이거 랜섬웨어?그거 인가요ㅠㅠㅠ
-
게시물 수정 , 삭제는 로그인 필요
어느 사이트에 들어갔다가 버벅대더니만 갑자기 영어로 뭐라고 되어있는 사이트뜨고 막 난리나길래 겁나서 바로 꺼버렸거든요??ㅠㅠㅠ 알약도 막 바이러스?사이트 같은거 감지했다며 경고하면서 사이트가 시행되는 것을 막았다고...
불안해서 막 찾아봤었는데 다행히 확장자가 vvv로 안 바꼈어요 후우..ㅠㅠ
근데 자꾸 이 노트북 킬때마다 계속 메모장이랑 그림이랑 이상한 사이트가 계속 뜨더라고요 어찌하면 없어질까요ㅠㅠㅠ
포멧하면 나아질련지요? 어차피 옮길건 이미 진작에 다 옮겨 놨어서 그닥 미련은 없걸랑요ㅎ
포멧말고도 수리할 수 있는 방법이 있다면 비용이 얼마정도??ㅠㅠ
(글이 너무 긴것 같아서 컴퓨터 사양 댓으로 남길게요!!)
<사이트 주소>
C:\Documents and Settings\kim\시작 메뉴\프로그램\시작프로그램\HELP_YOUR_FILES.HTML
<그림>
<메모장 내용>
Cannot you find the files you need? Is the content of the files that you have watched not readable?
It is normal because the files’ names, as well as the data in your files have been encrypted.
Congratulations!!!
You have become a part of large community #CryptoWall.
---
If you are reading this text that means that the software CryptoWall has removed from your computer.
---
What is encryption?
Encryption is a reversible transformation of information in order to conceal it from unauthorized persons but providing at the same time access to it for authorized users. To become an authorized user and make the process truly reversible i.e. to be able to decrypt your files you need to have a special private key.
In addition to the private key you need the decryption software with which you can decrypt your files and return everything in its place.
---
I almost understood but what do I have to do?
The first thing you should do is to read the instructions to the end.
Your files have been encrypted with the CryptoWall software; the instructions that you find in folders with encrypted files are not viruses, they are your helpers.
After reading this text 100% of people turn to a search engine with the word CryptoWall where you'll find a lot of thoughts, advice and instructions.
Think logically - we are the ones who closed the lock on your files and we are the only ones who have this mysterious key to open them.
Any of your attempts to restore your files with the third-party tools can be fatal for encrypted files.
The fact is that changing data within the encrypted file (as 100% of software to restore files do this, except the special decryption software) you break damage to the file and it will be impossible to decrypt the file.
This is the same as to collect a mosaic when some mosaics items were lost, broken or not put in its place - the picture will not emerge, the software to restore the files will not be able to lay down the picture, and ruin it completely and irreversibly.
Using the software to restore files can ruin your files forever, only through your fault.
Remember that any intervention of the extraneous software to restore files encrypted with the Cryptowall software may be the point of no return.
---
In case if these simple rules are violated we will not able to help you, and we will not try because you have been warned.
For your attention the software to decrypt the files (as well as the private key that come fitted with it) is a paid product.
After purchasing the software package you can:
1. Decrypt all your files.
2. Work with your documents.
3. View your photos and other media content.
4. Continue your habitual and comfortable work at the computer.
If you are aware whole importance and criticality of the situation, then we suggest you go directly to your personal page where you will be given final instructions, as well as guarantees to restore your files.
There is a list of addresses below through which you can get on your personal page:
1.3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR
2.3wzn5p2yiumh7akj.malkintop100.com/LjdNRR
3.3wzn5p2yiumh7akj.belladonnamonna.com/LjdNRR
4.3wzn5p2yiumh7akj.hiltonpaytoo.com/LjdNRR
What do you have to do with these addresses?
If you browse the instructions in TXT format (if you have instruction in HTML (the file that has an icon of your Internet browser) then for the sake of simplicity it is better to run it):
1. Look at the address number 1 (in this case it is 3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR).
2. Select it with the mouse cursor holding the left mouse button and moving the cursor to the right.
3. Release the left mouse button and press the right one.
4. In the menu that appears select “Copy”.
5. Run your Internet browser (if you do not know what it is run the Internet Explorer).
6. Move the mouse cursor to the address bar of the browser (this is the place where the site address is written).
7. Click the right mouse button in the field where the site address is written.
8. In the menu that appears select the button “Insert”.
9. The address 3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR must appear there.
9. Press ENTER.
10. The site must load; if it does not load, repeat the same instructions with the address number 2 and so on until the final address if falling.
If for some reason the site does not open check the connection to the Internet; if the site still does not open see the instructions on omitting the point about working with the addresses in the HTML and PNG instructions.
If you browse the instructions in HTML format:
1. Click the left mouse button on the address number 1 (in this case it is 3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR).
2. In a new tab or window of your web browser the site must load; if it does not load, repeat the same instructions with the address number 2 and so on until the final address/.
If for some reason the site does not open check the connection to the Internet; if the site still does not open see the instructions on omitting the point about working with the addresses in the PNG instructions.
If you browse the instructions in PNG format:
1. We are very sorry but unfortunately your antivirus deleted instructions files in the TXT and HTML format for your comfortable work and most importantly for help to restore access to your files.
2. Try to enter the address of your page manually from a picture, good luck and patience for you.
Unfortunately, these sites are temporary because the antivirus companies are interested that you cannot restore your files but continue to buy their products.
Unlike them we are ready to help you always.
If the temporary sites are not available and you need our help:
1. Run your Internet browser (if you do not know what it is run the Internet Explorer).
2. Enter or copy the address into the address bar https://www.torproject.org/download/download-easy.html.en your browser and press ENTER.
3. Wait for the site loading
4. On the site you will be offered to download TorBrowser; download and run it, follow the installation instructions, wait until the installation is completed.
5. Run Tor-Browser.
6. Connect with the button Connect (if you use the English version).
7. After initialization a normal Internet browser window will be opened.
8. Type or copy the address 3wzn5p2yiumh7akj.onion/LjdNRR in this browser address bar.
9. If for some reason the site is not loading, wait a moment and try again.
If you have any problems during installation or operation of TorBrowser, please, visit www.youtube.com and type request in the search bar “install tor browser windows”. As a result you will see a training video on TorBrowser installation and operation.
If TOR address was unavailable for a long time (2-3 days) it means you were late; on average you have about 2 weeks after reading the instructions to restore your files.
---
Additional information:
Instructions to restore your files are only in those folders where you have encrypted files.
For your convenience the instructions are made in three file formats - html, txt, and png.
Unfortunately, antivirus companies cannot protect and moreover restore your files but they make things worse removing the instructions to restore encrypted files.
The instructions are not malwares; they have informative nature only, so any claims on the absence of any instruction files you can send to your antivirus company.
---
CryptoWall Project is not malicious and is not intended to harm a person and his/her information data.
The project is conducted for the sole purpose of instruction in the field of information security, as well as certification of antivirus products for their suitability for data protection.
Together we make the Internet a better and safer place.
----------
If you oversee this text in the Internet and understand that something is wrong with your files and you have no instructions to restore the files, contact your antivirus support.
----------
Remember that the worst has already happened and now the further life of your files depends directly on your determination and speed of your actions.
어느 사이트에 들어갔다가 버벅대더니만 갑자기 영어로 뭐라고 되어있는 사이트뜨고 막 난리나길래 겁나서 바로 꺼버렸거든요??ㅠㅠㅠ 알약도 막 바이러스?사이트 같은거 감지했다며 경고하면서 사이트가 시행되는 것을 막았다고...
불안해서 막 찾아봤었는데 다행히 확장자가 vvv로 안 바꼈어요 후우..ㅠㅠ
근데 자꾸 이 노트북 킬때마다 계속 메모장이랑 그림이랑 이상한 사이트가 계속 뜨더라고요 어찌하면 없어질까요ㅠㅠㅠ
포멧하면 나아질련지요? 어차피 옮길건 이미 진작에 다 옮겨 놨어서 그닥 미련은 없걸랑요ㅎ
포멧말고도 수리할 수 있는 방법이 있다면 비용이 얼마정도??ㅠㅠ
(글이 너무 긴것 같아서 컴퓨터 사양 댓으로 남길게요!!)
<사이트 주소>
C:\Documents and Settings\kim\시작 메뉴\프로그램\시작프로그램\HELP_YOUR_FILES.HTML
<그림>
<메모장 내용>
Cannot you find the files you need? Is the content of the files that you have watched not readable?
It is normal because the files’ names, as well as the data in your files have been encrypted.
Congratulations!!!
You have become a part of large community #CryptoWall.
---
If you are reading this text that means that the software CryptoWall has removed from your computer.
---
What is encryption?
Encryption is a reversible transformation of information in order to conceal it from unauthorized persons but providing at the same time access to it for authorized users. To become an authorized user and make the process truly reversible i.e. to be able to decrypt your files you need to have a special private key.
In addition to the private key you need the decryption software with which you can decrypt your files and return everything in its place.
---
I almost understood but what do I have to do?
The first thing you should do is to read the instructions to the end.
Your files have been encrypted with the CryptoWall software; the instructions that you find in folders with encrypted files are not viruses, they are your helpers.
After reading this text 100% of people turn to a search engine with the word CryptoWall where you'll find a lot of thoughts, advice and instructions.
Think logically - we are the ones who closed the lock on your files and we are the only ones who have this mysterious key to open them.
Any of your attempts to restore your files with the third-party tools can be fatal for encrypted files.
The fact is that changing data within the encrypted file (as 100% of software to restore files do this, except the special decryption software) you break damage to the file and it will be impossible to decrypt the file.
This is the same as to collect a mosaic when some mosaics items were lost, broken or not put in its place - the picture will not emerge, the software to restore the files will not be able to lay down the picture, and ruin it completely and irreversibly.
Using the software to restore files can ruin your files forever, only through your fault.
Remember that any intervention of the extraneous software to restore files encrypted with the Cryptowall software may be the point of no return.
---
In case if these simple rules are violated we will not able to help you, and we will not try because you have been warned.
For your attention the software to decrypt the files (as well as the private key that come fitted with it) is a paid product.
After purchasing the software package you can:
1. Decrypt all your files.
2. Work with your documents.
3. View your photos and other media content.
4. Continue your habitual and comfortable work at the computer.
If you are aware whole importance and criticality of the situation, then we suggest you go directly to your personal page where you will be given final instructions, as well as guarantees to restore your files.
There is a list of addresses below through which you can get on your personal page:
1.3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR
2.3wzn5p2yiumh7akj.malkintop100.com/LjdNRR
3.3wzn5p2yiumh7akj.belladonnamonna.com/LjdNRR
4.3wzn5p2yiumh7akj.hiltonpaytoo.com/LjdNRR
What do you have to do with these addresses?
If you browse the instructions in TXT format (if you have instruction in HTML (the file that has an icon of your Internet browser) then for the sake of simplicity it is better to run it):
1. Look at the address number 1 (in this case it is 3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR).
2. Select it with the mouse cursor holding the left mouse button and moving the cursor to the right.
3. Release the left mouse button and press the right one.
4. In the menu that appears select “Copy”.
5. Run your Internet browser (if you do not know what it is run the Internet Explorer).
6. Move the mouse cursor to the address bar of the browser (this is the place where the site address is written).
7. Click the right mouse button in the field where the site address is written.
8. In the menu that appears select the button “Insert”.
9. The address 3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR must appear there.
9. Press ENTER.
10. The site must load; if it does not load, repeat the same instructions with the address number 2 and so on until the final address if falling.
If for some reason the site does not open check the connection to the Internet; if the site still does not open see the instructions on omitting the point about working with the addresses in the HTML and PNG instructions.
If you browse the instructions in HTML format:
1. Click the left mouse button on the address number 1 (in this case it is 3wzn5p2yiumh7akj.waytopaytosystem.com/LjdNRR).
2. In a new tab or window of your web browser the site must load; if it does not load, repeat the same instructions with the address number 2 and so on until the final address/.
If for some reason the site does not open check the connection to the Internet; if the site still does not open see the instructions on omitting the point about working with the addresses in the PNG instructions.
If you browse the instructions in PNG format:
1. We are very sorry but unfortunately your antivirus deleted instructions files in the TXT and HTML format for your comfortable work and most importantly for help to restore access to your files.
2. Try to enter the address of your page manually from a picture, good luck and patience for you.
Unfortunately, these sites are temporary because the antivirus companies are interested that you cannot restore your files but continue to buy their products.
Unlike them we are ready to help you always.
If the temporary sites are not available and you need our help:
1. Run your Internet browser (if you do not know what it is run the Internet Explorer).
2. Enter or copy the address into the address bar https://www.torproject.org/download/download-easy.html.en your browser and press ENTER.
3. Wait for the site loading
4. On the site you will be offered to download TorBrowser; download and run it, follow the installation instructions, wait until the installation is completed.
5. Run Tor-Browser.
6. Connect with the button Connect (if you use the English version).
7. After initialization a normal Internet browser window will be opened.
8. Type or copy the address 3wzn5p2yiumh7akj.onion/LjdNRR in this browser address bar.
9. If for some reason the site is not loading, wait a moment and try again.
If you have any problems during installation or operation of TorBrowser, please, visit www.youtube.com and type request in the search bar “install tor browser windows”. As a result you will see a training video on TorBrowser installation and operation.
If TOR address was unavailable for a long time (2-3 days) it means you were late; on average you have about 2 weeks after reading the instructions to restore your files.
---
Additional information:
Instructions to restore your files are only in those folders where you have encrypted files.
For your convenience the instructions are made in three file formats - html, txt, and png.
Unfortunately, antivirus companies cannot protect and moreover restore your files but they make things worse removing the instructions to restore encrypted files.
The instructions are not malwares; they have informative nature only, so any claims on the absence of any instruction files you can send to your antivirus company.
---
CryptoWall Project is not malicious and is not intended to harm a person and his/her information data.
The project is conducted for the sole purpose of instruction in the field of information security, as well as certification of antivirus products for their suitability for data protection.
Together we make the Internet a better and safer place.
----------
If you oversee this text in the Internet and understand that something is wrong with your files and you have no instructions to restore the files, contact your antivirus support.
----------
Remember that the worst has already happened and now the further life of your files depends directly on your determination and speed of your actions.
