瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 中了勒索病毒.mosk后缀,属于stopV2版本
mosk后缀stopV2 - 2019-11-8 12:10:00
昨晚不幸中招了,貌似是最新的STOP V2,估计也是联网加密的,是不是确认已经凉凉了?:kaka4:不知道有没有大神能够帮忙恢复,个人电脑,下面是勒索信息:ATTENTION!


Don't worry, you can return all your files!
All your files like photos, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-7cpJN3gq4f
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.




To get this software you need write on our e-mail:
restoredatahelp@firemail.cc


Reserve e-mail address to contact us:
gorentos@bitmessage.ch


Your personal ID:
0180jYgs9f6sKj1A81LLT3x247ONrGUrPlSP0ahTgDIdVZKI7ltm



附件是被加密的文件

用户系统信息:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

附件: crazy.txt.rar
麦青儿 - 2019-11-8 13:52:00
已转相关人员,请稍等
麦青儿 - 2019-11-8 15:32:00
很遗憾,目前解不了。联网加密的不能解密,有兴趣可以关注一下国外论坛关于STOP Ransomware的讨论(可以搜到你的.mosk后缀,国外现也解不了,包括帖子里提到的Emsisoft 工具)
https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/


如果文件实在重要,可以先留个备份,以备将来万一能恢复。
如果还没杀毒,备份完文件,可下载 瑞星安全云终端,安装升级后全盘扫一遍,另外勒索病毒重在预防,推荐使用 瑞星之剑 来防护。目前这俩都能免费用。
1
查看完整版本: 中了勒索病毒.mosk后缀,属于stopV2版本