Dekryptere filer krypteret af STOP Ransomware (opdateringen fra oktober 2019)
TRUSSEL FJERNELSE

STOP Ransomware Decryptor – Sådan Dekryptér filer (Opdateret)

1 Star2 Stars3 Stars4 Stars5 Stars (7 stemmer, gennemsnit: 3.57 ud af 5)
Loading ...

opdateringen fra oktober 2019. Dette er en artikel, skabt til at forklare, hvordan du kan dekryptere filer, krypteret med STOP Ransomware virus.

STOP ransomware er den type malware, hvis vigtigste idé er at få brugerne til at betale løsepenge i form af Bitcoin at få deres filer tilbage. Ikke alle varianter af denne ransomware kan dekrypteres gratis, men vi har tilføjet den decryptor bruges af forskere, der ofte opdateret med de varianter, der i sidste ende blive dekrypteret. Du kan prøve og dekryptere dine filer ved hjælp nedenstående vejledning, men hvis de ikke arbejde, så desværre din variant af ransomware virus er ikke dekrypteres.

STOPDecrypter (STOP Ransomware) – Opdatering September 2019

As reported by Michael Gillespie, the operators of STOP ransomware have altered its code in newer versions. These changes make the way the decrypter work impossible, starting with .coharos, .gero, and .hese. Tilsyneladende, the cybercriminals started to utilize proper asymmetrical encryption, meaning the offline keys will no longer be valid for decryption after the release of the final keys Gillespie extracted.

The researcher is now working towards closing this decrypter, and continuing work on a new decrypter that will work only for the old versions of STOP (up to .carote). The new decrypter will completely replace STOPDecrypter once it’s released, and will work in a different way, forskeren sagde.

This version of STOPDecrypter currently works for .nuksus, .cetori, .carote, and .stare files. It is designed to support specific offline IDs, so it may not be effective for all occasions of the various iterations of the ransomware.

We will create another article with illustrated instructions when the new STOPDecrypter is released.

STOP Ransomware - Flere oplysninger

Forskere har kategoriseret STOP ransomware at være af flere forskellige varianter.

  • Varianten med de store udvidelser.
  • Puma varianter af STOP.
  • De Djvu STOP varianter.

store bogstaver filtype varianter kun omfatte store udvidelser, og de er en smule forældet, while the Puma and Djvu variants are relatively new ones as the Djvu variants of STOP ransomware being the latest viruses to hit the world.

How to Decrypt Your Files Encrypted by STOP Ransomware

For at dekryptere dine filer, først you need to download STOP Decryption tool (a.k.a. STOPDecrypter).

Efter download, Sørg for at følge disse trin:

Trin 1) Uddrag af Decrypter eller andet sted:

Trin 2) Kør det som administrator:

Trin 3) Klik på "Vælg Directory" og derefter vælge en mappe, hvor dine vigtige filer er krypteret.

Trin 4) Klik på dekryptere og være tålmodig. Softwaren vil vende tilbage, hvor mange filer blev dekrypteret:

Fjern STOP Ransomware

Vær sikker på at kun fjerne STOP, når dine filer er dekrypteret. Hvis filerne ikke dekrypteres, du skal vente, indtil sikkerhedseksperter opdaterer decryptor at arbejde for din variant. Indtil da, Vi anbefaler, at du sikkerhedskopiere dine krypterede filer og ikke betale ransomware. Også, du kan forsøge at få nogle af dine filer tilbage ved at følge anvisningerne alternativ nyttiggørelse de nedenunder. De er ingen garanti for, at du får alle dine filer tilbage, men med deres hjælp, du kunne gendanne det mindste nogle af filerne.

At fjerne STOP ransomware, du bør følge de to første trin. Hvis de ikke virker, derefter forsøge at fjerne denne virus automatisk med en avanceret anti-malware-software. Sådan software er ofte den foretraekke fjernelse metode, da det har til formål at opdage en slette alle STOP filer plus fjerne dem.

Avatar

Ventsislav Krastev

Ventsislav har dækket de nyeste malware, software og nyeste tech udviklinger på SensorsTechForum for 3 år nu. Han startede som en netværksadministrator. Have uddannet Marketing samt, Ventsislav har også passion for opdagelsen af ​​nye skift og innovationer i cybersikkerhed, der bliver spillet skiftere. Efter at have studeret Value Chain Management og derefter Network Administration, han fandt sin passion inden cybersecrurity og er en stærk tilhænger af grunduddannelse for alle brugere mod online sikkerhed.

Flere indlæg - Websted

46 Kommentarer

  1. AvatarSthiyn

    Hej Ventsislav,

    My system had been attacked by .rectot ransomeware, sidste uge. The files are encrypted. I have tried STOPDecryptor, but the decryption was denied due to no keys available for the following ID.

    pxWoC3VofRIj9qm3EywMcSZCrdOHVULWFqGvjJKp

    Can you please help me to retrieve my files

    Svar
    1. AvatarVentsislav Krastev (Indlæg forfatter)

      Hej, for the moment there are only about 30 decryption keys in the decrypter. Backup your files and wait for the decryptor to be updated. It usually gets updated every 10 days or so.

      Svar
  2. AvatarHugo

    Hola Ventsislav,

    Mi sistema fue atacado por ransomware .rezuc, hace dos dias. Los archivos están encriptados. He probado con STOPDecryptor, pero el descifrado fue denegado
    ID :
    sAkrsf5GtCegelujc1BiEbEIXc7mBBFkWliJgYI0 (.rezuc )

    Svar
    1. AvatarMilena Dimitrova

      Hi Hugo,

      The reason may be that the tool is designed to support specific offline IDs, så det kan ikke være effektiv for alle lejligheder på .rezuc ransomware infektioner.

      Svar
  3. AvatarMz islam

    Hej

    I have attacked by .stone malware.Any update on it.

    Svar
  4. AvatarKadek Doni

    hallo, saya terkena serangan rezuc sudah saya hapus virus dan sudah saya dekrip menggunakan STOPDecrpter tapi masih tidak bisa,
    [!] No keys were found for the following IDs:
    [*] ID: WGilpyyKEdCsZtqgJQJDyZFDZRJLgqXkDt2Cn1bI (.rezuc )

    Svar
  5. AvatarJuan

    QTxwfONh4EEd3XUaSKGlJAa6gnc1qExRkDAfc8Il (.rezuc )

    Svar
    1. AvatarMilena Dimitrova

      Hi Juan,

      Did you try using the decrypter? It may be able to partially decrypt some of your files.

      Svar
      1. AvatarFernando Calderon

        Milena Dimitrova, te funcionó con el descifrador?

        También estoy siendo afectado por el . rezuc

        Ojalá pueda existir alguna solución.

        Svar
  6. AvatarTop Marsetiya Fund

    hello sir, Vær venlig at hjælpe mig. my PC was atack .rezuc 2 en uge siden . i have used stop decrypter. Desværre, it is not success. Vær venlig at hjælpe mig
    [!] No keys were found for the following IDs:
    [*] ID: cn00hmtMuQnAXDeGdCAxRRCtIxPnEe67zYAIErey (.rezuc )
    Please archive these IDs and the following MAC addresses in case of future decryption:
    [*] MACs: FC:3F:DB:39:E1:5B, 60:6D:C7:F7:DB:09, 62:6D:C7:F7:DB:09, 62:6D:C7:F7:D3:09, 60:6D:C7:F7:DB:0A
    This info has also been logged to STOPDecrypter-log.txt

    Svar
  7. AvatarIndtastning Sagar

    No key found for
    ID: 094KJASHd743dfg76fdfN3In9TaUitalymIQE7m8wG5kr5CVBqn1uAC1eHMt
    Kindly help me get the key as my all imp data hsa been encypted .
    Tak
    Sagar

    Svar
  8. AvatarJoaquín

    hilsen, fui atacado por el .lanset desde el 3 de junio, voy a seguir las indicaciones y comento como me fue

    Svar
  9. AvatarAther Saeed

    Kære hr,
    My PC attacked my vesad Ransomware yesterday. I have used stopdecrypter but No If found show and still waiting to recover my data. Can you please help me in this matter

    Svar
  10. AvatarMax

    buenas tardes yo tengo un problema con un virus que me encripto los documentos con un .lanset y la aplicación manda esto:

    Ingen nøgle til id: MgAeYiYcERnWXoMBuAtbMk00jMzQo30bPiDS5b7G (.lancet )
    Uidentificeret id: MgAeYiYcERnWXoMBuAtbMk00jMzQo30bPiDS5b7G (.lancet )
    MACs: F0:4D:A2:6Og:0F:BE, 8C:A9:82:21:28:48, 00:0D:F0:90:8Og:3A

    ojala me pudieran ayudar

    Svar
  11. AvatarYounes

    Mon système avait été attaqué par .boston ransomware. Les fichiers sont chiffrés. J’ai essayé STOPDecryptor, mais le décryptage a été refusé en raison d’aucune clé disponible pour l’ID suivante.

    [-] Ingen nøgle til id: h7sKicaMLw9rahE9B05UJhximTsaRjBTjpug3GYj (.boston )

    [!] No keys were found for the following IDs:
    [*] ID: h7sKicaMLw9rahE9B05UJhximTsaRjBTjpug3GYj (.boston )
    Please archive these IDs and the following MAC addresses in case of future decryption:
    [*] MACs: DC:A9:71:6C:FF:ED, E8:03:9A:16:3Og:7C
    This info has also been logged to STOPDecrypter-log.txt

    Pouvez-vous s’il vous plaît aidez-moi à récupérer mes fichiers

    Svar
  12. AvatarYounes

    My system was attacked by .boston ransomware. The files are encrypted. I tried STOPDecryptor, but the decryption was denied due to no key available for the next ID.

    [-] Ingen nøgle til id: h7sKicaMLw9rahE9B05UJhximTsaRjBTjpug3GYj (.boston )
    [!] No keys were found for the following IDs:
    [*] ID: h7sKicaMLw9rahE9B05UJhximTsaRjBTjpug3GYj (.boston )
    Please archive these IDs and the following MAC addresses in case of future decryption:
    [*] MACs: DC:A9:71:6C:FF:ED, E8:03:9A:16:3Og:7C

    This info has also been logged to STOPDecrypter-log.txt
    Can you please help me recover my files

    Svar
    1. AvatarMilena Dimitrova

      Hi younes,

      You can learn more about the .boston ransomware from this article: https://sensorstechforum.com/remove-boston-ransomware/

      Svar
  13. AvatarTA

    my system is effected by phobos ransome ware, is there any file Decryptor available.

    Svar
  14. Avatarforlade

    my pc is attack with lanset file, nothing help can you help me ? its from stop decriptor
    [+] Loaded 59 offline keys
    Please archive the following info in case of future decryption:
    [*] ID: OhAKRb0PtyEIJpbtKYWv4vB7W9OBJMKx0IeExn1X
    [*] MACs: 00:1F:16:CF:F4:15, 02:00:4C:4F:4F:50, 12:17:C4:B6:19:EF, 22:17:C4:B6:19:EF, 00:17:C4:B6:19:EF
    This info has also been logged to STOPDecrypter-log.txt

    Svar
  15. AvatarDhanushka Wanasinghe

    Mange tak. And It worked for .muslat extension. That was a headache for me. I tried with so many tools but , I wonder this tool worked for me. I recommend this for all you get infected by this shit.

    Svar
  16. AvatarDeltag

    My files infected ransomware extension .poret ,kan du venligst hjælpe mig! Tak.

    Din personlige ID:
    096Asudh743uifdgdRqM2r84mfpJgkHbqoXhpXKlMf0TqRIzRBGBEGUs7

    Svar
    1. AvatarMilena Dimitrova

      Hi cironi,

      You can learn more about the ransomware from this article: https://sensorstechforum.com/remove-poret-files-virus/

      Svar
  17. AvatarDeltag

    Ingen nøgle til id: RqM2r84mfpJgkHbqoXhpXKlMf0TqRIzRBGBEGUs7 (.Poret )
    Uidentificeret id: RqM2r84mfpJgkHbqoXhpXKlMf0TqRIzRBGBEGUs7 (.Poret )
    MACs: 74:D0:2B:2C:9C:FF

    Svar
  18. AvatarESTEBAN

    Hej, tuve un problema con este virus ransomware, me ataco y el codigo es .NOVASOF Y .BOPADOR POR FAVOR NECESITO AYUDA CON ESTE CODIGO 27/07/2019

    Svar
  19. AvatarEsmael zabeti

    si vous avez pour rabbit4444 ransomware
    tak

    Svar
    1. AvatarMilena Dimitrova

      Hi esmael,

      Here you can read more about the ransomware: https://sensorstechforum.com/rabbit4444-files-virus-remove/

      Svar
  20. AvatarRahul

    my system has an ransomware .nelasod it affected all my file
    please help to recover my file

    Svar
  21. Avatarcabinas321smile@hotmail.com

    hola buenas noches , no me deja descargar el desifrador porq me lleva a una pagina supuestamente con virus ,

    Svar
  22. AvatarFerianto Suharta

    Hej, Ransomware attacked my PC since May 2019,
    with file .dotmap

    please help with my data below
    Din personlige ID:
    085Asdhih8743yisdfFDP0I4Kof9HLwaMcp08ggr7wfX4fUKFU2w44erdoao

    Svar
  23. AvatarZvonimir

    My files infected ransomware extension .masodas,kan du venligst hjælpe mig! Tak.
    ...
    Din personlige ID:
    151hTdLhhG9q7dhPXHvumM8FJyRGQTefDCsNbGBlCVaarWqYPh

    Svar
  24. AvatarMo

    MACs: 14:D6:4D:49:98:5F, 14:D6:4D:49:98:58, 14:D6:4D:49:98:5D
    —————————————-
    STOPDecrypter v2.1.0.24
    OS Microsoft Windows NT 6.2.9200.0, .NET Framework Version 4.0.30319.42000
    —————————————-

    Ingen nøgle til id: 9FUPqXCTh4PsEHaQqDRBffLRxXm5RoDjeOezmnUZ (.todar )
    Uidentificeret id: 9FUPqXCTh4PsEHaQqDRBffLRxXm5RoDjeOezmnUZ (.todar )
    MACs: 14:D6:4D:49:98:5F, 14:D6:4D:49:98:58, 14:D6:4D:49:98:5D
    dekrypteret 0 filer, skipped 2

    Svar
  25. AvatarInfected with kovasoh virus

    I have been infected with kovasoh virus, BTCWare Ransom v4 AES256 this variant, can you help me with a decoder?
    ID: JDBXLVkzA4eGCuvOSS4tI5XREH3polEkLc5SvOwf (.kovasoh)
    MACs: E0: D5: 5Og: 43: 23: B8

    Svar
    1. AvatarMilena Dimitrova

      Hej,

      You can find the decryption tool and instructions in this article: https://sensorstechforum.com/remove-kovasoh-virus-restore-files/
      Note that the tool is designed to support specific offline IDs, so it may not be effective for all occasions of Kovasoh infections.

      Svar
  26. AvatarHans

    J’ai été infecté par .masok j’ai essayé plusieurs applications sans succès.
    Mais ce descripteur a marché pour moi. sincèrement Merci.

    Svar
  27. AvatarCleidy ananas Loayza

    Mis archivos de extensión .masodas ransomware infectados,Puedes ayudarme por favor! tak.
    personlige ID:
    151hTdLhhGzOg9XSTKCdP8dlxNwj7ULfkJ9uqCPwpe9DLsEjQc

    Svar
  28. AvatarTharaka

    .vesrato ransomware was attacked to my computer in last month to my PC. I have tried with the stop Decryption tool
    [+] Fil: F:\Doc\Civil 3D\New folder\Drawing2.dwg.vesrato
    [-] Ingen nøgle til id: NuDpRNOvOrnKJCAMBJPpHAF0vqKYPRBQvoD0JeLh (.vesrato

    Hjælp venligst

    Svar
  29. AvatarThildder

    Como descriptografar arquivos criptografados pelo MOKA vírus.

    Svar
  30. Avataredu

    He sidi atacado por .nesa. Ojalá se pueda conseguir la llave.
    Luego de que STOPDECRYPTER descifra algun archivo, en que carpeta los guarda?
    mange tak!!

    Svar
  31. Avataredu

    He sido atacado por .nesa. Ojalá se pueda conseguir la llave.
    Luego de que STOPDECRYPTER descifra algun archivo, en que carpeta los guarda?
    mange tak!!

    Svar
    1. AvatarMilena Dimitrova

      Hi edu,

      Desværre, currently there is no way to decrypt .nesa files, as there’s no official decrypter released.

      Svar
  32. AvatarBrijesh

    Hej Ventsislav,

    My system had been attacked by .format ransomeware, sidste uge. The files are encrypted. I have tried STOPDecryptor, but the decryption was denied due to no keys available for the following ID.

    wE4qoa9XX5bmrO7tLy2qD5ruqlU5ILgJ1FgMJpR1 (.format )

    CjJKpan you please help me to retrieve my files

    Svar
  33. AvatarVentsislav Krastev (Indlæg forfatter)

    Hello Brijesh,

    It seems that your keys are not the same as the ones in the decryptor. You should backup the files and keep trying since the STOP Decrypter gets regularly updated by the researcher who made it as newer STOP virus variants come out. I mellemtiden, you can also try restoring your files using the following alternative file recovery solutions: https://sensorstechforum.com/restore-files-encrypted-ransomware-without-decryptor/

    Svar
  34. Avatarkristen

    Primero que todo, junto con saludarlos, felicito a los creadores y usuarios de este foro.
    Hace 3 días he sido infectado con ransomware que encripto todos mis archivos y los dejo con terminación .noos
    Me pueden ayudar a desencriptar archivos?

    Saludos y gracias

    Svar
  35. AvatarSalvador

    Hola Ventsislav,

    Mi sistema había sido atacado por ransomware .kuub, la semana pasada. Los archivos están encriptados. He tratado STOPDecryptor, pero el descifrado fue denegado debido a ninguna tecla para el siguiente ID.

    Ingen nøgle til id: lwJVH8irj7rWDbGSaO5YsIFmPMmC3IXilgKuTAsQ (.kuub )

    ¿Me podría ayudar a recuperar mis archivos

    Svar
  36. AvatarSalvador

    Mi sistema había sido atacado por ransomware .kuub, la semana pasada. Los archivos están encriptados. He tratado STOPDecryptor, pero el descifrado fue denegado debido a ninguna tecla para el siguiente ID.
    ID: lwJVH8irj7rWDbGSaO5YsIFmPMmC3IXilgKuTAsQ (.kuub )

    Svar
  37. AvatarIsabelita

    ayuda con virus que coloca los archivos con extensión kuub como lo desencripto por favor id UmeMQWLA2nQkz7EUDJ8gkBbwe0Zzs2VRHzMKSrM7

    Svar

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...