就測過一些勒索
有些會自殺，觸發加密就消失
還有不停產生亂數exe檔，單靠防毒可能會抓不到本體.....

現在檔案被加密名稱很多隨機，先看有沒有勒索信才好判別是哪家勒索
若沒有的話，找個信譽比較好防毒，掃描一下
看能否抓到什麼東西

這隻是新的變種，我有上傳勒索信及加密檔到id分析，結果是沒辦法辨認的新變種
所以我也不確定有沒有被動手腳，檔案不重要的話，建議全部格式化
如果未被加密，但不確定有沒有感染，最起碼先用各家的掃毒軟體掃一下
假使是捨不得刪的或是不確定，先封存、不要用該顆硬碟，等解套方面出來後再看看。

可能不是新的，因為最近有一款勒索事加密完自殺
同時副檔名又是亂碼，所以很難追蹤......基本上是沒救了
先存檔看看之後解密工具能不能解
另外也建議裝防毒 pccillin有勒索剋星就是專門針對勒索病毒的

重要資料還是備2份,1份放另ㄧ顆硬碟.平常不接電腦.偶爾插ㄧ下電暖機.
另1份就留在正常使用的硬碟, 2份同時掛掉的機率很低.

真的
最簡單的異地備份，pcdvd這兒反而很多人做不到

可以換win10也建議換
windows defender smartscreen 也能擋下一些勒索
即使你防毒抓不到，也會警示有東西要執行


網路上教關掉windows defender smartscreen 真的是害人


另外就是建議可以裝趨勢勒索剋星這類資料夾防護

微軟內建那個還是有可能被過

Attention, all your files are encrypted with the AES cbc-128 algorithm!

It's not a virus like WannaCry and others, I hacked your computer,
The encryption key and bitcoin wallet are unique to your computer,
so you are guaranteed to be able to return your files.

But before you pay, you can make sure that I can really decrypt any of your files.

To do this, send me several encrypted files to , ][email protected], a maximum of 5 megabytes each, I will decrypt them
and I will send you back. No more than 5 files. Do not forget to send in the letter bitcoin address 16Rg4v9GHwwhVumqyBQtasiJnWFuGiU2Ky from this file.

Do not complain about these email addresses, because other people will not be able to decrypt their files!

After that, pay the decryption in the amount of 500$ to the bitcoin address: 16Rg4v9GHwwhVumqyBQtasiJnWFuGiU2Ky
After payment, send me a letter to
,
with payment notification.
Once payment is confirmed, I will send you a decryption program.

You can pay bitcoins online in many ways:
https://buy.blockexplorer.com/ - payment by bank card
https://www.buybitcoinworldwide.com/
https://localbitcoins.net

About Bitcoins:
https://en.wikipedia.org/wiki/Bitcoin

If you have any questions, write to me at

,[email protected]

As a bonus, I will tell you how hacked your computer is and how to protect it in the future.

以上是勒索信的內容,請大家看就好,不要按到連結.

最後我是將被加密的硬碟全部格式化,只是幾部喜歡迷片也跟著再見了.系統改成WIN 10.