Yuav ua li cas tiv thaiv Windows 10 thiab 11 los ntawm ransomware. Ransomware muaj kev vam meej, tab sis muaj ntau txoj hauv kev uas cov tib neeg thiab cov thawj coj tuaj yeem tiv thaiv lawv lub khoos phis tawj Windows 10 thiab 11. Ntawm no yog yuav ua li cas.
Cryptolocare. Kuv xav tau koj. Sab tsaus ntuj. Conti. Medusa Locker. Qhov kev hem thawj ransomware yuav tsis ploj mus yuav luag; Cov xov xwm coj cov lus ceeb toom tsis tu ncua ntawm cov nthwv dej tshiab ntawm hom phem ntawm malware kis thoob plaws ntiaj teb. Nws yog nrov nyob rau hauv loj vim hais tias ntawm cov attackers 'tam sim no nyiaj txiag payoff: nws ua hauj lwm los ntawm encrypting cov ntaub ntawv nyob rau hauv koj lub hard drive, ces xav kom koj them tus nqe txhiv, feem ntau nyob rau hauv bitcoin los yog lwm yam cryptocurrency, decrypt lawv.
Tab sis koj tsis tas yuav yog neeg raug tsim txom. Muaj ntau yam uas Windows 10 thiab 11 cov neeg siv tuaj yeem ua los tiv thaiv lawv tus kheej los ntawm nws. Hauv tsab xov xwm no, kuv yuav qhia koj yuav ua li cas kom koj tus kheej muaj kev nyab xeeb, suav nrog kev siv cov cuab yeej built-in Windows anti-ransomware.
(Cov thawj coj saib, saib "Yuav ua li cas koj lub tuam tsev IT xav paub txog ransomware thiab Windows" kawg ntawm kab lus no.)
Kab lus no xav tias koj twb tau ua tib zoo ceev faj tiv thaiv malware feem ntau, suav nrog kev khiav tawm software anti-malware thiab tsis txhob rub tawm cov ntawv txuas lossis nyem cov txuas hauv email los ntawm cov neeg xa tsis paub thiab email uas zoo li tsis txaus ntseeg. Kuj tseem nco ntsoov tias tsab xov xwm no tau hloov kho rau Windows 10 Kaum Ib Hlis 2021 Hloov Kho (Version 21H2) thiab Windows 11 Lub Kaum Hli 2021 Hloov Kho (Version 21H2). Yog tias koj muaj qhov ua ntej ntawm Windows 10, qee yam yuav txawv.
Siv cov ntaub ntawv tswj tau nkag
Microsoft mob siab txaus txog ransomware uas lawv tau tsim ib qho yooj yim-rau-configure anti-ransomware cuab tam ncaj qha rau hauv Windows 10 thiab Windows 11. Hu rau Controlled Folder Access, nws tiv thaiv koj los ntawm kev tso cai tsuas yog muaj kev nyab xeeb thiab tag nrho vetted apps nkag mus rau koj cov ntaub ntawv. Kev hla ntawm cov ntawv thov tsis paub lossis paub txog kev hem thawj malware tsis raug tso cai.
Los ntawm lub neej ntawd, lub feature tsis qhib, yog li yog tias koj xav tiv thaiv koj tus kheej los ntawm ransomware, koj yuav tau qhia nws kom pib ua haujlwm. Koj tuaj yeem hloov kho raws nraim li nws ua haujlwm los ntawm kev ntxiv cov apps tshiab rau hauv daim ntawv teev npe dawb ntawm cov kev pab cuam uas muaj kev nkag mus rau cov ntaub ntawv, thiab ntxiv cov folders tshiab ntxiv rau cov folders koj tiv thaiv los ntawm lub neej ntawd.
Txhawm rau khiav nws, koj yuav tsum nkag mus rau Windows Security. Muaj ob peb txoj hauv kev nkag mus rau nws hauv Windows 10 thiab Windows 11:
- Nyem lub xub xub nyob rau sab laug ntawm lub taskbar, tom qab ntawd nyem lub Windows Security icon - daim ntaub thaiv.
- Nyem Pib> Chaw Txhawm rau qhib qhov chaw app, tom qab ntawd xaiv Hloov tshiab & Kev Ruaj Ntseg> Windows Security Hauv Windows 10 lossis Tsis pub twg paub & Kev Ruaj Ntseg> Windows Security Hauv Windows 11.
- Siv Windows tshawb nrhiav. Hauv Windows 10, lub thawv tshawb nrhiav nyob rau hauv lub luag haujlwm ntawm ib sab ntawm lub pob pib. Hauv Windows 11, nyem qhov tshawb nrhiav icon ntawm lub taskbar kom qhib qhov tshawb nrhiav pane. Hom windows kev ruaj ntseg hauv lub thawv tshawb nrhiav tom ntej thiab xaiv Windows ruaj ntseg ntawm qhov tshwm sim.
Hauv Windows Security, xaiv Kev tiv thaiv los ntawm kab mob thiab phom sij . Scroll down mus rau Ransomware Protection section thiab nyem Ransomware Protection Department . Los ntawm qhov screen uas tshwm, nyob rau hauv Control Folder Access, toggle tus hloov mus rau يل . Koj yuav tau txais ib qho lus nug yog tias koj xav hloov pauv. Nyem "Yog" .
Koj yuav tsum tsis txhob tso nws ntawm qhov ntawd thiab xav tias muaj kev nyab xeeb xwb, vim tias muaj qhov ua tau tias koj muaj cov folders uas koj xav tiv thaiv thiab cov yam ntxwv tsis quav ntsej lawv. Los ntawm lub neej ntawd, nws tiv thaiv Windows system folders (thiab cov folders hauv qab lawv) zoo li C:\Users\ UserName \ Cov ntaub ntawv , nyob qhov twg UserName Nws yog koj lub npe siv Windows. Ntxiv rau Cov Ntaub Ntawv, Windows system folders suav nrog Desktop, Music, Duab, thiab Yeeb yaj duab.
Tab sis tag nrho koj lwm cov folders yog kev ua si ncaj ncees rau txhua tus ransomware uas ua rau nws txoj hauv kev rau koj lub computer. Yog li yog tias koj siv Microsoft's OneDrive huab cia, piv txwv li, ib qho OneDrive folders thiab cov ntaub ntawv hauv koj lub computer tsis muaj kev tiv thaiv. Xav txog Microsoft tab tom sim txav txhua tus nws tuaj yeem mus rau OneDrive, qhov ntawd yog qhov xav tsis thoob.
Ntxiv cov folders koj xav tiv thaiv, nyem rau ntawm qhov txuas Tiv thaiv folders uas tshwm tom qab koj qhib Controlled Folder Access. Ib qho lus nug tshwm sim yog tias koj xav hloov pauv. Nyem "Yog" . Nyem lub khawm ntxiv ib daim ntawv tiv thaiv " nyob rau sab saum toj ntawm daim ntawv teev cov folders tiv thaiv uas tshwm, tom qab ntawd los ntawm qhov screen uas tshwm rau cov ntawv tais ceev tseg koj xav tiv thaiv thiab coj mus rhaub “select folder” .
Khaws ntxiv folders li no. Nco ntsoov tias thaum koj ntxiv ib daim nplaub tshev, tag nrho cov folders hauv qab nws kuj raug tiv thaiv. Yog li yog tias koj ntxiv OneDrive, piv txwv li, tsis tas yuav ntxiv tag nrho cov folders hauv qab nws.
(Faj seeb: Nyob ntawm koj lub version ntawm OneDrive, koj tuaj yeem rov qab tau OneDrive cov ntaub ntawv, txawm tias koj tsis tswj lawv los ntawm kev nkag mus rau Cov Ntaub Ntawv Tswj. Kom paub meej, saib Microsoft cov ntaub ntawv" Rov qab deleted cov ntaub ntawv lossis folders hauv OneDrive . ")
Yog tias thaum twg los xij koj txiav txim siab tshem tawm ib daim nplaub tshev, rov qab mus rau Cov Ntawv Tiv Thaiv Folders, coj mus rhaub cov ntawv tais ceev tseg koj xav tshem tawm, thiab tom qab ntawd coj mus rhaub Tshem tawm . Nco ntsoov tias koj yuav tsis tuaj yeem tshem tawm ib qho ntawm cov kev tiv thaiv Windows system folders thaum lub feature qhib. Koj tsuas tuaj yeem tshem tawm cov uas koj tau ntxiv.
Microsoft txiav txim siab seb daim ntawv thov twg yuav tsum raug tso cai nkag mus rau cov folders tiv thaiv, thiab qhov tsis txaus ntseeg ntawm lawv yog Microsoft Office. Microsoft tsis tau tshaj tawm cov npe ntawm cov ntawv tso cai, yog li txiav txim siab ua kom tso cai rau cov apps uas koj ntseeg siab nkag mus rau koj cov ntaub ntawv.
Txhawm rau ua qhov no, rov qab mus rau qhov screen uas koj tau qhib Controlled Folder Access thiab coj mus rhaub Tso cai rau ib qho app kom tswj tau nkag mus rau hauv daim nplaub tshev . Ib qho lus nug tshwm sim yog tias koj xav hloov pauv. Nyem "Yog" . Los ntawm qhov screen uas tshwm, coj mus rhaub Ntxiv ib qho app tso cai , mus rau cov ntaub ntawv executable ntawm qhov kev pab cuam koj xav ntxiv, thiab nyem qhib , ces paub meej tias koj xav ntxiv cov ntaub ntawv. Raws li nrog ntxiv cov folders rau daim ntawv teev cov folders tiv thaiv, koj tuaj yeem tshem tawm daim ntawv thov los ntawm kev rov qab mus rau qhov screen no, nyem rau ntawm daim ntawv thov koj xav tshem tawm, thiab tom qab ntawd nyem Tshem tawm .
Tswv yim: Yog tias koj tsis paub meej qhov twg cov ntaub ntawv ua tiav ntawm cov kev pab cuam koj xav ntxiv rau hauv daim ntawv teev npe dawb, nrhiav lub npe ntawm cov ntawv tais ceev tseg nrog cov kev pab cuam lub npe hauv Windows\Program Files lossis Windows\Program Files (x86) folders , ces nrhiav ib tug executable nyob rau hauv uas vol.
Ua ib qho thaub qab ... tab sis ua qhov yog
Tag nrho cov ntsiab lus ntawm ransomware yog tuav koj cov ntaub ntawv raug kaw kom txog thaum koj them nyiaj los qhib lawv. Yog li ib qho ntawm qhov zoo tshaj plaws ransomware tiv thaiv txoj kev yog thaub qab koj cov ntaub ntawv. Txoj kev no, tsis tas yuav them tus nqe txhiv, vim tias koj tuaj yeem yooj yim kho koj cov ntaub ntawv los ntawm thaub qab.
Tab sis thaum nws los txog rau ransomware, tsis yog txhua qhov thaub qab tau tsim sib npaug. Koj yuav tsum ceev faj txog kev xaiv cov cuab yeej thaub qab thiab kev pabcuam zoo. Nws yog ib lub tswv yim zoo los siv huab cia thiab kev pabcuam thaub qab es tsis yog thaub qab mus rau lub tsav txuas nrog koj lub computer. Yog hais tias koj backup rau ib tug tsav txuas nrog koj lub computer, thaum koj lub computer yog kis nrog ransomware, lub backup tsav yuav zoo li yuav encrypted nrog rau lwm yam disks nyob rau hauv los yog txuas nrog koj lub computer.
Nco ntsoov tias koj cov huab-raws li kev khaws cia thiab thaub qab siv version - uas yog, nws khaws tsis tau tsuas yog tam sim no ntawm txhua yam ntawm koj cov ntaub ntawv, tab sis yav dhau los version thiab. Txoj kev no, yog tias qhov tseeb version ntawm koj cov ntaub ntawv tau kis tus kab mob, koj tuaj yeem rov qab los ntawm cov ntawv dhau los.
Feem ntau cov kev pabcuam thaub qab thiab khaws cia, suav nrog Microsoft OneDrive, Google Drive, Carbonite, Dropbox, thiab ntau ntxiv, siv cov qauv. Nws yog ib lub tswv yim zoo kom paub txog cov versioning feature ntawm txhua qhov kev pabcuam koj siv tam sim no, yog li koj tuaj yeem yooj yim rov qab cov ntaub ntawv hauv jiffy.
Tau txais kev tiv thaiv ransomware dawb
Txhua qhov kev pab cuam tiv thaiv malware suav nrog kev tiv thaiv kev tiv thaiv ransomware, tab sis muaj ntau cov kev pab cuam uas cog lus tshwj xeeb rau lub hom phiaj ransomware. Ib tug lej ntawm lawv tau them, tab sis kuj tseem muaj qee qhov kev xaiv pub dawb, zoo li cov uas kuv sau ntawm no.
Bitdefender muaj Cov cuab yeej decryption dawb uas tuaj yeem qhib koj cov ntaub ntawv Yog tias koj raug tawm tsam los ntawm ransomware thiab tus nqe txhiv yog khaws cia. Lawv tsuas tuaj yeem decrypt cov ntaub ntawv uas tau encrypted siv qee qhov chaw lossis tsev neeg ntawm ransomware, suav nrog REvil/Sodinokibi, DarkSide, MaMoCrypt, WannaRen, thiab ntau lwm tus. Kaspersky muaj qhov program Anti-ransomware dawb Rau cov neeg siv hauv tsev thiab kev lag luam, txawm hais tias muaj kev txwv ntawm cov khoom siv uas koj tuaj yeem siv rau ntawm nws.
nyob kom raug
Microsoft tsis tu ncua tso tawm thaj ua rau thaj chaw ruaj ntseg rau Windows 10 thiab Windows 11, thiab lawv tau thov cia li ntawm Windows Update. Tab sis yog tias koj hnov txog ransomware tshwm sim, tsis txhob tos Windows Update kom khiav - koj yuav tsum tau txais qhov hloov tshiab ntawm koj tus kheej tam sim ntawd kom koj tiv thaiv ASAP. Thiab nws tsis yog qhov hloov tshiab Windows xwb uas koj xav tau. Koj kuj xav kom paub tseeb tias Windows Security, Microsoft's built-in anti-malware cuab tam, muaj qhov tseeb anti-malware txhais.
Txhawm rau ua ob qho tib si hauv Windows 10, mus rau Chaw> Hloov Kho & Ruaj Ntseg> Windows Hloov Kho thiab nias lub . khawm Tshawb xyuas qhov hloov tshiab . Hauv Windows 11, mus rau Chaw> Windows Update thiab nias lub . khawm Tshawb xyuas qhov hloov tshiab . (Yog tias cov kev hloov tshiab twb tau tos koj lawm, koj yuav pom lawv teev tsis yog khawm Tshawb xyuas qhov hloov tshiab .) Yog tias Windows pom qhov hloov tshiab, nws nruab lawv. Yog tias nws yuav tsum tau rov pib dua, nws yuav qhia rau koj.
Tsis tsuas yog koj yuav tsum txhawj xeeb txog Windows nyob patched, tab sis lwm yam kev pab cuam thiab. Yog tias koj siv cov software anti-malware uas tsis yog Windows Security, xyuas kom tseeb tias nws thiab nws cov ntsiab lus malware yog hloov tshiab.
Lwm yam software ntawm koj lub computer yuav tsum tau hloov kho. Yog li xyuas seb txhua qhov software hloov kho li cas thiab xyuas kom txhua qhov hloov kho tsis tu ncua.
Disable Macros hauv Microsoft Office
Ransomware tuaj yeem kis tau Ntawm Macros hauv Office Files , yog li koj yuav tsum tua nws kom nyab xeeb. Microsoft tam sim no lov tes taw nws los ntawm lub neej ntawd, tab sis qhov ntawd tsis tas txhais tau tias nws tau muab tua hauv koj li Office of Office, nyob ntawm seb koj tau nruab nws thiab seb koj puas tau hloov kho nws. Txhawm rau tua nws, thaum koj nyob hauv Office app, xaiv Cov ntaub ntawv> Kev Xaiv> Trust Center> Trust Center Chaw thiab xaiv ib qho Disable tag nrho cov ntawv ceeb toom macro أو Disable tag nrho macros yam tsis tau ceeb toom . Yog tias koj lov tes taw lawv nrog kev ceeb toom, thaum koj qhib cov ntaub ntawv, koj yuav tau txais cov lus ceeb toom tias macros yog neeg xiam thiab tso cai rau koj khiav lawv. Tsuas yog khiav nws yog tias koj paub tseeb tias nws yog los ntawm qhov chaw nyab xeeb thiab txhim khu kev qha.
Dab tsi koj lub tuam tsev IT xav paub txog ransomware thiab Windows
Muaj ntau yam uas IT tuaj yeem ua kom cov tuam txhab tsis muaj ransomware. Qhov pom tseeb tshaj plaws: siv qhov tseeb kev ruaj ntseg thaj ua rau thaj tsis yog rau txhua lub khoos phis tawj hauv kev lag luam, tab sis rau tag nrho cov servers thiab lwm yam khoom siv hauv qib kev lag luam.
Qhov no yog qhov pib xwb. Koj lub tuam tsev IT yuav tsum tau lov tes taw SMB1 Windows networking raws tu qauv uas paub tias tsis muaj kev nyab xeeb. Ntau qhov kev tawm tsam ransomware tau kis mus rau 30-xyoo-laus raws tu qauv; Txawm tias Microsoft hais tias tsis muaj leej twg yuav tsum tau siv nws.
Qhov xwm zoo yog tias Windows 1709 version 10, tso tawm thaum Lub Kaum Hli 2017, thaum kawg tau tshem ntawm SMB1. (Nws tsis yog nyob rau hauv Windows 11 ib yam nkaus.) Tab sis qhov ntawd tsuas yog rau cov khoos phis tawj uas muaj kev txhim kho huv ntawm version 1709 lossis tom qab ntawd, suav nrog cov tshiab uas tau tawm los lawm. Cov khoos phis tawj qub uas tau hloov kho los ntawm yav dhau los versions ntawm Windows tseem muaj cov txheej txheem tsim.
Muaj ntau qhov chaw uas koj lub tuam tsev IT tuaj yeem mus tau txais kev pab los tua nws. Qhov chaw zoo pib yog Kev ruaj ntseg zoo tshaj plaws Cov ntaub ntawv rau kev lag luam me thiab nruab nrab Los ntawm US-CERT, ua haujlwm los ntawm US Department of Homeland Security. Nws pom zoo kom tsis txhob siv SMB1, tom qab ntawd "txhim kho txhua yam ntawm SMB ntawm thaj tsam network los ntawm kev thaiv TCP chaw nres nkoj 445 nrog cov txheej txheem cuam tshuam ntawm UDP chaw nres nkoj 137-138 thiab TCP chaw nres nkoj 139, rau tag nrho cov khoom siv ciam teb."
Advance Microsoft Support tsab xov xwm” Yuav ua li cas ntes, pab thiab lov tes taw SMBv1, SMBv2, thiab SMBv3 hauv Windows Paub meej txog yuav ua li cas tua cov txheej txheem. Nws pom zoo kom tua SMB1 thaum ua kom SMB2 thiab SMB3 ua haujlwm, thiab tsuas yog ua rau lawv tsis ua haujlwm rau kev daws teeb meem ib ntus. Rau qhov tseeb, cov ncauj lus kom ntxaws txog kev kaw SMB1, mus rau Microsoft TechNet tsab xov xwm " Disable SMB v1 nyob rau hauv ib puag ncig tswj kev siv Pawg Txoj Cai . "
Cov thawj coj tuaj yeem siv Controlled Folder Access (sib tham ua ntej hauv tsab xov xwm no) kom txwv tsis pub ransomware los ntawm encrypting cov ntaub ntawv thiab folders ntawm cov khoos phis tawj nrog Windows 11 lossis Windows 10 version 1709 lossis tom qab ntawd. Lawv tuaj yeem siv Pawg Tswj Xyuas Txoj Cai Tswjfwm Ntiag Tug, Windows Security Center, lossis PowerShell los qhib cov ntawv tswj kev nkag mus rau cov neeg siv hauv lub network, kho cov folders twg los tiv thaiv, thiab tso cai rau cov ntawv thov ntxiv kom nkag mus rau cov folders uas tsis yog Microsoft lub chaw teeb tsa. Rau cov lus qhia, mus rau Microsoft tsab xov xwm " Qhib tswj kev nkag mus rau folder "tig nws rau, thiab rau" Customize Controlled Access rau Folder Customize cov folders los tiv thaiv thiab cov apps twg tso cai rau kev khiav tsheb.
Ib qho teeb meem muaj peev xwm nrog kev tswj cov ntawv tais ceev tseg yog tias nws tuaj yeem thaiv cov ntawv thov uas cov neeg siv feem ntau siv los ntawm kev nkag mus rau folders. Yog li Microsoft pom zoo kom siv hom kev tshuaj xyuas ua ntej, saib seb yuav muaj dab tsi tshwm sim thaum koj qhib Folder Access Control. Yog xav paub ntxiv txog yuav ua li cas, mus rau Documentation. Kev Ntsuam Xyuas Kev Tiv Thaiv Los ntawm Microsoft.
Raws li tau hais los saum no, Office macro tuaj yeem kis tau ransomware. Microsoft tam sim no thaiv macros rub tawm hauv Is Taws Nem los ntawm lub neej ntawd, tab sis kom muaj kev nyab xeeb, IT yuav tsum siv Pawg Txoj Cai los thaiv lawv. Rau cov lus qhia yuav ua li cas ua qhov no, mus rau " Thaiv khiav macros hauv Office cov ntaub ntawv los ntawm Is Taws Nem Hauv Microsoft cov ntaub ntawv Macros yuav raug thaiv los ntawm Is Taws Nem los ntawm lub neej ntawd hauv Office "thiab" Pab cov neeg siv nyob nyab xeeb: Thaiv internet macros los ntawm lub neej ntawd hauv kev tshaj tawm Office Blog".
lus kawg
Cov xov xwm zoo hauv txhua qhov no: Windows 10 thiab Windows 11 muaj cov yam ntxwv tshwj xeeb los tiv thaiv ransomware ua hauv. Ua raws li cov lus qhia peb tau piav qhia ntawm no los tiv thaiv ransomware hem.
