Hagaha ka hortagga iyo ilaalinta Ransomware^(Ransomware) wuxuu eegayaa ka hortagga Ransomware iyo tillaabooyinka aad qaadi karto si aad u xannibto ugana hortagto Ransomware , malware-ka cusub ee ka dhigaya dhammaan wararka sababo khaldan dartood.

Marar^(Time) badan iyo mar kale waxaynu baranaa hanjabaadaha, iyo noocyo cusub oo malware ah sida Ransomware oo khatar u ah isticmaalayaasha kombayutarka. Fayraska ransomware wuxuu xiraa gelitaanka faylka ama kumbuyuutarka wuxuuna dalbanayaa in madaxfurasho la siiyo abuuraha si uu dib ugu helo gelitaanka, inta badan waxaa lagu oggolaadaa foojarka caddaanka ah ee horay loo bixiyay oo qarsoodi ah ama Bitcoin . Mid ka mid ah hanjabaad madax-furasho oo gaar ah oo u suurtagashay in ay soo jiidato dareenka muddooyinkii ugu dambeeyay, waa Cryptolocker , marka laga reebo FBI ransomware, Crilock & Locker .

Takhasuska ransomware-ka ayaa ah in uu iskiis u yimaado (badanaa iimayl ahaan) ama dariiqa dhabarka dambe ama soo dejiyaha, oo loo keenay qayb dheeri ah. Kumbuyuutarkaaga waxa laga yaabaa in uu ku dhaco ransomware, marka aad gujiso xidhiidhka xaasidnimada leh ee ku jira iimaylka, fariinta degdega ah, barta xidhiidhka bulshada ama mareegaha la jabiyay - ama haddii aad soo dejiso oo aad furto lifaaq email xaasid ah. Waxaa intaa dheer, sida fayras caan ah, waxaa laga yaabaa in ay ogaadaan inta badan barnaamijyada antivirus. Xitaa haddii software-ka-ka-hortaggaagu awoodo inuu ka saaro ransomware-ka, marar badan, kaliya waxaa lagaa tagi doonaa farabadan oo ah faylal iyo xog qufulan!

Sida looga hortago Ransomware

Iyadoo xaaladdu tahay mid welwel leh, natiijaduna ay tahay dhimasho inta badan haddii aad ku guuldareysatid inaad u hoggaansanto qawaaniinta qoraaga malware-maaddaama faylalka qarsoodiga ah ay dhaawacmi karaan oo aan la hagaajin karin - waxaad qaadi kartaa tallaabooyin ka hortag ah si aad dhibaatada uga ilaaliso. Waxaad ka hortagi kartaa sirta ransomware! Aynu aragno qaar ka mid ah tillaabooyinka ka hortagga Ransomware ee^{(Ransomware prevention steps)} aad qaadi karto. Tallaabooyinkani waxay kaa caawin karaan inaad xannibto oo aad ka hortagto Ransomware .

La cusboonaysiiyay OS & software amniga^{(Updated OS & security software)}

Adiga oo aan dhihin waxaad isticmaashaa nidaamka qalliinka casriga ah ee si buuxda loo cusboonaysiiyay^{(fully updated modern operating system)} sida Windows 10/8/7, software antivirus^{(antivirus software)(good antivirus software or an Internet Security Suite)} wanaagsan ama Internet Security Suite iyo browser ammaan ah oo la cusboonaysiiyay^{(updated secure browser)} , iyo macmiil iimaylka^{(updated email client)} oo la cusboonaysiiyay . U deji macmiilkaaga iimaylka si uu u xannibo faylasha .exe^{(block .exe files)} .

Qorayaasha Malware^(Malware) waxay u arkaan isticmaalayaasha kombuyuutarrada, kuwaas oo ku shaqaynaya noocyada OS ee duugoobay, inay yihiin bartilmaameedyo fudud. Waxaa la og yahay inay leeyihiin qaar u nuglaadaan kuwaas oo dembiilayaashan caanka ah ay ka faa'iidaysan karaan si ay aamusnaan u galaan nidaamkaaga. Markaa dheji ama cusboonaysii software-kaaga. Adeegso qol ammaan oo sumcad leh. Had iyo jeer waa lagu talinayaa in la sameeyo barnaamij isku dara labadaba software-ka-hortagga-malware-ka iyo firewall-ka software-ka si uu kaaga caawiyo inaad ogaato hanjabaadaha ama dabeecadaha shakiga leh maaddaama qorayaasha malware ay si joogto ah u soo diraan noocyo cusub, si ay isugu dayaan inay ka fogaadaan in la ogaado. Waxaa laga yaabaa inaad rabto inaad akhrido qoraalkan ku saabsan khiyaanada Ransomware & dabeecadaha Browser.

Ka akhriso ilaalinta Ransomware gudaha Windows 10^{(Ransomware protection in Windows 10)} .^{(Read about Ransomware protection in Windows 10.)}

Kaydi xogtaada^{(Back up your data)}

Waxaad hubaal ahaan kartaa inaad yarayn karto waxyeelada ka dhalatay kiiskaaga mashiinkaaga inuu ku haleelo Ransomware adiga oo ^(Ransomware)si joogto ah^{(regular backups)} u qaadanaya gurmad . Dhab ahaantii, Microsoft ayaa soo baxday oo dhan waxayna sheegtay in kaydinta ay tahay difaaca ugu fiican ee Ransomware oo ay ku jiraan Cryptolocker.

Weligaa ha gujin xiriiriyeyaasha aan la garanayn, hana soo dejin lifaaqyada ilo aan la garanayn^{(Never click on unknown links or download attachments from unknown sources)}

Tani waa muhiim. Iimaylku^(Email) waa vector caadi ah oo ay adeegsato Ransomware si uu u galo kombayutarkaga. Markaa waligaa ha gujin xidhiidh kasta oo aad u malaynayso inuu u muuqdo mid laga shakisan yahay. Xitaa haddii aad 1% shaki kaa qabto – ha samayn! Isla sidaas oo kale ayaa ku xiran lifaaqyada sidoo kale. Waxaa hubaal ah inaad soo dejisan kartaa lifaaqyada aad ka filayso asxaabta, qaraabada iyo saaxiibada, laakiin aad uga taxdar waraaqaha boostada ee aad ka heli karto xataa asxaabtaada. Sharci yar oo lagu xasuusto xaaladahan oo kale: Haddii aad shaki ku jirto - HA HOOS KA DAAWO^{(If in doubt – DONT)} ! U fiirso taxaddarrada aad sameyneyso marka aad fureyso lifaaqyada iimaylka^{(when opening email attachments)} ama ka hor intaadan gujin xiriirinta shabakadda^{(clicking on web links)} .

RansomSaver waa wax-ku-dar aad u faa'iido badan oo loogu talagalay Muuqaalka^(Outlook) Microsoft kaas oo ogaanaya oo xannibaya iimaylada leh faylalka malware-ka ransomware-ga ah ee ku xiran iyaga.

Muuji kordhinta faylka qarsoon^{(Show hidden file-extension)}

Hal fayl oo u adeega sida marinka loo maro Cryptolocker waa kan lagu magacaabay kordhinta ".PDF.EXE". Malware -ku wuxuu jecel yahay inuu qariyo faylashooda .exe inay yihiin muuqaal aan waxyeello lahayn .pdf . .doc ama .txt faylasha. Haddii aad awood u yeelatid sifada si aad u aragto fidinta faylka oo buuxa, way sahlanaan kartaa in la ogaado faylalka shakiga leh oo meesha ugu horeysa ka tirtirto. Si aad u muujiso kordhinta faylalka qarsoon, samee waxa soo socda:

Furo Control Panel oo raadi Folder Options . Hoosta View tab, ka saar ikhtiyaarka Qari kordhinta noocyada faylalka la yaqaan^{(Hide extensions for known file types)} .

Click Apply > OK.Hadda markaad hubiso faylashaada, magacyada faylka ayaa had iyo jeer la soo bixi doona kordhintooda sida .doc , .pdf , .txt , iwm. Tani waxay kaa caawin doontaa inaad aragto kordhinta dhabta ah ee faylasha.

Disable files running from AppData/LocalAppData folders

Isku day inaad abuurto oo aad dhaqangeliso sharciyada gudaha Windows , ama isticmaal qaar ka mid ah Software Prevention Software , si aad u diido dabeecad gaar ah, oo caan ah oo ay isticmaalaan dhowr Ransomware , oo ay ku jiraan Cryptolocker , si ay uga shaqeyso fulisa xogta App-^{(App Data)} ka ama galka xogta App-ka gudaha^{(Local App Data)} . Qalabka Ka-hortagga Cryptolocker^{(Cryptolocker Prevention Kit)} waa aalad uu sameeyay Heerka Saddexaad^{(Third Tier)} kaas oo otomaatig u ah habka samaynta Siyaasadda Kooxda^{(Group Policy)} si loo joojiyo faylalka ka socda Xogta App-^{(App Data)} ka iyo faylalka Xogta App-ka Maxalliga ah^{(Local App Data)} , iyo sidoo kale curyaaminta faylasha la fulin karo ee ka socda Temp -ka^(Temp)tusaha adeegyada kala duwan ee siibka laga furo.

Codsiga liis garaynta^{(Application whitelisting)}

Liistada caddaynta codsigu waa dhaqan wanaagsan oo inta badan maamulayaasha IT ay shaqaaleeyaan si ay uga hortagaan faylalka ama barnaamijyada fulinta ee aan la oggolayn inay ku shaqeeyaan nidaamkooda. Markaad tan sameyso, software kaliya oo aad liis garaysay ayaa loo oggolaan doonaa inuu ku shaqeeyo nidaamkaaga, taas oo keentay, faylalka fulinta aan la garanayn, malware ama ransomware kaliya ma awoodi doonaan inay shaqeeyaan. Eeg sida loo caddeeyo barnaamijka .

Dami SMB1^{(Disable SMB1)}

SMB ama Block Message ee Server^{(Server Message Block)} waa hab-maamuuska faylka wadaaga ee shabakada loogu talagalay wadaaga faylasha, daabacayaasha, iwm, ee u dhexeeya kombuyuutarrada. Waxaa jira saddex nooc oo kala ah – Server Message Block ( SMB ) nooca 1 ( SMBv1 ), nooca SMB 2 ( SMBv2 ), iyo SMB version 3 ( SMBv3 ). Waxaa lagugula talinayaa inaad joojiso SMB1 sababo ammaan dartood.

Isticmaal AppLocker^{(Use AppLocker)}

Isticmaal^(Use) sifada ku dhex jirta Windows AppLocker si aad uga ilaaliso Isticmaalayaasha rakibaadda ama socodsiinta Apps Store ee Windows^{(prevent Users from installing or running Windows Store Apps )} iyo si aad u xakamayso software-ka ay tahay inuu shaqeeyo . Waxaad u habeyn kartaa qalabkaaga si waafaqsan si aad u yareyso fursadaha caabuqa ' Cryptolocker ransomware'.

Waxa kale oo aad u isticmaali kartaa si aad u yarayso ransomware adiga oo xannibaya fulinta aan saxeexin, meelaha ransomware sida:

• <users profile> AppDataLocalTemp
• \AppData\Local\Temp\ *
• AppDataLocalTemp**

Boostada ayaa kuu sheegi doonta sida loo abuuro shuruuc AppLocker^{(create rules with AppLocker)} si loo fuliyo, iyo codsiyada liiska caddeeya.

Isticmaalka EMET^{(Using EMET)}

Qalabka Khibrad -yaraynta La Wanaajiyey waxay ka ilaalisaa kombuyuutarrada Windows weerarrada internetka iyo faa'iidooyinka aan la garanayn. Waxay ogaataa oo ay xannibtaa farsamooyinka dhiig-miirashada ee sida caadiga ah loo isticmaalo si looga faa'iidaysto nuglaanta musuqmaasuqa xusuusta. Waxay ka hortagtaa faa'iidooyinka ka soo tuurista Trojan , laakiin haddii aad gujiso fur faylka, ma awoodi doonto inay ku caawiso. CUSBOONAYSIINTA^(UPDATE) : Qalabkan lama heli karo hadda. Windows 10 Cusboonaysiinta abuurayaasha^{(Creators Update)} dhicitaanka waxaa ku jiri doona EMET oo ah qayb ka mid ah Difaaca Windows^{(Windows Defender)} , markaa isticmaalayaasha OS-kan uma baahna inay isticmaalaan.

Ilaali MBR

Ku ilaali Diiwaanka Bootka Master^{(Master Boot Record)} -ka ee kombuyutarkaaga sifeeye MBR^{(MBR Filter)} .

Deki borotokoolka fog ee Desktop^{(Disable Remote Desktop Protocol)}

Inta badan Ransomware , oo ay ku jiraan Cryptolocker malware, waxay isku dayaan inay galaan mashiinnada bartilmaameedka ah iyada oo loo marayo Protocol Remote Desktop^{(Remote Desktop Protocol)} ( RDP ), utility Windows kaas oo u oggolaanaya gelitaanka mashiinkaaga meel fog. Markaa, haddii aad hesho RDP oo aan faa'iido kuu lahayn, dami desktop-ka fog^{(disable remote desktop)} si aad mashiinkaaga uga ilaaliso File Coder iyo faa'iidooyinka kale ee RDP .

Dami martigeliyaha qoraalka Daaqadaha^{(Disable Windows Scripting Host)}

Malware iyo qoysaska madaxfurasho waxay inta badan isticmaalaan WSH si ay u socodsiiyaan faylasha .js ama .jse si ay u saameeyaan kombiyuutarkaaga. Haddi aanad isticmaalin sifadan, waxa aad gabyi kartaa Windows Scripting Host si aad amaan ugu ahaato.

Isticmaal qalabka ka hortagga ama saarista Ransomware^{(Use Ransomware prevention or removal tools)}

Isticmaal software-ka-hortagga ransomware wanaagsan oo bilaash ah^{(free anti-ransomware software)} . BitDefender AntiRansomware iyo RansomFree waa qaar ka mid ah kuwa wanaagsan. Waxaad isticmaali kartaa RanSim Ransomware Simulator si aad u hubiso in kombayutarkaagu si ku filan loo ilaaliyo.

Kaspersky WindowsUnlocker  waxay noqon kartaa mid faa'iido leh haddii Ransomware uu gebi ahaanba xannibo gelitaanka kombiyuutarkaaga ama xitaa xaddido gelitaanka xulashada hawlaha muhiimka ah, sababtoo ah waxay nadiifin kartaa diiwaanka^(Registry) cudurka qaba ransomware .

Haddii aad aqoonsan karto ransomware-ka , waxa ay wax yar ka dhigi kartaa mid fudud sida aad u isticmaali karto qalabka furashada ransomware ee laga yaabo in uu diyaar u yahay ransomware-kaas gaarka ah.^{(If you can identify the ransomware, it can make things a bit easier as you can use the ransomware decryption tools that may be available for that particular ransomware.)}

Halkan waxaa ah liiska Ransomware Decryptor Tools oo kaa caawin kara inaad furto feylasha.

Isla markiiba ka goo internetka^{(Disconnect from the Internet immediately)}

Haddii aad ka shakisan tahay fayl, dhaqso u dhaqaaq si aad u joojiso xidhiidhkiisa seerfarka C&C ka hor inta aanu dhammaanin sirta faylashaada. Si aad sidaas u sameyso, si fudud iskaga goo naftaada internetka^(Internet) , WiFi ama Shabakaddaada^(Network) isla markaaba, sababtoo ah habka qarsoodiga ah wuxuu qaadanayaa waqti, inkasta oo aadan burin karin saameynta Ransomware , waxaad hubaal ahaan kartaa inaad yareyso dhaawaca.

Isticmaal System Restore si aad ugu noqoto xaalad nadiif ah oo la yaqaan^{(Use System Restore to get back to a known-clean state)}

Haddii aad leedahay System Restore oo ku shaqeeya mashiinka Windows -ka, kaas oo aan ku adkaysanayo inaad haysato, isku day inaad nidaamkaaga dib ugu soo celiso xaalad nadiif ah oo la yaqaan. Kani maaha hab nacasnimo-caddayn ah, si kastaba ha ahaatee, xaaladaha qaarkood, way ku caawin kartaa.

Dib u deji saacadda BIOS^{(Set the BIOS clock back)}

Inta badan Ransomware , oo ay ku jiraan Cryptolocker , ama FBI Ransomware , waxay bixiyaan kama dambays ama waqti xaddidan oo aad ku bixin karto gudahooda. Haddii la kordhiyo, qiimaha furaha furaha si weyn ayuu kor ugu kici karaa, xitaa ma gorgortami kartid. Waxa aad ugu yaraan isku dayi karto waa "garaaca saacadda" adiga oo dib u dejinaya saacadda BIOS ka hor inta uusan daaqadda kama dambaysta ah dhicin. ^(BIOS)Meesha kaliya ee loo maro, marka dhammaan tabaha ay ku fashilmaan maadaama ay kaa hor istaagi karto inaad bixiso qiimaha sare. Inta badan ransomware-ku waxay ku siinayaan 3-8 maalmood waxayna dalban karaan xataa ilaa USD 300 ama ka badan furaha faylalka xogtaada ee qufulan.

Iyadoo inta badan kooxaha lala beegsaday Ransomware ay ku sugnaayeen Mareykanka iyo UK, ma jiro wax xaddidan oo juquraafi ah. Qof kasta waa uu saameyn karaa - oo maalin kasta oo dhaafto, aad iyo aad u badan ayaa la ogaadaa ransomware malware . Markaa qaado tillaabooyin aad uga hortagayso Ransomware inuu galo kombayutarkaga. Maqaalkani waxa uu wax yar ka hadlayaa Weerarada Ransomware & FAQ^{(Ransomware Attacks & FAQ)} .
^{(While most of the targeted groups by Ransomware have been in the US and the UK, there exists no geographical limit. Anyone can be affected by it – and with every passing day, more and more ransomware malware is being detected. So take some steps to prevent Ransomware from getting onto your computer. This post talks a little more about Ransomware Attacks & FAQ.)}

Hadda akhri: ^{(Now read:)} Waxa la sameeyo ka dib weerarka Ransomware^{(What to do after a Ransomware attack)} .

How to protect against and prevent Ransomware attacks & infections

This Ransomware prevention & protection guide takes a look at Ransomware prevention and the steps yoυ can take to block & prevent Ransomware, the new malwarе which making nеws all аround for the wrong reasons.

Time and again we learn about threats, and new variants of malware such as Ransomware that pose a danger to computer users. The ransomware virus locks access to a file or your computer and demands that a ransom be paid to the creator for regaining access, usually allowed via either an anonymous pre-paid cash voucher or Bitcoin. One specific ransomware threat that has managed to attract attention in recent times, is Cryptolocker, apart from FBI ransomware, Crilock & Locker.

The specialty of the ransomware is that it may come on its own (often by email) or by way of a backdoor or downloader, brought along as an additional component. Your computer could get infected with ransomware, when you click on a malicious link in an email, an instant message, a social networking site or in a compromised website – or if you download and open a malicious email attachment.  Moreover, like a notorious virus, it may go undetected by most antivirus programs. And even if your antivirus software is able to remove the ransomware, many a time, you will just be left with a bunch of locked files and data!

How to prevent Ransomware

While the situation is worrisome and the outcome is fatal in most cases if you fail to comply with the malware author’s rules – since the encrypted files can be damaged beyond repair – you can take certain preventive measures to keep the problem at bay. You can prevent ransomware encryption! Let us see some of the Ransomware prevention steps you can take. These steps can help you block & prevent Ransomware.

Updated OS & security software

Goes without saying that you use a fully updated modern operating system like Windows 10/8/7, a good antivirus software or an Internet Security Suite and an updated secure browser, and an updated email client. Set your email client to block .exe files.

Malware authors find computer users, who are running outdated versions of OS, to be easy targets. They are known to possess some vulnerabilities which these notorious criminals can exploit to silently get onto your system. So patch or update your software. Use a reputable security suite. It is always advisable to run a program that combines both anti-malware software and a software firewall to help you identify threats or suspicious behavior as malware authors frequently send out new variants, to try to avoid detection. You might want to read this post on Ransomware tricks & Browser behaviors.

Read about Ransomware protection in Windows 10.

Back up your data

You can certainly minimize the damage caused in the case of your machine getting infected with Ransomware by taking regular backups. In fact, Microsoft has gone all out and said that backup is the best defense against  Ransomware including Cryptolocker.

Never click on unknown links or download attachments from unknown sources

This is important. Email is a common vector used by Ransomware to get on your computer. So never ever click on any link which you may think looks suspicious. Even if you have a 1% doubt – don’t! The same holds true for attachments too. You can surely download attachments you are expecting from friends, relatives & associates, but be very careful of the mail forwards which you may receive even from your friends. A small rule to remember in such scenarios: If in doubt – DONT! Take a look at the precautions to take when opening email attachments or before clicking on web links.

RansomSaver is a very useful add-in for Microsoft’s Outlook that detects and blocks emails that have ransomware malware files attached to them.

Show hidden file-extension

One file that serves as the entry route for Cryptolocker is the one named with the extension “.PDF.EXE”. Malware like to disguise their .exe files as harmless looking .pdf. .doc or .txt files. If you enable the feature to see the full file extension, it can be easier to spot suspicious files and eliminate them in the first place. To show hidden file extensions, do the following:

Open Control Panel and search for Folder Options. Under the View tab, uncheck the option Hide extensions for known file types.

Click Apply > OK. Now when you check your files, the file names will always appear with their extensions like .doc, .pdf, .txt, etc. This will help you in seeing the real extensions of the files.

Disable files running from AppData/LocalAppData folders

Try to create and enforce rules within Windows, or use some Intrusion Prevention Software, to disallow a particular, notable behavior used by several Ransomware, including Cryptolocker, to run its executable from the App Data or Local App Data folders. The Cryptolocker Prevention Kit is a tool created by Third Tier that automates the process of making a Group Policy to disable files running from the App Data and Local App Data folders, as well as disabling executable files from running from the Temp directory of various unzipping utilities.

Application whitelisting

Application whitelisting is good practice that most IT administrators employ to prevent unauthorized executable files or programs from running on their system. When you do this, only software that you have whitelisted will be allowed to run on your system, as a result of which, unknown executive files, malware or ransomware will just not be able to run. See how to whitelist a program.

Disable SMB1

SMB or Server Message Block is a network file sharing protocol meant for sharing files, printers, etc, between computers. There are three versions – Server Message Block (SMB) version 1 (SMBv1), SMB version 2 (SMBv2), and SMB version 3 (SMBv3). It is recommended that you disable SMB1 for security reasons.

Use AppLocker

Use Windows built-in feature AppLocker to prevent Users from installing or running Windows Store Apps and to control which software should run. You may configure your device accordingly to reduce the chances of Cryptolocker ransomware infection.

You can also use it to mitigate ransomware by blocking executable not signed, in places ransomware like:

• <users profile>\AppData\Local\Temp
• <users profile>\AppData\Local\Temp\*
• <users profile>\AppData\Local\Temp\*\*

This post will tell you how to create rules with AppLocker to an executable, and whitelist applications.

Using EMET

The Enhanced Mitigation Experience Toolkit protects Windows computers against cyber-attacks & unknown exploits. It detects and blocks exploitation techniques that are commonly used to exploit memory corruption vulnerabilities. It prevents exploits from dropping Trojan, but if you click open a file, it will not be able to help. UPDATE: This tool is not available now. Windows 10 Fall Creators Update will include EMET as a part of Windows Defender, so users of this OS need not use it.

Protect MBR

Protect your computer’s Master Boot Record with MBR Filter.

Disable Remote Desktop Protocol

Most Ransomware, including the Cryptolocker malware, tries to gain access to target machines via Remote Desktop Protocol (RDP), a Windows utility that permits access to your desktop remotely. So, if you find RDP of no use to you, disable remote desktop to protect your machine from File Coder and other RDP exploits.

Disable Windows Scripting Host

Malware and ransomware families often make use of WSH to run .js or .jse files to infect your computer. If you have no use for this feature, you can disable Windows Scripting Host to stay safe.

Use Ransomware prevention or removal tools

Use a good free anti-ransomware software. BitDefender AntiRansomware and RansomFree are some of the good ones. You may use RanSim Ransomware Simulator to check if your computer is sufficiently protected.

Kaspersky WindowsUnlocker can be useful if the Ransomware totally blocks access to your computer or even restrict access to select important functions, as it can clean up a ransomware infected Registry.

If you can identify the ransomware, it can make things a bit easier as you can use the ransomware decryption tools that may be available for that particular ransomware.

Here is a list of free Ransomware Decryptor Tools that can help you unlock files.

Disconnect from the Internet immediately

If you are suspicious about a file, act quickly to stop its communication with the C&C server before it finishes encrypting your files. To do so, simply disconnect yourself from the Internet, WiFi or your Network immediately, because the encryption process takes time so although you cannot nullify the effect of Ransomware, you can certainly mitigate the damage.

Use System Restore to get back to a known-clean state

If you have System Restore enabled on your Windows machine, which I insist that you have, try taking your system back to a known clean state. This is not a fool-proof method, however, in certain cases, it might help.

Set the BIOS clock back

Most Ransomware, including Cryptolocker, or the FBI Ransomware, offer a deadline or a time limit within which you can make the payment. If extended, the price for the decryption key can go up significantly, and – you cannot even bargain. What you can at least try is “beat the clock” by setting the BIOS clock back to a time before the deadline hour window is up. The only resort, when all tricks fail as it can prevent you from paying the higher price. Most ransomware offer you a 3-8 days period and may demand even up to USD 300 or more for the key to unlocking your locked data files.

While most of the targeted groups by Ransomware have been in the US and the UK, there exists no geographical limit. Anyone can be affected by it – and with every passing day, more and more ransomware malware is being detected. So take some steps to prevent Ransomware from getting onto your computer. This post talks a little more about Ransomware Attacks & FAQ.

Now read: What to do after a Ransomware attack.

Related posts

• Soo deji Tixraaca Amarka Windows Guide PDF Guide from Microsoft

• Soo dejiso Windows 10 Tilmaamaha Bilowga ah ee Microsoft

• Sida looga beddelo Windows Phone loona beddelo iPhone: Talaabada Hagaha Tallaabo

• Hagaha geynta Microsoft Edge ee Ganacsiga

• Casharrada Microsoft Word ee bilowga ah - Hagaha sida loo isticmaalo

• Ku dar daabace gudaha Windows 10 [GUIDE]

• Sidee ayuu WhatsApp u shaqeeyaa? (Hagaha Bilawga)

• Soo dejiso Windows 10 Tilmaamaha Bilowga ah ee Microsoft

• Sida loo ciyaaro Pokémon Go on PC? (Hagaha Tallaabo-tallaabo ah)

• Hagaha tillaabo-tallaabo si loogu rakibo FFmpeg Windows 10

• Sida Loo Sameeyo Foom Google: Hage Dhamaystiran

• Hagaha Waalidiinta Si Ay Uga Hortagaan vamping Dhallinta

• Sida loo galo BIOS Windows 10 [Hagaha]

• Hage-Tallaabo Tallaabo ah si aad u tirtirto Koontadaada Amazon

• Sida loo tirtiro Win Setup Files gudaha Windows 10 [GUIDE]

• Ku dila habraacyada degdega ah ee ilaha Maareeyaha Hawsha Windows (GUIDE)

• Hagaha Dhamaystiran ee Habaynta Qoraalka Khilaafaadka

• Bfsvc.exe: Ma badbaado baa mise waa Virus? Hagaha in si joogto ah looga saaro

• Hagaaji Ciyaartoyga Shabakadda ee Spotify Aan Shaqeyn (Tallaabo Tallaabo Hagaha)

• 10 siyood oo aad ku kaydin karto xogta taleefankaaga Android [Hagaha]