※ 引述《hiyasa (asashi)》之铭言：
: 请教下
: 中了勒索病毒 gyjkmyli
: 查下似乎是新品种
: 当下已放弃档案 并想format 更新到win10 (目前用win7)
: 我查下有些档案(jpg)没被加密 可以开启 这些都安全吗??
: 我是想用随身碟带走正常开启的档案 若放入其他电脑会不会也中毒??
: 谢谢!
我也中了
附档名后面加上awwjfvkw
看板上各位 新型的是后面加上附档名后面随机8个英文字
但是现在网络上没有找到解法
现在只有先拿卡巴司机将源头砍了
readme的里面讯息是
ALL YOUR DOCUMENTS PHOTOS DATABASES AND OTHER IMPORTANT FILES HAVE BEEN
ENCRYPTED!
====================================================================================================
Your files are NOT damaged! Your files are modified only. This modification
is reversible.
The only 1 way to decrypt your files is to receive the private key and
decryption program.
Any attempts to restore your files with the third party software will be
fatal for your files!
====================================================================================================
To receive the private key and decryption program follow the instructions
below:
1. Download "Tor Browser" from https://www.torproject.org/ and install it.
2. In the "Tor Browser" open your personal page here:
http://nm9m0h6kfve208cxmve.smxpvudyf3avtk7r.onion/awwjfvkw
Note! This page is available via "Tor Browser" only.
====================================================================================================
Also you can use temporary addresses on your personal page without using
"Tor Browser":
http://nm9m0h6kfve208cxmve.putshis.space/awwjfvkw
http://nm9m0h6kfve208cxmve.wetook.host/awwjfvkw
http://nm9m0h6kfve208cxmve.nowsays.pw/awwjfvkw
http://nm9m0h6kfve208cxmve.toowe.site/awwjfvkw
Note! These are temporary addresses! They will be available for a limited
amount of time!

到底哪来这么多害我好好奇

应该是后面随机8个英文字母 等高手解开

请留下作业系统 有无更新 防毒软件 连网方式中奖前有没有按过可疑的东西 供后世参考

win7 无更新 没装防毒软件

没装防毒还能拖到现在才中也太猛

win10不更新一样啦 天择

其实已经有很多人在讨论最近的新病毒，目前还没有正式式的知道这是哪一款病毒，但应该是wcry的变形建议先将档案存起来之后也许趋势的解密工具可以帮忙解，然后也建议装防毒，pccillin的勒索克星就是针对勒索病毒的，可以试试

我有中 用趋势的分析会说跟JIGSAW很像 不过解不了只能看硬盘有没有冷备份了