卡巴斯基官网
卡巴斯基 kaspersky
- <filename>.<original_extension>.<locked>
- <filename>.<original_extension>.<kraken>
- <filename>.<original_extension>.<darkness>
- <filename>.<original_extension>.<nochance>
- <filename>.<original_extension>.<oshit>
- <filename>.<original_extension>.<oplata@qq_com>
- <filename>.<original_extension>.<relock@qq_com>
- <filename>.<original_extension>.<crypto>
- <filename>.<original_extension>.helpdecrypt@ukr.net
- <filename>.<original_extension>.<pizda@qq_com>
- <filename>.<original_extension>.<dyatel@qq_com>
- <filename>.<original_extension>_crypt
- <filename>.<original_extension>.<nalog@qq_com>
- <filename>.<original_extension>.<chifrator@qq_com>
- <filename>.<original_extension>.<gruzin@qq_com>
- <filename>.<original_extension>.<troyancoder@qq_com>
- <filename>.<original_extension>.<encrypted>
- <filename>.<original_extension>.<cry>
- <filename>.<original_extension>.<AES256>
- <filename>.<original_extension>.<enc>
- <filename>.<original_extension>.<coderksu@gmail_com_id371>
- <filename>.<original_extension>.<coderksu@gmail_com_id372>
- <filename>.<original_extension>.<coderksu@gmail_com_id374>
- <filename>.<original_extension>.<coderksu@gmail_com_id375>
- <filename>.<original_extension>.<coderksu@gmail_com_id376>
- <filename>.<original_extension>.<coderksu@gmail_com_id392>
- <filename>.<original_extension>.<coderksu@gmail_com_id357>
- <filename>.<original_extension>.<coderksu@gmail_com_id356>
- <filename>.<original_extension>.<coderksu@gmail_com_id358>
- <filename>.<original_extension>.<coderksu@gmail_com_id359>
- <filename>.<original_extension>.<coderksu@gmail_com_id360>
- <filename>.<original_extension>.<coderksu@gmail_com_id20>
- <filename>.crypt@india.com.random_characters>
- <filename>.<original_extension>+<hb15>
Trojan-Ransom.Win32.Democry: - <file_name>.<original_extension>+<.date-time$address@domain$.777>
Trojan-Ransom.Win32.Bitman version 3: - <file_name>.<xxx>
- <file_name>.<ttt>
- <file_name>.<micro>
- <file_name>.<mp3>
Trojan-Ransom.Win32.Bitman version 4: - <file_name>.<original_extension> (name and extension are not changed)
For example:
Before: file.doc / After: file.doc.locked
Before: 1.doc / After: 1.dochb15
To regain control over the files encrypted by Trojan-Ransom.Win32.Rakhni, Trojan-Ransom.Win32.Aura, Trojan-Ransom.Win32.Agent.iih, Trojan-Ransom.Win32.Autoit, Trojan-Ransom.AndroidOS.Pletor, Trojan-Ransom.Win32.Rotor, Trojan-Ransom.Win32.Lamer, and Trojan-Ransom.Win32.Cryptokluchen, use the RakhniDecryptor utility developed by Kaspersky Lab specialists.
Trojan-Ransom.Win32.Rakhni的清除工具可以用来清除勒索软件
病毒历经4代发展,包含了以上版本后缀,可以下载卡巴斯基提供的专业清理工具来彻底清除恶意程序.
Download
rakhnidecryptor.exe
百度云盘下载
8xgn
打开 rakhnidecryptor.exe ,在 Kaspersky RakhniDecryptor 窗口,点击 Change parameters 链接
在 Settings 窗口可以选择要处理的对象,硬盘/可移动驱动器/网络驱动器
默认并没有选择网络驱动器和解密后删除文件
Kaspersky RakhniDecryptor 节目点击 Start scan
选择合适的后缀,找到需要处理的解密文件。
Warning! 警告,点击OK。你已经被恶意程序侵袭,还在害怕什么呢?:bubble_funny:
等待处理完成。
具体可以前往 kaspersky 查看