Imiyalo eningiliziwe yokuvula ikhompyutha, uma uba yisisulu sebhansela okuthiwa yi-banner, ukukwazisa ukuthi ikhompyutha yakho ivaliwe. Izindlela eziningi ezivamile ezibhekwayo (mhlawumbe eziphumelela kakhulu ezimweni eziningi zihlela ukubhalisa kwe-Windows).
Uma i-banner ivela ngokushesha ngemuva kwesikrini se-BIOS, ngaphambi kokuthi iWindows iqale ukulayisha, izisombululo kulesi sihloko esisha Indlela yokususa ibhanna
Ibhansela kwideskithophu (chofoza ukuze ukhulise)
Ukuhlaselwa okunjalo njengama-sms banner extortionists ingenye yezinkinga ezivame kakhulu kubasebenzisi banamuhla - Ngisho lokhu njengomuntu osebenza ekulungiseni amakhompyutha ekhaya. Ngaphambi kokuba ngikhulume ngezindlela zokususa i-sms banner, ngizobona amanye amaphuzu omumo ojwayelekile ongase awusizo kulabo ababhekana nalokhu okokuqala.
Ngakho, okokuqala, khumbula:- Awudingi ukuthumela noma iyiphi imali kunoma iyiphi inombolo - ngamacala angu-95% lokhu angeke kusize, akufanele futhi uthumele i-SMS ezinombalwa ezimfushane (nakuba kunamabhanantshi ambalwa futhi ambalwa anesidingo esifanayo).
- Njengomthetho, emibhalweni efasiteleni elivela kwideskithophu, kukhona okushiwo yiziphi imiphumela ezimbi ezilindeleke kuwe uma ungalaleli futhi wenze into yakho siqu: ususe yonke idatha kusuka kukhompyutha, ukushushiswa kobugebengu, njll. - akufanele ukholwe noma yini ebhaliwe, konke lokhu kuhloswe kuphela ukuthi umsebenzisi ongakulungele, ngaphandle kokuqonda, waya ngokushesha ekugcineni kokukhokha ukuze abeke ama-ruble angu-500, 1000 noma ngaphezulu.
- Izinsiza ezivumela ukuthola ikhodi yokuvula ngokuvamile azi le khodi - ngoba nje inganikezwa ebhanini - kukhona iwindi lokungena ikhodi yokuvula, kodwa ayikho ikhodi ngokwayo: ama-fraudsters akudingeki abe nzima ukuphila kwabo futhi ahlinzekele ukususwa kwe-SMS yabo yokuphanga uthole imali yakho.
- uma unquma ukuphendukela kochwepheshe, ungase uhlangabezane nalokhu okulandelayo: izinkampani ezithile ezihlinzeka ngosizo lwekhomputha, kanye nabamakhosi ngabanye, zizofakazela ukuthi ukuze ususe ibhanna, kufanele ubuyekeze iWindows. Lokhu akulona icala; ukuvuselela uhlelo lokusebenza akudingeki kule nkinga, nalabo abathi bangaphikisani noma abanalo amakhono alanele futhi basebenziselwa ukuvuselelwa njengendlela elula yokuxazulula le nkinga, engayidingi; noma bahlelwe ukuthola imali enkulu, ngoba intengo yenkonzo efana nokufaka uhlelo lokusebenza liphakeme kunokususa ibhanna noma ukuphatha ama-virus (ngaphandle kwalokho, abanye bakhokha izindleko ezihlukile ukugcina idatha yomsebenzisi ngesikhathi sokufakwa).
Indlela yokususa ibhanna - imfundo yevidiyo
Le vidiyo ibonisa ngokucacile indlela ephumelela kakhulu yokususa ibhansela lomqashi usebenzisa i-Windows registry editor esimweni esiphephile. Uma kukhona okushiywe ngaphandle kwevidiyo akucaci, khona-ke ngezansi indlela efanayo echazwe ngokuningiliziwe kwifomethi yombhalo ngezithombe.
Ukususa ibhanna usebenzisa ukubhalisa
(akufanelekile ezimweni ezingavamile uma umyalezo we-ransomware uvela ngaphambi kokulayisha i-Windows, okusho ngokushesha ngemva kokuqaliswa ku-BIOS, ngaphandle kokubonakala kwe-logo ye-Windows uma ulayisha, umbhalo we-banner uvela phezulu)
Ngaphezu kwecala elichazwe ngenhla, le ndlela isebenza cishe njalo. Ngisho noma usanda kusebenza nekhompiyutha, ungesabi - vele ulandele imiyalo futhi konke kuzosebenza.
Okokuqala udinga ukufinyelela ku-Windows registry editor. Indlela elula futhi enokwethenjelwa kakhulu yokwenza lokhu ukuvula i-computer kwimodi ephephile ngokusekelwa komugqa womyalo. Ukwenza lokhu: vula ikhompyutha bese ucindezela u-F8 kuze kuvele uhlu lokukhetha kwamamodeli wokuqalisa. Kwezinye i-BIOS, ikhi ye-F8 ingaveza imenyu ngokukhetha i-disk oyifunayo kuyo-kulokhu, khetha i-hard disk yakho enkulu, cindezela u-Enter futhi ngokushesha ngemva kwalokhu - futhi u-F8. Khetha okushiwo kakade - imodi ephephile enokusekelwa komugqa womyalo.
Khetha imodi ephephile ngokusekelwa komugqa womyalo
Ngemva kwalokho, silinde ukuthi i-console ilayishe ngokusikisela kokufaka imiyalo. Faka: regedit.exe, cindezela u-Enter. Ngenxa yalokho, kufanele ubone phambi kwakho i-Windows registry editor regedit. Ukubhalisa kwe-Windows kuqukethe ulwazi lwesistimu, kufaka phakathi idatha ekuqalisweni kwezinhlelo zokusebenza lapho uhlelo lokusebenza luqala. Endaweni ethile lapho, sazibhalela thina kanye ne-banner yethu, futhi manje siyothola khona futhi siyisuse.
Sebenzisa umhleli wokubhalisa ukususa ibhanna
Ngakwesokunxele kumhleli wokubhalisa, sibona amafolda athiwa yizigaba. Kufanele sihlole ukuthi kulezo zindawo lapho leli gciwane okuthiwa likwazi ukubhalisa ngokwaso, azikho amarekhodi angaphandle, futhi uma ekhona, susa. Kunezindawo eziningi eziningana futhi udinga ukuhlola konke. Ukuqalisa
NgenaHKEY_CURRENT_USER -> Isofthiwe -> I-Microsoft -> Windows -> CurrentVersion -> Run- ngakwesokudla sizobona uhlu lwezinhlelo eziqala ngokuzenzakalelayo lapho uhlelo lokusebenza lulayishwa, kanye nendlela eya kulezi zinhlelo. Sidinga ukususa labo ababukeka besolisayo.
Izinketho zokuqalisa lapho ibhanna ingafihla khona
Njengomthetho, banamagama ahlanganisa iqoqo lezinombolo nezinombolo: asd87982367.exe, esinye isici esiyingqayizivele yindawo efolda C: / Amadokhumenti kanye nezilungiselelo / (izicathulo zingase zihluke), zingase zibe ifayela ms.exe noma amanye amafayela etholakala kwi C: / Windows noma C: / Windows / System amafolda. Kufanele ususe okufakiwe okunobhaliso okunjalo. Ukuze wenze lokhu, chofoza ngakwesokudla egameni lekholomu ngegama lepharamitha bese ukhetha "susa". Ungesabi ukukhipha into engekho - akusongeli lutho: kungcono ukususa izinhlelo ezingavamile ezivela lapho, ngeke nje kwandise amathuba okuba kube khona ibhansela phakathi kwabo, kodwa kungase kuphuthumise umsebenzi wekhompyutha yakho esikhathini esizayo (ezinye Ukulayisha ngokuzenzakalela kubiza konke okungadingekile futhi okungadingekile, yingakho ikhompyutha ihlehlisa). Futhi, uma ususa imingcele, kufanele ukhumbule indlela eya efayeleni, ukuze uyisuse endaweni yayo.
Konke lokhu okungenhla kuphindiweHKEY_LOCAL_MACHINE -> Isofthiwe -> I-Microsoft -> Windows -> CurrentVersion -> QalisaEzingxenyeni ezilandelayo, izenzo zihlukile kakhulu:HKEY_CURRENT_USER -> I-Software -> I-Microsoft -> Windows NT -> CurrentVersion -> Winlogon. Lapha udinga ukuqinisekisa ukuthi ayikho imingcele efana neShell ne-Userinit. Uma kungenjalo, susa, akuzona abakhe lapha.HKEY_LOCAL_MACHINE -> Isofthiwe -> I-Microsoft -> Windows NT -> CurrentVersion -> Winlogon. Kulesi sigaba, udinga ukuqinisekisa ukuthi inani le-parameter ye-USerinit lisethwe njengo: C: Windows system32 userinit.exe, futhi ipharamitha yeShell isethwe ku-explorer.exe.
I-Winlogon yomsebenzisi wamanje akufanele ibe nepharamitha yeShell
Ngokuvamile, konke. Manje ungagcina umhleli wokubhalisa, faka i-explorer.exe (ideskithophu ye-Windows izoqala) emgqeni womyalo ovuliwe, susa amafayela asendaweni esiyitholile ngesikhathi sokusebenza nerejista, qala kabusha ikhompyutha kwimodi evamile (njengoba manje iphephile ). Ngethuba eliphezulu, konke kuzosebenza.
Uma ungeke ukwazi ukuvula imodi ephephile, ungasebenzisa noma iyiphi i-Live CD ene-registry editor, njenge-Registry Editor PE, futhi yenza yonke imisebenzi engenhla kuyo.
Susa ibhanna ngosizo lwezinsiza ezikhethekile.
Enye yezinsiza ezisebenzayo kakhulu ze-Kaspersky WindowsUnlocker. Eqinisweni, yenza into efanayo ongayenza ngesandla usebenzisa indlela echazwe ngenhla, kodwa ngokuzenzakalelayo. Ukuze uyisebenzise, kuzomele ulande i-Kaspersky Rescue Disk kusuka kusayithi elisemthethweni, ushise isithombe sediski ku-CD engenalutho (kukhompyutha engahlosiwe), bese uqala nge-disk edalwe bese wenza yonke imisebenzi edingekayo. Ukusetshenziswa kwalesi sevisi, kanye nefayela lesithombe sediski edingekayo kuyatholakala ku //support.kaspersky.com/viruses/solutions?qid=208642240. Olunye uhlelo oluhle nolula oluzosiza ukususa kalula ibhanna luchazwe lapha.
Imikhiqizo efanayo evela kwezinye izinkampani:- UDktWeb LiveCD //www.freedrweb.com/livecd/how_it_works/
- CD ye-AVG yokulondoloza //www.avg.com/us-en/avg-rescue-cd-download
- Ukusindisa Image Vba32 Ukukhulula //anti-virus.by/products/utilities/80.html
Sifunda ikhodi ukuze uvule i-Windows
Kuyinto engavamile lapho i-ransomware ilayishwa khona nje emva kokuba ikhompiyutha ivuliwe, okusho ukuthi uhlelo lokukhwabanisa lulayishwe kurekhodi le-MBR master boot. Kulesi simo, ukungena kumhleli wokubhalisa ngeke kusebenze, ngaphezu kwalokho, ibhanna ayilayishiwe kusuka lapho. Kwezinye izimo, sizosizwa i-CD ephilayo, engalandwa kusuka ezixhumanisweni ezibalwe ngenhla.
Uma une-Windows XP efakiwe, ungalungisa ukwahlukanisa kwe-boot kwidiski eyinkimbinkimbi usebenzisa isistimu yokufaka idiski yokusebenza. Ukuze wenze lokhu, udinga ukuqala kulesi disk, futhi uma ucelwa ukuba ufake i-Windows recovery mode ngokucindezela ikhi R, yenza. Ngenxa yalokho, umyalo wokulayezo kufanele uvele. Kulo, sidinga ukwenza umyalo: FIXBOOT (qinisekisa ngokucindezela i-Y ekhibhodi). Futhi, uma i-disk yakho ingahlukaniswanga ngezigaba eziningana, ungenza umyalo we-FIXMBR.
Uma kungekho diski yokufaka noma uma kukhona enye inguqulo ye-Windows efakiwe, kungenzeka ukuthi ulungise i-MBR usebenzisa isisetshenziswa se-BOOTICE (noma ezinye izinsiza zokusebenza nemikhakha ye-boot yediski disk). Ukuze wenze lokhu, ulilayishe ku-Inthanethi, ulondoloze ku-USB drive bese uqala ikhompyutha kusuka ku-CD ephilayo, bese uqala uhlelo oluvela kwi-flash flash drive.
Uzobona imenyu elandelayo lapho udinga ukukhetha idiski yakho eyinhloko bese uchofoza inkinobho yenqubo ye-MBR. Ewindini elilandelayo, khetha uhlobo lwerekhodi eliyisidingo oyidingayo (ngokuvamile likhethiwe ngokuzenzekelayo), chofoza inkinobho yokufaka / Yokwenza, bese ulungile. Emva kohlelo lwenza zonke izenzo ezidingekayo, qala kabusha ikhompyutha ngaphandle kwe-CD LIve - konke kufanele kusebenze njengangaphambili.
