Forum › Komputer & Teknikal › Terima Ugutan Encrypt Files..

lizache Publish time 21-4-2015 02:26 PM

Terima Ugutan Encrypt Files..

Hari ni pergi ofis, turned on pc, tetiba dapat mesej ni..
Habis semua files.. tulong!!!! nak wat cemana ni...

lizache Publish time 21-4-2015 02:33 PM

==============================================================================
         !!! WE HAVE ENCRYPTED YOUR FILES WITH Crypt0L0cker VIRUS !!!
===============================================================================


Your important files (including those on the network disks, USB, etc): photos,
videos, documents, etc. were encrypted with our Crypt0L0cker virus. The only
way to get your files back is to pay us. Otherwise, your files will be lost.

Use this link to pay for files recovery:
http://zoqowm4kzz4cvvvl.torlocator.org/h6q4lb5q.php?user_code=yckvfi&user_pass=7637


-------------------------------------------------------------------------------
-------------------------------------------------------------------------------

[=] What happened to my files?

Your important files: photos, videos, documents etc. were encrypted with our
Crypt0L0cker virus. This virus uses very strong encryption
algorithm - RSA-2048. Breaking of RSA-2048 encryption algorithm is impossible
without special decryption key.


[=] How can I get my files back?

Your files are now unusable and unreadable, you can verify it by trying to
open them. The only way to restore them to a normal condition is to use our
special decryption software. You can buy this decryption software on
our website (http://zoqowm4kzz4cvvvl.torlocator.org/h6q4lb5q.php?user_code=yckvfi&user_pass=7637).


[=] What should I do next?

You should visit our website (http://zoqowm4kzz4cvvvl.torlocator.org/h6q4lb5q.php?user_code=yckvfi&user_pass=7637)
and buy decryption for your PC.


[=] I can not access to your website, what should I do?

Our website should be accessible from one of these links:
http://zoqowm4kzz4cvvvl.torlocator.org/h6q4lb5q.php?user_code=yckvfi&user_pass=7637
http://zoqowm4kzz4cvvvl.torminator.org/h6q4lb5q.php?user_code=yckvfi&user_pass=7637
http://zoqowm4kzz4cvvvl.tor2web.blutmagie.de/h6q4lb5q.php?user_code=yckvfi&user_pass=7637

http://zoqowm4kzz4cvvvl.onion/h6q4lb5q.php?user_code=yckvfi&user_pass=7637 (using TOR browser)

If for any reasons these addresses are not available please follow the steps:
    1. Download and install TOR-browser:
       http://www.torproject.org/projects/torbrowser.html.en
    2. After a successful installation, run the browser and wait for
       initialization.
    3. Type in the address bar:
       http://zoqowm4kzz4cvvvl.onion/h6q4lb5q.php?user_code=yckvfi&user_pass=7637
    4. Access to our website

Also you can contact us via email: decrypthelp@mail15.com

-------------------------------------------------------------------------------
-------------------------------------------------------------------------------

Login Credentials:
URL:       http://zoqowm4kzz4cvvvl.torlocator.org/h6q4lb5q.php
User-Code: yckvfi
User-Pass: 7637

===============================================================================

lizache Publish time 21-4-2015 02:37 PM

Bila login dlm website tu, dapat nih...

lizache Publish time 21-4-2015 02:39 PM

Gilo hapo aku nak kena byr untuk files sendirik.... ya hampun.. camano nih... sapa diorg ni yek.. boleh tak kalu buat report kat SKMM.
Dah try system restore, tak buleh jugak..

TeraJava Publish time 22-4-2015 11:08 AM

cuba boot komputer guna live cd ubuntu. sekarang ni, semua fail-fail dah hilang ke?

lizache Publish time 22-4-2015 11:31 AM

TeraJava replied at 22-4-2015 11:08 AM
cuba boot komputer guna live cd ubuntu. sekarang ni, semua fail-fail dah hilang ke?

file tak hilang, tapi encrypted.. tak boleh bukak.. kalau bayar baru diorg bg key untuk descrypt.
bila googgle, rupanya2 mmg diorg attacked globally, agaknya baru nak mari Malaysia kot.....
http://en.wikipedia.org/wiki/CryptoLocker
kena gi buat report le gamaknya..
btw, camana nak boot guna ubuntu tu.. dah mcm2 cara buat, takut file suma hilang je..

lizache Publish time 22-4-2015 11:37 AM

kalau pakai antivirus cuma akan remove @ block the virus, tp file2 still encrypted. Virus tu masuk masa mozilla firefox tgh updated, mana nak tahu dia menyamar.. cisss....:'(

TeraJava Publish time 22-4-2015 11:48 AM

Agak rumit juga. Saya try google tapi kebanyakannya hanya memaparkan cara pencegahan.

Untuk boot ubuntu tu, guna pendrive.

Download ubuntu dan guna software ni untuk install ubuntu dalam pendrive.

http://www.pendrivelinux.com/

Kemudian, kena restart pc dan kene pilih untuk boot dari usb.

TeraJava Publish time 22-4-2015 11:54 AM

Kat ofis, pc orang lain semua infect jugak ke?

lizache Publish time 22-4-2015 11:56 AM

TeraJava replied at 22-4-2015 11:48 AM
Agak rumit juga. Saya try google tapi kebanyakannya hanya memaparkan cara pencegahan.

Untuk boot...

terima kasih... kejap lg saya cuba.. nasib baik semua browser boleh guna.. ada setengah victim browser pun tak boleh surf.
nanti saya update..

lizache Publish time 22-4-2015 11:58 AM

TeraJava replied at 22-4-2015 11:54 AM
Kat ofis, pc orang lain semua infect jugak ke?

nasib baik tak kena.. sebab tak guna server, company kecik je..
tp cepat2 disconnect dulu pc lain dan buat back-up.. menangis macamni tau...

TeraJava Publish time 22-4-2015 12:04 PM

kebanyakan kata takleh nak decrypt melainkan bayar.. tapi kalau bayar, guarantee ke diorang tak tanam virus lain?

Kena jaga elok2 pc dan lagi elok ofis ada orang yang mahir dalam sistem IT.

lizache Publish time 22-4-2015 01:00 PM

TeraJava replied at 22-4-2015 12:04 PM
kebanyakan kata takleh nak decrypt melainkan bayar.. tapi kalau bayar, guarantee ke diorang tak tana ...

Tera, dah cuba ubuntu... pun tak boleh.. sama je..
rasa2nya mmg tak boleh buat apa dah ni..
kena buang semua le gamaknya, system restore pun dia hacked jugak, tak boleh restore dan recover langsung.
benda ni kena bg warning kat pengguna lain, sebagai caution. tak pernah dgr lg jadi kat Malaysia ni..

TeraJava Publish time 22-4-2015 01:06 PM

berserah je lah bro... len kali kena buat backup dekat mana2 seperti google drive, dropbox, atau external hd.

lizache Publish time 22-4-2015 01:31 PM

TeraJava replied at 22-4-2015 01:06 PM
berserah je lah bro... len kali kena buat backup dekat mana2 seperti google drive, dropbox, atau ext ...

terima kasih byk sebab bg suggestions... letih kepala otak mikir... cheers..

TeraJava Publish time 22-4-2015 07:59 PM

sama2 bro.. baca dari blog2 yang pakar dalam virus2 ni, diorang pun kata memang tak boleh nak decrypt melainkan bayar kat diorang..

TeraJava Publish time 22-4-2015 09:01 PM

ada member dekat group suggest try pakai benda ini.

https://www.decryptcryptolocker.com/

tapi untuk keselamatan, try hantar fail2 yang biasa2 saja. tengok boleh decrypt ke tak.

lizache Publish time 23-4-2015 01:33 PM

TeraJava replied at 22-4-2015 09:01 PM
ada member dekat group suggest try pakai benda ini.

https://www.decryptcryptolocker.com/


Dah try.. ini diorg buat tahun 2014, since then virus dah makin nasty dan stronger, dah tak boleh guna..

lizache Publish time 23-4-2015 01:38 PM

ni haa.. dapat mesej ni.. file extension tak sama kot dgn decrypter tu...

TeraJava Publish time 23-4-2015 03:10 PM

tak dapat nak tolong... sapa dapat decrypt ni, memang power.. melainkan tukang buat virus ni tak dikira la sebab dia ada simpan key tersebut.. dan key tersebut dijana oleh komputer menggunakan kompleks algorithm..

View full version: Terima Ugutan Encrypt Files..