※ 引述《hiyasa (asashi)》之銘言：
: 請教下
: 中了勒索病毒 gyjkmyli
: 查下似乎是新品種
: 當下已放棄檔案 並想format 更新到win10 (目前用win7)
: 我查下有些檔案(jpg)沒被加密 可以開啟 這些都安全嗎??
: 我是想用隨身碟帶走正常開啟的檔案 若放入其他電腦會不會也中毒??
: 謝謝!
我也中了
附檔名後面加上awwjfvkw
看板上各位 新型的是後面加上附檔名後面隨機8個英文字
但是現在網路上沒有找到解法
現在只有先拿卡巴司機將源頭砍了
readme的裡面訊息是
ALL YOUR DOCUMENTS PHOTOS DATABASES AND OTHER IMPORTANT FILES HAVE BEEN
ENCRYPTED!
====================================================================================================
Your files are NOT damaged! Your files are modified only. This modification
is reversible.
The only 1 way to decrypt your files is to receive the private key and
decryption program.
Any attempts to restore your files with the third party software will be
fatal for your files!
====================================================================================================
To receive the private key and decryption program follow the instructions
below:
1. Download "Tor Browser" from https://www.torproject.org/ and install it.
2. In the "Tor Browser" open your personal page here:
http://nm9m0h6kfve208cxmve.smxpvudyf3avtk7r.onion/awwjfvkw
Note! This page is available via "Tor Browser" only.
====================================================================================================
Also you can use temporary addresses on your personal page without using
"Tor Browser":
http://nm9m0h6kfve208cxmve.putshis.space/awwjfvkw
http://nm9m0h6kfve208cxmve.wetook.host/awwjfvkw
http://nm9m0h6kfve208cxmve.nowsays.pw/awwjfvkw
http://nm9m0h6kfve208cxmve.toowe.site/awwjfvkw
Note! These are temporary addresses! They will be available for a limited
amount of time!

到底哪來這麼多害我好好奇

應該是後面隨機8個英文字母 等高手解開

請留下作業系統 有無更新 防毒軟體 連網方式中獎前有沒有按過可疑的東西 供後世參考

win7 無更新 沒裝防毒軟體

沒裝防毒還能拖到現在才中也太猛

win10不更新一樣啦 天擇

其實已經有很多人在討論最近的新病毒，目前還沒有正式式的知道這是哪一款病毒，但應該是wcry的變形建議先將檔案存起來之後也許趨勢的解密工具可以幫忙解，然後也建議裝防毒，pccillin的勒索剋星就是針對勒索病毒的，可以試試

我有中 用趨勢的分析會說跟JIGSAW很像 不過解不了只能看硬碟有沒有冷備份了