenzi inkampani, nto leyo kutheni na kuvuka ukukrokrelana.

Akukho mvume "Kaspersky" (software wesi) okanye "Virus Iyonke" (online-nkonzo attachments ngetsheki kwiintsholopngwane) awukwazi ukukhusela ikhompyutha yakho kule meko. Maxa wambi, ezinye iinkqubo antivirus ukuskena umba ukuba uthimbo Gen: Variant.Zusy.71505.

Indlela ukunqanda ukosulelwa yintsholongwane?

Kuyimfuneko ukuba khangela kwifayile nganye efunyenweyo. ingqalelo ekhethekileyo ihlawulwa amaxwebhu vordovsky ukuba bebanjwe pdf.

Ezahlukeneyo imiyalezo "sifo"

A lot of kubo. Eyona ezahlukeneyo uqhelekileyo intsholongwane iye zombhalo iifayile ziboniswa apha ngezantsi. Kuzo zonke iimeko, la maxwebhu alandelayo kuza nge e-mail:

1. Isaziso malunga ekuqaleni kwenkqubo kwakhona isicelo kwinkampani ethile amanyathelo asemthethweni (i leta ukukhangela iinkcukacha ngokunqakraza kwi link).
2. Ileta evela SAC ukulungiselela kwakhona kwetyala.
3. Umyalezo ovela Sberbank ukuba ukwenyuka kwetyala ezikhoyo.
4. Isaziso bokulungisa iintshukumo zokwaphulwa kwemithetho yendlela.
5. Ileta evela arhente eqokelela wokubambezeleka liphezulu kangangoko intlawulo.

Isaziso encryption lwefayile

Kuya kuvela emva zokugula ingcambu ulawulo lwe drive C. amaxesha onke abalawuli kunye uhlobo lwetekisi umonakalo ibekwe iifayile ChTO_DELAT.txt, CONTACT.txt. Apho, umsebenzisi uyaziswa ukuba yeekhowudi ngayo iifayile yayo oko kwenziwa ubuchule ethembekileyo lokufihla. Kwaye walumkisa malunga nokusetyenziswa engafanelekanga izixhobo wesithathu, njengoko oku kunokwenza umonakalo iifayile wokugqibela, nto leyo iza kukhokelela nakwenzeka khowudi yasiwa kumbhalo olulandelayo.

Isaziso Kucetyiswa ukuba ushiye ikhompyutha kwimeko kutshintsha. Libonisa kugcino inikwa ngumntu iqhosha (ngokubanzi ziintsuku 2). Yacaca umhla ngqo, emva koko naluphi na uhlobo lonyango ziza kuhoywa.

Xa ekupheleni elinikiweyo e-mail. Kwakhona ithi ukuba umsebenzisi kufuneka ufake ID yakho kunye nokuba naziphi na iintshukumo ezilandelayo kungakhokelela ekupheliseni isitshixo, ezizezi:

• akufunekanga;
• iinkcukacha isicelo ngaphandle kwentlawulo engaphezulu;
• songo.

Indlela ukususa iifayile intsholongwane khowudi?

Olu hlobo ufihlo inamandla kakhulu: ifayile wabelwe ukuba ukwandiswa abafezekileyo nochance njl Crack, nje akunakwenzeka, kodwa zama ukudibanisa i cryptanalyst kwaye ukhangele kroba (kwezinye iimeko ukunceda Dr. WEB) ..

Kukho 1 indlela ukubuyisela asongiweyo iifayile yintsholongwane, kodwa akukho ezilungele zonke iintsholongwane, kufuneka ukususa exe yoqobo kunye nale nkqubo eyingozi, nto leyo ngokwaneleyo kunzima ukuphumeza self-ngokwawo emva.

Ukukholisa ngokuphathelene ntsholongwane ukusungulwa ikhowudi okhethekileyo - netsheki encinane, kuba ngeli xesha le fayile sele idikhowuda (code of, ngoko ukuthetha, umhlaseli akukho mfuneko). Undoqo yale ndlela - ungeno kwi intsholongwane elangena (endaweni uthelekiso input ikhowudi ngokwayo) amaqela engenanto. Isiphumo - inkqubo eyingozi ngokwayo kuqhuba khowudi yasiwa kumbhalo ngayo iifayile kwaye ibuyisela kubo ngokupheleleyo.

Xa virus nganye inayo phawu awodwa ufihlo, apho nto nokwenziwayo yomntu wesithathu (ifayile format exe) akayi ukususa, okanye uzame ukukhetha umsebenzi ngasentla, nto leyo endinga zonke izenzo ezenziwa kwi WinAPI.

Le ntsholongwane ngemfihlo lwefayile: ntoni ukwenza ntoni?

Ukuba iqalise le nkqubo khowudi yasiwa kumbhalo kufuneka:

1. Yenza izimamva (izimamva lwefayile ezikhoyo). Ekupheleni decrypting zonke isusa ngokwalo.
2. Kwi computer (ixhoba), kufuneka usebenzise le nkqubo eyingozi, ngoko ulinde, siqulethe imfuneko ngokubhekiselele ekuqalisweni ikhowudi xa window iyaboniswa.
3. Okulandelayo, kufuneka uqale ukusuka lefayile encamatheleyo yogcino Patcher.exe.
4. Inyathelo elilandelayo ukwazisa inani yenkqubo yintsholongwane, ngoko kuyimfuneko ukuba ucinezela "enzuzo".
5. Uya «wathu-» umyalezo, nto leyo ethetha ngokukhuhla imiyalelo uthelekiso.
6. Oku kulandelwa ukuqaliswa ikhowudi kwibhokisi uchwetheza nayiphi na abalinganiswa, kwaye ngoku nqakraza "Gqiba".
7. Le ntsholongwane iqala inkqubo decrypting ifayili, emva koko akubikho yena.

Indlela ukunqanda ulhleko lwe data ingqalelo efanelekileyo malware?

Kubalulekile ukwazi ukuba kwimeko apho intsholongwane ifayile elinoguqulelo, kuba inkqubo kwexesha khowudi yasiwa kumbhalo athathe. Ingongoma ebalulekileyo ubabalo kukuba ikhompuyutha ikhankanywe ngasentla kukho bug ekuvumela ukuba ugcine ezinye iifayile, ukuba ngokukhawuleza uyeke ikhompyutha (iplagi uyitsale kwisokethi, cima zephetshana amandla, susa ibhetri xa kwimeko laptop), ngokukhawuleza nje inani elikhulu leefayile ekhankanyiweyo ngaphambili ukwandiswa .

Kwakhona kufanele kugxininiswe ukuba le nto iphambili - kukuba ukwenza rhoqo ukhuphelo, kodwa hayi kwi olunye ulawulo, kungekhona kumajelo asuswayo ukuba lifakwa ikhompyutha, ukususela ukuguqulwa intsholongwane kwaye iya kufikelela kwezi ndawo. Kubalulekile ukuba ungagcina izimamva kwi ngeyahlukileyo icomputer, a hard drive, nto leyo ngokusisigxina eqhotyoshelwe kule khompyutha, kwaye efini.

Kufuneka banyangwe nge nokuyikrokrela onke amaxwebhu eza imeyile evela kubantu ayaziwa (e isishwankathelo ifomu, invoice, nasiSigqibo SAC okanye irhafu kunye nabanye.). Akufuneki uqhutywe kwi khomputha yakho (ukulungiselela le njongo netbook, ayiqulathanga idata ezibalulekileyo enokuzichongela).

Inkqubo *.paycrypt@gmail.com eyingozi: Amancedo

.. Kwimeko apho intsholongwane ikhankanywe ngasentla asongiweyo iifayile cbf, doc, jpg, njalo njalo, kukho meko kuphela ezintathu:

1. Indlela elula ukuba siyitshabalalise - ukususa zonke iifayile ezosulelekileyo (kwamkelekile, ukuba ezi nkcukacha aziphelelanga kubaluleke kakhulu).
2. inkqubo unqulo Jonga ilebhu, umzekelo, Dr. WEB. Email developers iifayile eziliqela ezosulelekileyo enesitshixo kuyimfuneko kwi khowudi, ebekwe kwi khompyutha njengoko KEY.PRIVATE.
3. Eyona ndlela kakhulu eninzi. Ukwenza intlawulo yesixa ecelwe ukuba imigewu ukususa iifayile eyosulelekileyo. Ngokuqhelekileyo, iindleko zale nkonzo 200 - 500 US iidola .. Oku kwamkelekile kwimeko apho intsholongwane ngemfihlo iifayili inkampani enkulu, apho eyayinethombo enkulu inkcazelo kuthatha indawo yonke imihla, yaye le nkqubo kakubi in seconds umonakalo omkhulu. Malunga nalo intlawulo - inguqulelo fastest ye kwakhona lwefayile sifo.

Maxa wambi kakuhle kwaye ukhetho olongezelelweyo. Kwimeko apho intsholongwane ngemfihlo iifayile (paycrypt @ gmail_com okanye nenye isoftwe eyingozi) kunokunceda inkqubo iye yawa emva kweentsuku ezimbalwa ezidlulileyo.

Inkqubo ukuze uyivule RectorDecryptor

Ukuba intsholongwane ngemfihlo iifayile jpg, doc, cbf njalo njalo. N., Unako ukunceda inkqubo ekhethekileyo. Kuba oku kufuneka siye kuqaliso ukukhubaza yonke kodwa antivirus kuqala. Okulandelayo, kufuneka uqalise kwakhona ikhompyutha yakho. Jonga zonke iifayile, kandziyisa ekrokrisayo. Endle phantsi kwegama "Team" lowu indawo kwifayile ethile (kufuneka sinikele ingqalelo izicelo ezingenawo utyikityo: umenzi - akukho data).

Zonke iifayili olukrokrisayo kucinywa, ngoko ke imfuneko ukucoca solunye inthanethi eneenkcukacha okwexeshana (inkqubo CCleaner ilungele ukulungiselela le njongo).

Ukuqalisa khowudi yasiwa kumbhalo, umele download inkqubo ngasentla. Emva koko, uyiqhuba kwaye nqakraza "Qala Scan", ngokukhankanya iifayile iguqulwe kwaye ukwandiswa zabo. Kwiinguqulelo mihla kweprogram ucacise kuphela ngokwakhe ifayile eyosulelekileyo kwaye nqakraza "Vula". Emva koko, iifayili ziya uguqulwa.

Emva koko, lo eluncedo Icinga ngokuzenzekela yonke idatha kwikhompyutha, kubandakanywa iifayile ezigcinwe kwi ezidityanisiweyo yediskhi yenethiwekhi, kwaye decrypts kubo. Le nkqubo lokubuyisela ingathatha iiyure ezininzi (ngokuxhomekeke umthwalo kunye isantya computer).

Ngenxa yoko, zonke iifayile lonakele ziya decoded kwangolu ifolda apho zafakelwa ekuqaleni. Ekupheleni kuya kufuneka kuphela ukususa zonke iifayile ezikhoyo ngolwandiso ibitheni, onokuwatshintsha abeke phantsi uphawu kule umbuzo "Cima iifayile yoguqulelo emva zokucazulula ngempumelelo" ngokucinezela i pre-iqhosha "Useto Tshintsha scan". Noko ke, kungcono ukuba ukubeka, njengoko kunjalo kwimeko khowudi yasiwa kumbhalo ayiphumelelanga lwefayile kokuba umhlala, uze emva koko kufuneka abuyisele kubo kuqala.

Ngoko ke, ukuba intsholongwane ngemfihlo iifayile doc, cbf, jpg t. E., Ukuba sukela kwi khowudi yentlawulo. Mhlawumbi akazange uyidinga.

Ngomahluko ukususwa iifayile zombhalo

Xa uzama ukuphelisa zonke iifayile ezimashakeleyo usebenzisa uphendlo standard kunye nokususwa elandelayo ingaqala ijinga kwaye sehlise ikhompyutha yakho. Ngoko ke, le nkqubo kufuneka usebenzise okhethekileyo kwelayini yomyalelo. Emva iqaliswa kuyimfuneko ukungena kulandelayo: del «:. \ * » / f / s.

Yiba Uqinisekile ufuna ukucima ezi fayile ngokuba "Funda-menya.txt", nto leyo kwi umgca womyalelo efanayo kufuneka ucacise: del ": \ * » / f / s..

Ngoko ke, ukuze kuqwalaselwe ukuba xa intsholongwane walitshintsha igama iifayile ngokufihla, kufuneka nje ukuchitha imali yokuthenga cybercriminals isitshixo sokuqala kuyimfuneko ukuzama ukuqonda ingxaki ngokwabo. Kubhetele ukuba imali kuthengwe inkqubo ekhethekileyo ukungafihli iifayili ezonakeleyo.

Okokugqibela kubalulekile ukukhumbula ukuba eli nqaku umbuzo malunga ukungafihli ngayo iifayile intsholongwane ngokufihlisa.