留下的信息: 先记录在这儿!
---=== Welcome. Again. ===---
[+] Whats Happen? [+]
Your files are encrypted, and currently unavailable. You can check it: all files on your computer has extension 95za5rawd7.
By the way, everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).
[+] What guarantees? [+]
Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.
To check the ability of returning files, You should go to our website. There you can decrypt one file for free. That is our guarantee.
If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data, cause just we have the private key. In practise - time is much more valuable than money.
[+] How to get access on website? [+]
You have two ways:
1) [Recommended] Using a TOR browser!
a) Download and install TOR browser from this site: https://torproject.org/
b) Open our website: http://aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion/EE5F55E9486C9FF5
2) If TOR blocked in your country, try to use VPN! But you can use our secondary website. For this:
a) Open your any browser (Chrome, Firefox, Opera, IE, Edge)
b) Open our secondary website: http://decryptor.cc/EE5F55E9486C9FF5
Warning: secondary website can be blocked, thats why first variant much better and more available.
When you open our website, put the following data in the input form:
Key:
Q8hrQNTvXIvW3JLSXPH7VXlxsJbdELiQo8vRBIN/ThvQTdfD/rXCh/bFFbsYtRDm
G22pXpxblR/44m590gWOyUdQYphvffeouTIe7j3JlrI5fIPWmhmpG+u2CTYliHQd
u0XVDVmUEUKndOUb9ufmfhz4cF+tHssrHIChVZJX2uST3fZwARrj4eVKPvD+q0/i
y/XZtM998xqxEkXaBPW/1m2Ho1/FgHZY+94wYneOjTLpBhASUioM8ZIrT9r+TT0M
Zy3tPR2k5V8wCJ+psyZXUEmhxWz2vBaZVvzwWyMzlvVCCqGJ+S9VfbjybOLImzYb
te8nieflBHrmMXDOJjTPRzP176NhyIFwTREFWSjC0c2YuFChX5MOCZnz4CVhflIZ
bqiUxP6xmJ1SfcrQ47rTdmll8wD0nVpvGHpjNmOxRTnST/JBHgq5ZM3qB3OALQf+
lnPp7uCuVVZq1xNNsulIl92VtxvnvfaNgtki9Pl40woUVQN3g+76rxeQTh1pTE5t
4ht1Z2cx2ZE2g/Tuuq89PmQ/JV605I4N9F1Zx95ROZE4g8I/xYsQC1bJa0FxrPS2
g9Iun/dKc75lRoYbwBO1qUjgYmtgwkSJemVju+xqQWzzeTTa02jbpg6zYLi0o2Jy
jMM3Z/gIhknaj1yHErJ52cs91e+fK8+lvkgM/8lke9zP7o41WHmQ0EOtvtjau8bf
Sd2lh1Az1hfe9a2K8sGVLuiaQlfxtfg+JPOkg5VZZxRtSpEtg6FxTFOG63HU/aAY
8BEIhXFONn+/7v12fWFmbFIMCRcGk7ay07sBTmx67WvzO/ZRJxLa4R3wi+cYyhLA
ydUZ1rZfpG81uxarm1aVyyIWGd5WN8rQFcOgzGVKfGrBJ2+wSUmQ/iY/RhzunMWM
yvA54PH62HRC2ehHfDVgnowEekCGFIQ+Q+RUaojJCsWTvmUvfiJT/nfnT2kxbRwg
c+iKnBqRHSINjDVFiJat686/Gyuww/UTJeOZTmBsaFxmiPImvSZKyjZ7o9v5EN3S
LnNQLY5tkofUJ7ZxWwN9MN3rdflIkO1k5IMhYRuoaidID1jSx/eK1rQCCHEWCbMU
7EqlEIRm8ooadwCCiCHGowrIJm8BhDtsPvPD5ebrkyfElZNoDZvejJ2iEoRwkVda
qXg/kumwxvvv4Qbnb/W2o8DdhKQ20v8GVld6Z0rWMTC3jf2OvrNfohOJNwtWmDar
jVbzfrLDq7yDjDhfGst8GgGGrxAqZP2YdX37VU9z/oAyMECvCiu6V0gN6AimbDGL
EUpGH0fe+UfwMCeP3TNWqqqMCjvErtTh9BlbAT/wWN2eG3eEXqkjjxX1i/kzEPI6
/cMyn0cHSTn7tJF9yVjRjaZ8J4Qjt6rWx9izTFLvrReKgj8ull5r8K30fHSH+p/T
Sdiz976nS0hOFYaVpDGwS8JizeNzR0cASp3BuQZ2vA8ZWNxZ/vH4sIRl5mbwgw6E
ryGCdsvEyQXW3y/lltIOQXMiT906oE9ZtMkWxKv3IAc/l3DGA1bzdDLkvZs4kJZg
SCe3VzmCmDUtsA==
Extension name:
95za5rawd7
-----------------------------------------------------------------------------------------
!!! DANGER !!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!! !!! !!!
ONE MORE TIME: Its in your interests to get your files back. From our side, we (the best specialists) make everything for restoring, but please should not interfere.
!!! !!! !!!中毒系统为Windows 2008 R2系统,平台测试服务机,被加密了!
系统情况如下:相当于裸奔系统
1、系统防火墙关闭
2、未安装任何安全软件,作为防护
3、未关闭非必要端口(中毒应该是通过端口进来的,远程用户进入不太可能,密码复杂度算高了)
度娘解决:——没一个实质的恢复方式啊...........很可能是通过3389端口进入
1、给钱认栽
2、杀毒挽救部分数据
3、找第三方专业的安全公司处理
由于是非重点服务器,暂时处理:
1、重装系统
2、加必要的防护(安全软件,防火墙,关闭非必要端口)
3、必要的常用端口,最好修改,比如远程登录端口
这次只是有点小庆幸,中招的不是生产环境的服务!
!生产环境服务做的防护要高很多,外层加了物理防火墙,重点数据限制ip访问,内部端口限制,只开通必要端口且做了端口映射等
更重要的是及时备份相关文件、数据等!
1180
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
