[問題] 中了勒索病毒可是什麼都沒有被加密

作者: Django (Cython)   2016-08-19 02:58:55
如題
今天下午出門時還沒事
半夜回來我切換到桌面(先前有其他家人在用電腦)
發現中了勒索病毒
NOT YOUR LANGUAGE? USE https://translate.google.com
What happened to your files ?
All of your files were protected by a strong encryption with RSA4096
More information about the encryption keys using RSA4096 can be found here:
http://en.wikipedia.org/wiki/RSA_(cryptosystem)
How did this happen ?
!!! Specially for your PC was generated personal RSA4096 Key , both public
and private.
!!! ALL YOUR FILES were encrypted with the public key, which has been
transferred to your computer via the Internet.
!!! Decrypting of your files is only possible with the help of the private
key and decrypt program , which is on our Secret Server
What do I do ?
So , there are two ways you can choose: wait for a _miracle_ and get _your_
PRICE DOUBLED! Or start obtaining *BITCOIN NOW! , and restore _YOUR_ _DATA_
easy way
If You have really valuable _DATA_, you better _NOT_ _WASTE_ _YOUR_ _TIME_,
because there is _NO_ other way to get your files, except make a _PAYMENT_
Your personal ID: **********************************
For more specific instructions, please visit your personal home page, there
are a few different addresses pointing to your page below:
1 - http://j24o****pgaorlxj.onion.to
2 - http://j24o****pgaorlxj.onion.city
If for some reasons the addresses are not availablweropie, follow these steps:
(網址太多直接拿掉)
可是我再怎麼看 除了桌面被換 多了勒索信的txt跟jpg之外
完全沒有東西被加密啊
桌面 c槽 桌面的資料夾 點進去 文件都是好的 打開也都正常的
究竟是怎麼回事@@
其實我的確沒啥重要文件可以被勒索的 只是現在我有點猶豫要不要重灌...
還是就不理他把桌面換回來 當作沒發生 = =
作者: tsukiyo99 (OωO)   2016-08-19 03:27:00
有的勒索軟體開機還會執行 可以先找一下移除工具或掃毒
作者: bgt5 (ㄧ拳超人)   2016-08-19 10:12:00
可以說一下你覺得是怎麼中這病毒的嗎?
作者: dennisxkimo (Dennis(一上B就糟糕))   2016-08-19 10:38:00
高要求的話 電腦被侵犯過 一般都選擇備份重灌
作者: bgt5 (ㄧ拳超人)   2016-08-19 13:10:00
請問是用ie嗎?有鎖flash嗎?有裝防毒?哪牌?謝謝你的資訊
作者: st20511 (st20511)   2016-08-19 16:41:00
應該是CrypMIC,很像CryptXXX,但只會加密C槽以外的檔案
作者: letni (浮游天眼炮)   2016-08-19 22:09:00
這個我之前有po文 查一下我的文章

Links booklink

Contact Us: admin [ a t ] ucptt.com