Windows电脑被勒索病毒攻击后的警告-我的运维技术站

出于想了解Windows系统域好奇，想自己搭建一套DNS服务，然后就在腾讯云上购买了一台windows2008服务器
第二天早上起来发现连接不上服务器，然后打开电脑进入服务器让我大吃一惊啊

-----------Welcome. Again. --------------------
[+]Whats Happen?[+]

Your files are encrypted,and currently unavailable. You can check it: all files on you computer has expansion Rook.

By the way,everything is possible to recover (restore), but you need to follow our instructions. Otherwise, you cant return your data (NEVER).

[+] What guarantees?[+]


Its just a business. We absolutely do not care about you and your deals, except getting benefits. If we do not do our work and liabilities - nobody will not cooperate with us. Its not in our interests.

To check the file capacity, please send 1 files not larger than 1M to us, and we will prove that we are capable of restoring.

If you will not cooperate with our service - for us, its does not matter. But you will lose your time and data,cause just we have the private key. In practise - time is much more valuable than money.

If we find that a security vendor or law enforcement agency pretends to be you to negotiate with us, we will directly destroy the private key and no longer provide you with decryption services.

You have 3 days to contact us for negotiation. Within 3 days, we will provide a 50% discount. If the discount service is not provided for more than 3 days, the files will be leaked to our onion network. Every more than 3 days will increase the number of leaked files.

We will replace the private key every 15 days and the old private key will be deleted. Please do not contact us if it has been encrypted for more than 15 days, we can do nothing, even if God comes, there is nothing we can do.
 Our mail box:
securityrook@privatemail.com

If there is no reply for a long time, please contact the following email address!
securityrook@horsefucker.org
------------------------------------------------------------------------------------------------
!!!DANGER!!!
DONT try to change files by yourself, DONT use any third party software for restoring your data or antivirus solutions - its may entail damge of the private key and, as result, The Loss all data.
!!!!!!!
YOUR PERSONAL ID: HgT8A6zgQBIQL4Cb8L8A7PBHN3CmZ9qzMjioTH2brMXZRJCEH18NJ/7VobO42zf+WPbNVB2fHDW0+noAXHe0h6ROgUhW7MA4LkUfMKP9OfhczpTRLDEgCkPGKOdPz4mSeYONZwQoqXV7R/P6qVBaurguzt/VEPNTlfvPvqBWaVTv1O8dA69WYOt2ORLJYVFy4b9YWLDakqwniecSNY7U6WcmLSMLT85+gLdLsB5SEgU6e5v1zQTuSF5ZdazM/fieYms2bbnqHZhA7hcW+0xTJDbIqlIx7hjFHKisCzCyXoBxLY0UCQy+jHDzJJzuxKOjR6iZCp88ByWsEKOe8n5h0FtoZzUltsWH5PSB0/7mr/D/SHD+4ZhhEbVN4VJtFkv88Gz2an/NAzcJ7JV6WztCXYmHKJNmAHUtnecbUNfqpbza2iN9GkCaR/P3ciIGeFPE1/gvoKKWw1Z76EnEoLxJ+kfYH7O6AWHefGIZtg30SDbsbsQ/mkNTFVaD2T5luIEeDzTrcwBwY8KD/MloUvNu/RoZF8ulW8AwtIu3XpGXBZ3fSRNHqRVYcSqfaNAnQ6u44NtOJqR2KBbMdJmkgjo5gub10TrVw+WRGinF7yVG0LyZawN/wyp0CY0otaVm/RZUqQmmqfRLmi58grKoZTujIwy1LrUUdTTvH8jbv5eB4Zc=

打开文件后

桌面上文件全部被篡改并加了后缀为ROOK，无法打开，浏览器弹出了一个网页，显示的就是上述内容，我就知道被病毒勒索

沟通记录

只能重新安装系统解决了
中招的就是最下面最新版本的 GlobeImposterV2 目前无法解密，总不能向别人支付比特币去解密吧
只好重装系统，好在没有什么重要资料在上面
以后服务器千万别用Windows，太容易被攻击了，还是Linux 安全

------本页内容已结束，喜欢请分享------

感谢您的来访，获取更多精彩文章请收藏本站。

版权声明 1 本网站名称： 冨滒運維
2 本站永久网址：http://www.92fuge.com
3 本网站的文章部分内容可能来源于网络，仅供大家学习与参考，如有侵权，请联系站长QQ945049914进行删除处理。
4 本站一切资源不代表本站立场，并不代表本站赞同其观点和对其真实性负责。
5 本站一律禁止以任何方式发布或转载任何违法的相关信息，访客发现请向站长举报
6 本站资源大多存储在云盘，如发现链接失效，请联系我们我们会第一时间更新。

THE END