B
Published on
· Last modified on
· Public

电脑txt文件被加密,CryptoWall敲诈那些事

QQ浏览器打开选项卡太多竟然卡住了,没管他,过会看看竟然多了个图片并且被打开了,QQ浏览器无法运行看看缩略图进入是这个图片,无奈把他关了.

我们来看看这张图片吧!

电脑txt文件被加密,CryptoWall敲诈那些事

大概意思是,文件被RSA加密方式加密了,让我打开网址,我这边打不开!

突然多了几个文件:

 Cannot you find the files you need? Is the content of the files that you have watched not readable? It is normal because the files’ names, as well as the data in your files have been encrypted.
Congratulations!!! You have become a part of large community #CryptoWall. ---
If you are reading this text that means that the software CryptoWall has removed from your computer.
---
What is encryption? Encryption is a reversible transformation of information in order to conceal it from unauthorized persons but providing at the same time access to it for authorized users. To become an authorized user and make the process truly reversible i.e. to be able to decrypt your files you need to have a special private key. In addition to the private key you need the decryption software with which you can decrypt your files and return everything in its place.
---
I almost understood but what do I have to do? The first thing you should do is to read the instructions to the end.
Your files have been encrypted with the CryptoWall software; the instructions that you find in folders with encrypted files are not viruses, they are your helpers. After reading this text 100% of people turn to a search engine with the word CryptoWall where you'll find a lot of thoughts, advice and instructions. Think logically - we are the ones who closed the lock on your files and we are the only ones who have this mysterious key to open them. Any of your attempts to restore your files with the third-party tools can be fatal for encrypted files. The fact is that changing data within the encrypted file (as 100% of software to restore files do this, except the special decryption software) you break damage to the file and it will be impossible to decrypt the file. This is the same as to collect a mosaic when some mosaics items were lost, broken or not put in its place - the picture will not emerge, the software to restore the files will not be able to lay down the picture, and ruin it completely and irreversibly.  Using the software to restore files can ruin your files forever, only through your fault. Remember that any intervention of the extraneous software to restore files encrypted with the Cryptowall software may be the point of no return.
---
In case if these simple rules are violated we will not able to help you, and we will not try because you have been warned. For your attention the software to decrypt the files (as well as the private key that come fitted with it) is a paid product. After purchasing the software package you can: 1. Decrypt all your files. 2. Work with your documents. 3. View your photos and other media content. 4. Continue your habitual and comfortable work at the computer. If you are aware whole importance and criticality of the situation, then we suggest you go directly to your personal page where you will be given final instructions, as well as guarantees to restore your files.
There is a list of addresses below through which you can get on your personal page: 1.3wzn5p2yiumh7akj.waytopaytosystem.com/QjRN9U 2.3wzn5p2yiumh7akj.malkintop100.com/QjRN9U 3.3wzn5p2yiumh7akj.belladonnamonna.com/QjRN9U 4.3wzn5p2yiumh7akj.hiltonpaytoo.com/QjRN9U
What do you have to do with these addresses?
If you browse the instructions in TXT format (if you have instruction in HTML (the file that has an icon of your Internet browser) then for the sake of simplicity it is better to run it): 1. Look at the address number 1 (in this case it is 3wzn5p2yiumh7akj.waytopaytosystem.com/QjRN9U). 2. Select it with the mouse cursor holding the left mouse button and moving the cursor to the right. 3. Release the left mouse button and press the right one. 4. In the menu that appears select “Copy”. 5. Run your Internet browser (if you do not know what it is run the Internet Explorer). 6. Move the mouse cursor to the address bar of the browser (this is the place where the site address is written). 7. Click the right mouse button in the field where the site address is written. 8. In the menu that appears select the button “Insert”. 9. The address 3wzn5p2yiumh7akj.waytopaytosystem.com/QjRN9U must appear there. 9. Press ENTER. 10. The site must load; if it does not load, repeat the same instructions with the address number 2 and so on until the final address if falling.
If for some reason the site does not open check the connection to the Internet; if the site still does not open see the instructions on omitting the point about working with the addresses in the HTML and PNG instructions. If you browse the instructions in HTML format: 1. Click the left mouse button on the address number 1 (in this case it is 3wzn5p2yiumh7akj.waytopaytosystem.com/QjRN9U). 2. In a new tab or window of your web browser the site must load; if it does not load, repeat the same instructions with the address number 2 and so on until the final address/. If for some reason the site does not open check the connection to the Internet; if the site still does not open see the instructions on omitting the point about working with the addresses in the PNG instructions.
If you browse the instructions in PNG format: 1. We are very sorry but unfortunately your antivirus deleted instructions files in the TXT and HTML format for your comfortable work and most importantly for help to restore access to your files. 2. Try to enter the address of your page manually from a picture, good luck and patience for you.
Unfortunately, these sites are temporary because the antivirus companies are interested that you cannot restore your files but continue to buy their products. Unlike them we are ready to help you always. If the temporary sites are not available and you need our help: 1. Run your Internet browser (if you do not know what it is run the Internet Explorer). 2. Enter or copy the address into the address bar https://www.torproject.org/dow... your browser and press ENTER. 3. Wait for the site loading 4. On the site you will be offered to download TorBrowser; download and run it, follow the installation instructions, wait until the installation is completed. 5. Run Tor-Browser. 6. Connect with the button Connect (if you use the English version). 7. After initialization a normal Internet browser window will be opened. 8. Type or copy the address 3wzn5p2yiumh7akj.onion/QjRN9U in this browser address bar. 9. If for some reason the site is not loading, wait a moment and try again.
If you have any problems during installation or operation of TorBrowser, please, visit www.youtube.com and type request in the search bar “install tor browser windows”. As a result you will see a training video on TorBrowser installation and operation.
If TOR address was unavailable for a long time (2-3 days) it means you were late; on average you have about 2 weeks after reading the instructions to restore your files.
---
Additional information: Instructions to restore your files are only in those folders where you have encrypted files. For your convenience the instructions are made in three file formats - html, txt, and png. Unfortunately, antivirus companies cannot protect and moreover restore your files but they make things worse removing the instructions to restore encrypted files. The instructions are not malwares; they have informative nature only, so any claims on the absence of any instruction files you can send to your antivirus company.
---
CryptoWall Project is not malicious and is not intended to harm a person and his/her information data. The project is conducted for the sole purpose of instruction in the field of information security, as well as certification of antivirus products for their suitability for data protection. Together we make the Internet a better and safer place. ----------  If you oversee this text in the Internet and understand that something is wrong with your files and you have no instructions to restore the files, contact your antivirus support. ----------  Remember that the worst has already happened and now the further life of your files depends directly on your determination and speed of your actions.  

意思是:

你不能找到你所需要的文件吗?是你看过的内容文件不可读的吗?

它是正常的,因为文件的名字,以及你的文件中的数据已经加密。

 

恭喜你! ! !

你已经成为一个大型社区的一部分# CryptoWall。

推荐- - - - - -

 

如果你正在阅读本文,意味着软件CryptoWall已经从你的计算机删除。

 

推荐- - - - - -

 

加密是什么?

加密是一个可逆的变换的信息从未经授权的人为了掩盖但同时提供访问授权用户。成为一个授权用户,使真正的可逆过程即能够解密你的文件你需要有一个特殊的私钥。

除了你需要的私钥解密软件你可以解密的文件并返回所有的地方。

 

推荐- - - - - -

 

我几乎理解但我必须做什么?

你应该做的第一件事就是阅读说明书。

 

你的文件已经加密CryptoWall软件;指令,你会发现在文件夹加密的文件不是病毒,他们是你的帮手。

阅读本文后100%的人求助于搜索引擎CryptoWall这个词,你会发现很多思想、建议和指导。

逻辑思考——我们的封闭锁在你的文件,我们是唯一有打开这个神秘的关键。

任何试图恢复您的文件加密的文件的第三方工具可能是致命的。

事实是,变化的数据在加密文件(100%的软件来恢复文件做到这一点,除了特殊的解密软件)你把损坏文件,就不可能解密文件。

时这是一个马赛克一样的收集一些马赛克物品丢失,损坏或不放在它的位置——这幅画不会出现,软件恢复的文件将无法放下,毁掉它完全和不可逆。

使用软件来恢复文件永远可以毁了你的文件,只能通过你的错。

记住,任何干预的附加软件来恢复文件加密Cryptowall软件可能是只能进不能退的地步。

 

推荐- - - - - -

 

以防如果违反这些简单的规则,我们将无法帮助你,我们不会因为我已经警告过你了!

你的注意软件解密文件(以及配备的私钥)是一种支付产品。

购买软件后,您可以:

1。所有文件进行解密。

2。工作与你的文件。

3所示。查看您的照片和其他媒体的内容。

4所示。继续你的习惯和舒适的在电脑前工作。

如果你意识到整个形势的重要性和关键性,那么我们建议你直接转到你的个人页面,您将得到最后的指令,以及保证恢复你的文件。

 

下面列出的地址,你可以在你的个人页面:

1.3 wzn5p2yiumh7akj.waytopaytosystem.com/qjrn9u

2.3 wzn5p2yiumh7akj.malkintop100.com/qjrn9u

3.3 wzn5p2yiumh7akj.belladonnamonna.com/qjrn9u

4.3 wzn5p2yiumh7akj.hiltonpaytoo.com/qjrn9u

 

你要怎么处理这些地址?

 

如果你浏览TXT格式的说明(如果有指令在HTML的文件(有一个网络浏览器的图标)然后为了简单起见最好运行它):

1。看地址1号(在本例中是3 wzn5p2yiumh7akj.waytopaytosystem.com/qjrn9u)。

2。选择用鼠标左键,将光标移动到右边。

3所示。释放鼠标左键并按正确的。

4所示。在出现的菜单中选择“复制”。

5。运行您的互联网浏览器(如果你不知道它是什么运行Internet Explorer)。

6。将鼠标光标移动到浏览器的地址栏(这是网站的地址是写的地方)。

7所示。点击鼠标右键在领域网站地址。

8。在出现的菜单中选择“插入”按钮。

9。地址3 wzn5p2yiumh7akj.waytopaytosystem.com/qjrn9u必须出现在那里。

9。按回车。

10。网站必须加载;如果没有负载,重复相同的指令的地址2号等等,直到最后一个地址如果下降。

 

如果由于某种原因该网站不能打开检查连接到互联网;如果该网站仍然不开看到说明省略的使用HTML和PNG指令的地址。

如果你浏览在HTML格式说明:

1。鼠标左键点击地址1号(在本例中是3 wzn5p2yiumh7akj.waytopaytosystem.com/qjrn9u)。

2。在新标签页或网站的web浏览器窗口必须加载;如果没有负载,重复相同的指令地址2号等等,直到最后的地址/。

如果由于某种原因该网站不能打开检查连接到互联网;如果该网站仍然不开看到说明省略的使用PNG指令的地址。

 

如果你浏览PNG格式的说明:

1。我们很抱歉,但不幸的是你的杀毒软件删除指令的TXT文件和HTML格式为您的舒适的工作,最重要的是有助于恢复访问你的文件。

2。试着手工输入页面的地址从一个图片,好运气和耐心。

 

不幸的是,这些网站都是暂时的,因为反病毒公司感兴趣,你不能恢复你的文件但继续购买他们的产品。

我们已经准备好帮助你总是与他们。

如果临时网站不可用,你需要我们的帮助:

1。运行您的互联网浏览器(如果你不知道它是什么运行Internet Explorer)。

2。输入或复制地址到浏览器地址栏https://www.torproject.org/download/download-easy.html.en和按回车。

3所示。等待网站加载

4所示。在网站上你会提供下载TorBrowser;下载并运行它,按照安装说明,等待安装完成。

5。Tor-Browser运行。

6。连接与按钮连接(如果你使用英文版本)。

7所示。初始化后正常的互联网浏览器窗口将被打开。

8。3 wzn5p2yiumh7akj类型或复制地址。洋葱/ QjRN9U浏览器地址栏。

9。如果由于某种原因该网站不加载,等一会儿,再试一次。

 

在安装期间如果您有任何问题或操作TorBrowser,请访问www.youtube.com,在搜索栏中输入请求“安装tor浏览器窗口”。因此你会看到一个培训视频TorBrowser安装和操作。

 

如果TOR地址不可用很长一段时间(2 - 3天)这意味着你迟到了;平均阅读说明书你有大约2周后恢复你的文件。

 

推荐- - - - - -

 

附加信息:

指令来恢复您的文件只有在这些文件夹加密的文件。

为了使您的指令是由三个文件格式——html,txt和png。

不幸的是,反病毒公司无法保护,而且恢复你的文件,但他们使事情变得更糟删除指令恢复加密的文件。

指令不malwares;他们只有有用的性质,所以任何声称没有任何指令的文件您可以发送到您的杀毒软件公司。

 

推荐- - - - - -

 

CryptoWall项目不是恶意,并不打算伤害一个人,他/她的信息数据。

项目进行的唯一目的指令在信息安全领域,以及认证的防病毒产品是否适合数据保护。

我们一起把互联网一个更好、更安全的地方。

- - - - - - - - - - -

如果你在互联网监督这个文本和理解你的文件有问题,你没有说明恢复文件,请联系您的防病毒软件的支持。

- - - - - - - - - - -

记住,最坏的已经发生,现在的生活你的文件直接取决于你的决心和你的行动速度。

 

好吧,上面说了很多,下载什么,国内被墙了,下载不成就没看.

好在它把我桌面几个txt文件加密了,并无大碍.但是我很好奇,就查了资料.听说是敲诈团伙,需要收取500$ 折合RMB两千多,关键是收取比特比(不懂是什么虚拟货币),淘宝竟然有帮忙付费的店.

他是通过RSA加密方式加密你的文件,密匙在这个团伙手里,只有拿到密匙才能解密.

好吧,反正文件没什么用,但我很好奇他是通过什么方式传播的,网站?也许是恶意网站,但是我并没有见过如此强大的网站,他能直接修改你电脑文件.所以我猜想一定是安装了恶意软件,他在不知不觉中执行,最终让他得逞!

所以下次要小心了,指不定哪天c盘被格式化就惨了.

通过此经历,还是觉得windows不够安全.

本文来自 大猩猩网 原创文章,转载请注明出处


Sign in or Sign up Leave Comment