所有文件名被修改为原文件名+ID,如Inparams.txt.61C-2C4-004,怎么破?
勒索文本文件内容:
YOUR FILES ARE ENCRYPTED !!!
TO DECRYPT, FOLLOW THE INSTRUCTIONS:
To recover data you need decrypt tool.
To get the decrypt tool you should:
1.In the letter include your personal ID! Send me this ID in your first email to me!
2.We can give you free test for decrypt few files (NOT VALUE) and assign the price for decryption all files!
3.After we send you instruction how to pay for decrypt tool and after payment you will receive a decryption tool!
4.We can decrypt few files in quality the evidence that we have the decoder.
DO NOT TRY TO DO SOMETHING WITH YOUR FILES BY YOURSELF YOU WILL BRAKE YOUR DATA !!! ONLY WE ARE CAN HELP YOU! CONTACT US:
China.Helper@aol.com
ATTENTION !!! THIS IS YOUR PERSONAL ID WICH YOU HAVE TO SEND IN FIRST LETTER:
Your personal ID: 61C-2C4-004
Attention!
* Do not rename encrypted files.
* Do not try to decrypt your data using third party software, it may cause permanent data loss.
* Decryption of your files with the help of third parties may cause increased price (they add their fee to our) or you can become a victim of a scam.
1.您中的属于Buran勒索病毒家族,暂时无解。
2.如果文件不急需,可以备份等我们出解密工具。
3.如果文件急需,可以自行联系黑客
4.若需要排查中毒原因请添加1932948309,并备注被加密文件后缀。
5.更多防护方案和付款细节请参考:https://bbs.360.cn/thread-15858154-1-1.html
页:
[1]