※ 引述《hiyasa (asashi)》之銘言： : 請教下 : 中了勒索病毒 gyjkmyli : 查下似乎是新品種 : 當下已放棄檔案 並想format 更新到win10 (目前用win7) : 我查下有些檔案(jpg)沒被加密 可以開啟 這些都安全嗎?? : 我是想用隨身碟帶走正常開啟的檔案 若放入其他電腦會不會也中毒?? : 謝謝! 我也中了 附檔名後面加上awwjfvkw 看板上各位 新型的是後面加上附檔名後面隨機8個英文字 但是現在網路上沒有找到解法 現在只有先拿卡巴司機將源頭砍了 readme的裡面訊息是 ALL YOUR DOCUMENTS PHOTOS DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED! ==================================================================================================== Your files are NOT damaged! Your files are modified only. This modification is reversible. The only 1 way to decrypt your files is to receive the private key and decryption program. Any attempts to restore your files with the third party software will be fatal for your files! ==================================================================================================== To receive the private key and decryption program follow the instructions below: 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. In the "Tor Browser" open your personal page here: http://nm9m0h6kfve208cxmve.smxpvudyf3avtk7r.onion/awwjfvkw Note! This page is available via "Tor Browser" only. ==================================================================================================== Also you can use temporary addresses on your personal page without using "Tor Browser": http://nm9m0h6kfve208cxmve.putshis.space/awwjfvkw http://nm9m0h6kfve208cxmve.wetook.host/awwjfvkw http://nm9m0h6kfve208cxmve.nowsays.pw/awwjfvkw http://nm9m0h6kfve208cxmve.toowe.site/awwjfvkw Note! These are temporary addresses! They will be available for a limited amount of time! -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 125.231.45.87 ※ 文章網址: https://www.ptt.cc/bbs/AntiVirus/M.1534049554.A.E18.html ※ 編輯: dcsr (125.231.45.87), 08/12/2018 13:05:16