[勒索病毒]一開電腦發現win10所有檔案變了圖標(變了icon), 發現所有電腦檔夾內有README.html (ALL YOUR DOCUMENTS PHOTOS DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED!), 需要聯絡駭客聯得勒索病毒解密工具(不是NAS勒索病毒), 中了windows 的勒索病毒
問題:
`
一開電腦發現win10所有檔案變了圖標(變了icon), 發現所有電腦檔夾內有README.html (ALL YOUR DOCUMENTS PHOTOS DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED!), 需要聯絡駭客獲得勒索病毒解密工具(不是NAS勒索病毒), 其實是中了windows 的勒索病毒
README.html內容如下
`
ALL YOUR DOCUMENTS PHOTOS DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED!
Your files are NOT damaged! Your files are modified only. This modification is reversible.
The only 1 way to decrypt your files is to receive the private key and decryption program.
Any attempts to restore your files with the third party software will be fatal for your files!
To receive the private key and decryption program follow the instructions below
Download ‘Tor Browser’ from httpswww.torproject.org and install it.
In the ‘Tor Browser’ open your personal page here
http32c4e2a8exxxxxxxxxxxxbaqb.hgtp5sflyk5k42v33gm25t3jfkgzz2rs65ck5at23a5oxxxxxxyd.onionoflmbaqb
Note! This page is available via ‘Tor Browser’ only.
Also you can use temporary addresses on your personal page without using ‘Tor Browser’
http 32c4e2a8eafxxxxxxxxxxxxxaqb.aimnew.pwoflmbaqb
http 32c4e2a8eafxxxxxxxxxxxxxaqb.tiesand.onlineoflmbaqb
http 32c4e2a8eafxxxxxxxxxxxxxaqb.lovecan.funoflmbaqb
http32c4e2a8eafxxxxxxxxxxxxxaqb.hasdesk.siteoflmbaqb
Note! There are temporary addresses! They will be available for a limited amount of time!
解決方法
需要聯絡駭客獲得勒索病毒解密工具, 很久沒有見到windows10勒索病毒;
1. 所有檔案變了公仔 (ICON);
2. 輸入程式、資料夾、檔網際網絡資源的名稱,Windows會自動開啓,後綴名為:查詢.docx.oflmbaqb,點擊確定;
3.內容提示您的所有檔、照片、數據庫和其他檔都已加密;
4. 勒索內容需要您5天內支付費用;
5. 不要講價;
6.解密程式需要聯絡駭客獲得解密工具;
7. 注意!
不要重命名加密檔。
不要試圖使用第三方軟體解密您的數據,這可能會導致永久性的數據丟失。
提醒客戶朋友,做好數據備份工作,以防不測。我們提供專業極具性價比的防勒索數據備份解決方案,已經成功為眾多客戶數據安全保駕護航。