Bitcoin blackmail antivirus
Publish: 2021-03-25 12:09:09
1. 1、 Win10 prevention process
win10 platform is relatively simple, because Microsoft has released relevant patches for this virus vulnerability in early March, so as long as your win10 has been automatically updated and upgraded to the latest version (version number is higher than 1511), you can successfully resist wannacrypt virus
operation steps:
1. "Settings" → "update and security" → "Windows Update", check that this item is on
2. Click the Cortana search box in the taskbar, enter "winver" and confirm that the version number is higher than 1511<
win10 users directly upgrade the latest version
II. Win7, win8.1, WINXP processing flow
for non win10 platform computers, because most of them have exceeded the service period, or e to various reasons, they have not opened the update and received the security patch, which is the hardest hit area of this attack. The solution is to download ms17-010 patch manually. At present, Microsoft has urgently released ms17-010 patch for different platforms, and the direct link address is as follows:
Windows XP (kb4012598)
32 bits:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-chs_. Exe
64 bit:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_. Exe
Windows 7 (kb4012212, kb4012215)
32-bit:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x86_. msu KB4012212
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x86_. MSU (kb4012215)
64 bits:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_. msu KB4012212
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x64_. MSU (kb4012215)
windows 8.1 (kb4012213, kb4012216)
32-bit:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x86_. msu KB4012213
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x86_. MSU (kb4012216)
64 bits:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x64_. msu KB4012213
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x64_. MSU (kb4012216)
for other platforms or server versions, please go to https://technet.microsoft.com/zh-cn/library/security/MS17-010 Download the corresponding patch file
to search your own windows platform, you need to pay attention to the number of version bits (such as 32-bit / 64 bit)
confirm the platform version number again, click the download button of the corresponding version
click the link to download the patch of this platform directly. It should be noted that indivial platforms (such as win7) will contain two patches, Please download and install in order
3. Temporary disposal method
if it is not convenient for the computer to install the patch, or if you don't have a downloaded patch file on hand, you can consider the following temporary disposal method. The temporary disposal method is to shut down the corresponding port number of the system for immunization, which is effective for the current version of the virus, but it does not rule out the possibility of breaking the virus after it has a variant, The specific methods are as follows:
1. Download the 360 NSA immunization tool
NSA Arsenal immunization tool
software version: XP version
software size: 125.34mb
software license: free
applicable platform: WinXP Vista win8 win7
download address: http://dl.pconline.com.cn/download/996906.html
download the NSA immunization tool released by 360 company immediately, It has the characteristics of time-saving, labor-saving and low operation difficulty. The whole toolkit is 125mb. Double click to decompress automatically. Later, you will enter a main interface and operate according to the screen prompts. When the interface is green, it means the system is safe
NSA immune tool released by 360 company
2. Manually close windows 445, 135, 137, 138, 139 ports
in addition to the existing tools, you can also manually close 445, 135, 137, 138, 139 ports to resist virus attacks. The specific operation steps are as follows:
2.1 close ports 135, 137 and 138
1. Run and input "dcomcnfg"
2. On the right side of the computer option, right-click My Computer and select properties
3. In the default properties tab of my computer properties dialog box, remove the check box before enable Distributed COM on this computer
4. Select the default protocol tab, select connection oriented TCP / IP, and click delete
5. Right click on the network neighborhood to select properties, right click the network tab, and remove the check boxes of Microsoft network file and printer sharing and Microsoft network client to close ports 135, 137, 138 of the sharing end
manually close port
2.2 close port 139
open "network and dial up connection" → "local connection", select "Internet Protocol (TCP / IP)" attribute, enter "advanced TCP / IP settings" → "wins settings", there is a "disable TCP / IP NetBIOS", check to close port 139
2.3 close port 445
"start" → "run", enter "regedit", confirm and locate to "HKEY"_ LOCAL_ MACHINE\ SYSTEM\ CurrentControlSet\ Servi ces\ NetBT\ Parameters ", create a new DWORD value named" smbdeviceenabled "and set it to 0, then port 445 can be closed
note: after manually closing the port number, some intranet services (such as file and printer sharing) may fail. Please choose carefully
write at the end
wannacrypt is one of the most harmful viruses in recent years, second only to the shock wave of that year. The most important thing is that this virus will affect the hard disk data, and it is almost impossible to crack at present. The current method is that wannacrypt will automatically delete the original file before encryption, so some professional data recovery software can be used to try to recover. In short, keeping the system up-to-date is the best way to defend against viruses.
win10 platform is relatively simple, because Microsoft has released relevant patches for this virus vulnerability in early March, so as long as your win10 has been automatically updated and upgraded to the latest version (version number is higher than 1511), you can successfully resist wannacrypt virus
operation steps:
1. "Settings" → "update and security" → "Windows Update", check that this item is on
2. Click the Cortana search box in the taskbar, enter "winver" and confirm that the version number is higher than 1511<
win10 users directly upgrade the latest version
II. Win7, win8.1, WINXP processing flow
for non win10 platform computers, because most of them have exceeded the service period, or e to various reasons, they have not opened the update and received the security patch, which is the hardest hit area of this attack. The solution is to download ms17-010 patch manually. At present, Microsoft has urgently released ms17-010 patch for different platforms, and the direct link address is as follows:
Windows XP (kb4012598)
32 bits:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-chs_. Exe
64 bit:
http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_. Exe
Windows 7 (kb4012212, kb4012215)
32-bit:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x86_. msu KB4012212
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x86_. MSU (kb4012215)
64 bits:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_. msu KB4012212
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x64_. MSU (kb4012215)
windows 8.1 (kb4012213, kb4012216)
32-bit:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x86_. msu KB4012213
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x86_. MSU (kb4012216)
64 bits:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x64_. msu KB4012213
http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x64_. MSU (kb4012216)
for other platforms or server versions, please go to https://technet.microsoft.com/zh-cn/library/security/MS17-010 Download the corresponding patch file
to search your own windows platform, you need to pay attention to the number of version bits (such as 32-bit / 64 bit)
confirm the platform version number again, click the download button of the corresponding version
click the link to download the patch of this platform directly. It should be noted that indivial platforms (such as win7) will contain two patches, Please download and install in order
3. Temporary disposal method
if it is not convenient for the computer to install the patch, or if you don't have a downloaded patch file on hand, you can consider the following temporary disposal method. The temporary disposal method is to shut down the corresponding port number of the system for immunization, which is effective for the current version of the virus, but it does not rule out the possibility of breaking the virus after it has a variant, The specific methods are as follows:
1. Download the 360 NSA immunization tool
NSA Arsenal immunization tool
software version: XP version
software size: 125.34mb
software license: free
applicable platform: WinXP Vista win8 win7
download address: http://dl.pconline.com.cn/download/996906.html
download the NSA immunization tool released by 360 company immediately, It has the characteristics of time-saving, labor-saving and low operation difficulty. The whole toolkit is 125mb. Double click to decompress automatically. Later, you will enter a main interface and operate according to the screen prompts. When the interface is green, it means the system is safe
NSA immune tool released by 360 company
2. Manually close windows 445, 135, 137, 138, 139 ports
in addition to the existing tools, you can also manually close 445, 135, 137, 138, 139 ports to resist virus attacks. The specific operation steps are as follows:
2.1 close ports 135, 137 and 138
1. Run and input "dcomcnfg"
2. On the right side of the computer option, right-click My Computer and select properties
3. In the default properties tab of my computer properties dialog box, remove the check box before enable Distributed COM on this computer
4. Select the default protocol tab, select connection oriented TCP / IP, and click delete
5. Right click on the network neighborhood to select properties, right click the network tab, and remove the check boxes of Microsoft network file and printer sharing and Microsoft network client to close ports 135, 137, 138 of the sharing end
manually close port
2.2 close port 139
open "network and dial up connection" → "local connection", select "Internet Protocol (TCP / IP)" attribute, enter "advanced TCP / IP settings" → "wins settings", there is a "disable TCP / IP NetBIOS", check to close port 139
2.3 close port 445
"start" → "run", enter "regedit", confirm and locate to "HKEY"_ LOCAL_ MACHINE\ SYSTEM\ CurrentControlSet\ Servi ces\ NetBT\ Parameters ", create a new DWORD value named" smbdeviceenabled "and set it to 0, then port 445 can be closed
note: after manually closing the port number, some intranet services (such as file and printer sharing) may fail. Please choose carefully
write at the end
wannacrypt is one of the most harmful viruses in recent years, second only to the shock wave of that year. The most important thing is that this virus will affect the hard disk data, and it is almost impossible to crack at present. The current method is that wannacrypt will automatically delete the original file before encryption, so some professional data recovery software can be used to try to recover. In short, keeping the system up-to-date is the best way to defend against viruses.
2. In the evening of May 12, the wanna cry worm virus broke out in more than 74 countries around the world. At least 45000 machines have been infected. The network system of some colleges and universities in China has become a disaster area, and the network payment system of PetroChina gas station has also been affected
it is reported that the virus can spread rapidly in the local area network by taking advantage of the vulnerability of port 445 of windows system, but large local area networks such as schools have not done similar prevention, so it has become the target of attack
the success probability of brute force cracking is 0
a person in bitcoin instry said that bitcoin blackmail virus had existed as early as 2014. This time, the technology used by hackers is more high-end than last time, and the scope of influence is wider, but the identity of hackers is still unclear
moreover, the "variability" of this virus lies in the addition of automatic transmission for windows 445 port. As long as the windows system machine fails to upgrade the latest patch, making port 445 open, the virus can invade the machine
the virus requires the intruder to pay $300 worth of bitcoin ransom within six hours, and then the ransom will rise every other time
some netizens pointed out that it is difficult to crack the virus by violence. If bitcoin blackmail virus wants to crack by violence, the possibility is infinitely small, and it is impossible to complete it by virtue of personal ability
port 445 enables users to easily access all kinds of shared folders or shared printers in the LAN
port 445 gives an opportunity for malicious attackers. The normal home network has been limited by the operators to 445 port access, but the school and other large LAN did not do similar prevention, so it became the target of attack
in this virus attack, most of the domestic students who are affected are in Colleges and universities, and the seniors who are about to graate are affected, and the documents related to the design papers are locked. Many universities, including Shandong University, Nanchang University, Guangxi Normal University and Northeast University of Finance and economics, have issued emergency notices to remind teachers and students to take precautions
this virus is more accurately an encryption method. The virus will encrypt all the key files in the computer and make people pay for the unlock password, but whether the hacker will keep his promise and provide the unlock password is his problem
bitcoin blackmail virus has appeared many times
one of the characteristics of this type of virus is to ask the victim to pay bitcoin as ransom. According to many people in the instry, bitcoin is usually used as a tool for cross-border payment and remittance because of its global characteristics. In addition, as a kind of network encryption virtual currency, bitcoin has the characteristics of decentralization and anonymity. The flow of funds is not easy to track, so it is convenient for hackers to make use of its collection and payment, and it is more convenient for them to hide their identities
"if you transfer money to a hacker, you essentially give him a small string of encrypted codes that can be quickly transmitted on the Internet and stored in an electronic wallet." Some people in the instry told reporters that the anonymity of bitcoin is often the reason why computer fans, financial speculators and even drug dealers are fascinated by it
according to the current attacked computers, hackers ask for a ransom of $300 (about RMB 2069.16) worth of bitcoin for each computer
but the area of this virus infection is very large. If everyone pays the ransom, will malicious attackers be able to unlock it in time? Because it is not clear whether the virus will be unlocked manually or online. If it is handled manually, it is likely that it will be too late to handle. However, online processing is fully automatic. After bitcoin has paid, it will automatically collect money and then issue the unlock code
therefore, it is not recommended that the victim pay a ransom to the hacker, because even if you pay, the hacker may not know which computer you have
it is worth mentioning that the outbreak of bitcoin blackmail virus has pushed bitcoin to the top of the wave again. "Bitcoin virus" has become a hot search keyword, and many bitcoin insiders have expressed their concerns about bitcoin's "stigmatization"“ Good tools should not be blamed because they are used by bad people. " A person in the bitcoin instry said, "bitcoin is bitcoin, virus is virus, injustice has a head, debt has owner, so it is unnecessary to have hostility to bitcoin."
now, the most important thing is that the victims should install the patch released by Microsoft as soon as possible to prevent unfamiliar e-mail, and important files should be backed up to the cloud platform and local offline hard disk
wannacry blackmail virus prevention method:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
it is reported that the virus can spread rapidly in the local area network by taking advantage of the vulnerability of port 445 of windows system, but large local area networks such as schools have not done similar prevention, so it has become the target of attack
the success probability of brute force cracking is 0
a person in bitcoin instry said that bitcoin blackmail virus had existed as early as 2014. This time, the technology used by hackers is more high-end than last time, and the scope of influence is wider, but the identity of hackers is still unclear
moreover, the "variability" of this virus lies in the addition of automatic transmission for windows 445 port. As long as the windows system machine fails to upgrade the latest patch, making port 445 open, the virus can invade the machine
the virus requires the intruder to pay $300 worth of bitcoin ransom within six hours, and then the ransom will rise every other time
some netizens pointed out that it is difficult to crack the virus by violence. If bitcoin blackmail virus wants to crack by violence, the possibility is infinitely small, and it is impossible to complete it by virtue of personal ability
port 445 enables users to easily access all kinds of shared folders or shared printers in the LAN
port 445 gives an opportunity for malicious attackers. The normal home network has been limited by the operators to 445 port access, but the school and other large LAN did not do similar prevention, so it became the target of attack
in this virus attack, most of the domestic students who are affected are in Colleges and universities, and the seniors who are about to graate are affected, and the documents related to the design papers are locked. Many universities, including Shandong University, Nanchang University, Guangxi Normal University and Northeast University of Finance and economics, have issued emergency notices to remind teachers and students to take precautions
this virus is more accurately an encryption method. The virus will encrypt all the key files in the computer and make people pay for the unlock password, but whether the hacker will keep his promise and provide the unlock password is his problem
bitcoin blackmail virus has appeared many times
one of the characteristics of this type of virus is to ask the victim to pay bitcoin as ransom. According to many people in the instry, bitcoin is usually used as a tool for cross-border payment and remittance because of its global characteristics. In addition, as a kind of network encryption virtual currency, bitcoin has the characteristics of decentralization and anonymity. The flow of funds is not easy to track, so it is convenient for hackers to make use of its collection and payment, and it is more convenient for them to hide their identities
"if you transfer money to a hacker, you essentially give him a small string of encrypted codes that can be quickly transmitted on the Internet and stored in an electronic wallet." Some people in the instry told reporters that the anonymity of bitcoin is often the reason why computer fans, financial speculators and even drug dealers are fascinated by it
according to the current attacked computers, hackers ask for a ransom of $300 (about RMB 2069.16) worth of bitcoin for each computer
but the area of this virus infection is very large. If everyone pays the ransom, will malicious attackers be able to unlock it in time? Because it is not clear whether the virus will be unlocked manually or online. If it is handled manually, it is likely that it will be too late to handle. However, online processing is fully automatic. After bitcoin has paid, it will automatically collect money and then issue the unlock code
therefore, it is not recommended that the victim pay a ransom to the hacker, because even if you pay, the hacker may not know which computer you have
it is worth mentioning that the outbreak of bitcoin blackmail virus has pushed bitcoin to the top of the wave again. "Bitcoin virus" has become a hot search keyword, and many bitcoin insiders have expressed their concerns about bitcoin's "stigmatization"“ Good tools should not be blamed because they are used by bad people. " A person in the bitcoin instry said, "bitcoin is bitcoin, virus is virus, injustice has a head, debt has owner, so it is unnecessary to have hostility to bitcoin."
now, the most important thing is that the victims should install the patch released by Microsoft as soon as possible to prevent unfamiliar e-mail, and important files should be backed up to the cloud platform and local offline hard disk
wannacry blackmail virus prevention method:
1. Install the latest security patch for the computer. Microsoft has released patch ms17-010 to fix the system vulnerability of "eternal blue" attack. Please install this security patch as soon as possible; For Windows XP, 2003 and other machines that Microsoft no longer provides security updates, we can use 360 "NSA Arsenal immunity tool" to detect whether there are vulnerabilities in the system, and close the ports affected by the vulnerabilities, so as to avoid being infringed by blackmail software and other viruses
2. Close ports 445, 135, 137, 138 and 139, and close network sharing
3. Strengthen the awareness of network security: don't click the unknown link, don't download the unknown file, don't open the unknown email...
4. Back up the important files in your computer to the mobile hard disk and U disk as soon as possible (regularly in the future), and save the disk offline after the backup
5. It is recommended that users who are still using Windows XP and windows 2003 should upgrade to Windows 7 / windows 10 or windows 2008 / 2012 / 2016 as soon as possible.
3. In the bitcoin virus, 360 antivirus is useless, and even some paid antivirus software can not be used
bitcoin virus (bitcoin Trojan horse) "bitcoin blackmailer" was popular abroad in 2014, and was found in China in early 15 years. This kind of Trojan will encrypt 114 kinds of files in the infected computer, such as docx, PDF, xlsx, JPG and so on, making it unable to open normally, and pop up windows to "blackmail" the victim, requiring the victim to pay 3 bitcoin as "ransom". According to the recent bitcoin price found by the reporter from the Internet, 3 bitcoin is almost 5000 yuan or 6000 yuan. This kind of Trojan horse is generally spread through English mail. The name of the Trojan horse program is usually in English, which means "order", "proct details", etc., and uses fax or form icon, which is very confusing. The recipient easily mistakenly thinks that it is a working file and clicks to run the Trojan horse program.
bitcoin virus (bitcoin Trojan horse) "bitcoin blackmailer" was popular abroad in 2014, and was found in China in early 15 years. This kind of Trojan will encrypt 114 kinds of files in the infected computer, such as docx, PDF, xlsx, JPG and so on, making it unable to open normally, and pop up windows to "blackmail" the victim, requiring the victim to pay 3 bitcoin as "ransom". According to the recent bitcoin price found by the reporter from the Internet, 3 bitcoin is almost 5000 yuan or 6000 yuan. This kind of Trojan horse is generally spread through English mail. The name of the Trojan horse program is usually in English, which means "order", "proct details", etc., and uses fax or form icon, which is very confusing. The recipient easily mistakenly thinks that it is a working file and clicks to run the Trojan horse program.
4. In short, blackmail virus is a computer virus that uses Windows system vulnerability to maliciously encrypt user files and then extort money < / UL >
{rrrrrrr}
10
(3) in view of the current technical means, if blackmail virus can not be solved, it can only be completely formatted, Then, the system is reinstalled and the system vulnerability patch is made to prevent the secondary poisoning
5. 1. Install anti-virus software and keep the security defense function on
2. Open files with uncertain sources and back up important files in time. Although anti-virus software has little effect, try to upgrade anti-virus software and operating system patches in time. These measures are not only to prevent bitcoin virus, but also to prevent more viruses
2. Open files with uncertain sources and back up important files in time. Although anti-virus software has little effect, try to upgrade anti-virus software and operating system patches in time. These measures are not only to prevent bitcoin virus, but also to prevent more viruses
6. < / UL >
Unfortunately, Windows users are attacked by wana series of blackmail virus (bitcoin virus). The current solutions are as follows: (never pay ransom in any case, there is a lot of evidence that even if ransom files are paid, they cannot be decrypted.) < UL >
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers and wait for a more superior perfect unlocking scheme
< H2 > Windows users can install security patches in time, update anti-virus software, and avoid visiting high-risk websites. At present, the wanacry virus has been preliminarily controlled, so users need not panic and fight rationally< br />7. Unfortunately, Windows users are attacked by wanacry blackmail virus. The current solutions are as follows: (never pay ransom in any case. There is a lot of evidence that even if ransom files are paid, they cannot be decrypted.)
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
Windows users can completely eliminate wanacry blackmail virus on devices by formatting all hard disks
indivial users can contact domestic and foreign security manufacturers, such as Qihoo 360, Jinshan drug bully, Kaspersky, mcfel, Tencent security manager and other security centers for assistance in recovering important data
use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer
use the file recovery tool to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents
note: we will continue to pay attention to the handling methods of relevant security manufacturers, waiting for more superior perfect unlocking.
8.
Once the computer is infected with this bitcoin blackmail virus, all the file data on the computer will be forcibly encrypted. If it is not delivered in the form of bitcoin to the virus maker & lt; Ransom;, Then these files can't be decrypted and retrieved. Even if the ransom is paid this time, they may be decrypted next time; Patronize & quot& mdash;& mdash; That is to say, this virus is very important to & lt; Pay attention to data & quot; It's hard to estimate the harm that can be caused by the users, especially the enterprise users
How to avoid the harm of bitcoin blackmail virus< p> As soon as bitcoin blackmail virus came into being, it immediately caused an uproar around the world. Major network security organizations and well-known anti-virus software began to pay attention to this problemthere is a lot about & lt; Manually set the firewall to close the sensitive port of the computer, so as to resist the bitcoin blackmail virus; But this kind of method is more suitable for those who know computer better; Non white people;, For example, for a third rate programmer like me, this method is more suitable for me. I can't even use antivirus software
but for the general public, it may be necessary to deal with it in a simpler way
it has been several years since the advent of bitcoin extortion virus. In order to help users' computers fight against bitcoin extortion virus attacks, many anti-virus software have certain defense mechanisms. For example, 360 launched a & lt; Anti blackmail service;, If your data is encrypted by bitcoin extortion virus when 360 is installed on your computer, 360 will compensate for your ransom and recover your data
users who don't know how to use computers can choose to install anti-virus software to defend you against such viruses, but it depends on their hobbies to choose which one
9.
At present, 360 is the first in China to launch 360 anti extortion service
to provide document restoration and decryption service for the current popular specific Trojan family using asymmetric encryption
download and install the latest security guard 11.0 beta, and click "anti blackmail service" in the main interface
Hot content