Nhiều files bị encrypted

Nhiều files bị encrypted

Sự việc được phát hiện lúc 10:30 hôm nay: 26-12-18. Lúc mình định mở ổ C để đến Windows > Winsxs> x86 để Scan bằng CMC. Chưa kịp mở thì màn hình có sự lạ: Nhìn kỷ thấy có hàng chữ màu đỏ thông báo nhiều file đã bị mã hóa...

Các file "txt" bị thêm ".emwsv" hoặc bị thêm ".qymzyvutzn".

Kèm theo lời "dụ dỗ" mua key để giải mã các file bị mã hóa.

---= GANDCRAB V5.0.4 =---

***********************UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED***********************

*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE ARE DECRYPTION ERRORS*****

Attention!

All your files, documents, photos, databases and other important files are encrypted and have the extension: .EMWESV

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/

| 1. Install Tor browser

| 2. Open Tor Browser

| 3. Open link in TOR browser: http://gandcrabmfe6mnef.onion/ab0a07ec58580423

| 4. Follow the instructions on this page

----------------------------------------------------------------------------------------

Bạn nào có kiến thức và kinh nghiệm về vụ quấy rối này... Xin cứu giúp với !

Chân thành cám ơn.

dvnien đọc được trên trang 2-spyware.com trong bài " How to remove GANDCRAB 5.0.4 ransomware" có lời khuyên thế này:

To remove Gandcrab 5.0.4 ransomware, you should download and install comprehensive security software, bring it up to date, enter Safe Mode with Networking and perform a full system scan. This should disable the virus temporary and allow the security program to operate correctly.

Only after Gandcrab v5.0.4 elimination, you should attempt file recovery. The latest variant of GandCrab is already decryptable. The tools that you can use are provided in our recovery guide below. Unfortunately, we have been informed that for some victims the decryption tool fails to work. In this case, try third-party methods.