---=== Welcome. Again. ===---
电脑文件全被加密了,留了一个:fo4929gi2i-readme.txt 内容如下:
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension fo4929gi2i.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) Using a TOR browser!
a) Download and install TOR browser from this site: ....<url 不让发>....
b) Open our website: ....<url 不让发>....
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website:....<url 不让发>....
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
k83+DWibR8xNiDE99dqRHEqwdtIJlI5HdzCJbE726mhpC0e20nexQc+adGlxXP6f
GkT1G/wYAmOKX+4ZMpVDlIoAv50BO3HOJ6cUKFID+mNHGbyRC+xaKmJKpSiXdsLB
RT0t3/nUEl5vuPmRFfHkz0v5XU2wtI5Td5b7Kk3hui891uOpeN/yP8yFcuuRCcuC
s3SKtda1U0v4XF9NgeN+r1cPpu04qNmTK8vPiv6usg880L8lOUFN1kllE9FXG2qv
B+JxH8jSEiO82oNTOzfgIPLGTcb5x1+aIlkq7jCPXf9uxv/M62SAGMz5h73K/b6d
yhIE7GsniKB/q8MFOkOWnCsz05xDSf1azcsZBbWZOsfUCI3eJUnsq2uhohrzyidr
x6HFqrPgDgSj+bnVDvdntIOPOlW+DJ4PrssL7fn/5/tZRi+WPvPk2cZ3OCPlfOOC
oKRFUbA5LPejEsZ5Yg6FDbLSVnikNsdNJvtu0AoVdL5PCztZXvss/D943qg2KFTM
C9UYeu5AiY0JwQtkK8Qftcvs5+PQm4LhKquwqDWsiN1lBthv6Kokk8shHpLRbgMd
ursJ+wXF9GdhLCMjsLRUpx6aAGafG/SsL2JQWaKDY7QZvjewpoKTwNzwT72Qd7yb
OotpE4/mDbODmLU8gOylS5S+HgjPQPVftLN54POC2iLHBgTQjgNbAIBUHR+Q6uMD
bE5s9IBagwkfZVZEmLgweR0w2ycSeAQldMVneqz/9MOCKcKnXlQBgKhST72EaLfB
GTW0UYgsdt8b9L1E00xuxiYAs68SgPGeH4l7ItakUy8ntMD/2dV3MfXOrdTJ41cX
zNlzL3FSSSSazcA+1BBVgrzd3gnYJKtntAejhKvZQQ0DhvWMOahMUrLcrV9yJzO/
waY83ew+EPGwZAOmx/iwCkVnwhS2+oGkEXBILy4CM8IH28v504q+L9w0ifAlkFY3
uYop+Cx0tRZiBXqdOEjmFtm+dZc8bgtTR4zhxY9cA2/BCOJQBkzofBe1DJBDzvkP
7o/dF9pqf+E9o2wWYLe6CVm0O3HFnfzUiutHhuv6rP4O55b7Ne4yfIoT/4G74ecs
N7OzVJWce0AZj22OAoSgmcRc7YwC186D+72KeqNb6ViDLtzLR92VxuWCFAEIHcsp
npGtsZkLqq3L8ZMlQSnL3n2bybfFS2bQCPb3oq9/SWW0W/PzGb1W/Bpo+FCWv2mz
vxHkuVX0r7Wa3r8+MtlVzPRpIYXAIvKPdMZigA7hjEQK876jZQWaRGmbqygb6p8s
/84i7ajWGWHBmHx41M5QXx2nlaYNNCb5BioRha/27WRMhDS4oBHaHDf8w+kUZ7Gc
puaqGvTepg0flGXgrwVxVB+XrEvg1+VhXojjstBRIJzRnPIA/uO1OZJfCUEWHD4u
c79jrvs3Ip5B3kDHWett5OjZZUwQ6F8Cnu2mOZUTKvZGxXPj5TDFHjB+5NY1ny6M
oO8ovhO/wy6vWzNT/bw592HicMV4xIVZ2UJ26Ggbrr2ajWJuOu62uAbqs4vfppEF
A19TZB2JnmabE3qEdT8/mD+MmAsRjoOziEgx+NwDakPK1VQMNjcQcA0592c63JwP
dDkW1NGnVgGwuM3xKXR8nt5O12+fDWYKLjF4eDrZ9PIp1x2ckPxDMw==
Extension name:
fo4929gi2i
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!
您好,麻烦您提供下被加密的后缀
追加了后缀: .fo4929gi2i 所以文件都给加了这个后缀 fo4929gi2i 中招前安装的什么防御软件 ? 我也中了这个病毒,只不过后缀不同。是个叫01258.exe的病毒启动的。。用的360。但是,从日志上看,他是通过RDP进入我的电脑的,并且在第一时间把360卸载了。
页:
[1]