[勒索病毒求助]网中了勒索病毒,文件被加密,后缀“.mppq”
文件被加密为.mppq,寻求帮助,谢谢!勒索文本如下:
ATTENTION!
Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://p0.ssl.qhmsg.com/dr/217__100/t011006fa7561f919c3.png
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.
To get this software you need write on our e-mail:
helpteam@mail.ch
Reserve e-mail address to contact us:
helpmanager@airmail.cc
Your personal ID:
0302ewgfDdSnhFRXfePu6xjt5jtqz6AKo5g1iC7x9d725tDAmJ
自己查到的信息:
Identified by:
ransomnote_email: helpmanager@airmail.cc
sample_extension: .mppq
sample_bytes: 0x7B33364136393842392D443637432D344530372D424538322D3045433542313442344446357D
Click here for more information about STOP (Djvu).
Case number: e56f9a04208a18d7ff52fc11d8b16d9b2af2cfd51623173794
目前试过360解密不行;用了EMSI soft Decryptor 的Stop Djuv
提示:Error: No key for New Variant online ID: SnhFRXfePu6xjt5jtqz6AKo5g1iC7x9d725tDAmJ
Notice: this ID appears to be an online ID, decryption is impossible MPPQ 病毒清除 如何恢复 .mppq 文件
该Mppq病毒是STOP / DJVU家庭的勒索型感染。该病毒会对您的文件(视频、照片、文档)进行加密,这些文件可以通过特定的“.MPPQ”扩展名进行跟踪。它使用强加密方法,这使得无法以任何方式计算密钥。
Source: https://howtofix.guide/mppq-virus-removal/
下面有工具 pserlee 发表于 2021-6-9 18:29
MPPQ 病毒清除 如何恢复 .mppq 文件
Source: https://howtofix.guide/mppq-virus-removal/
谢谢提供信息,然而,我看完了,正如帖子里说的,工具并没有解决问题,可能这个病毒较新。
还有就是推荐的那个GridinSoft Anti-Malware,不建议购买,因为购买付费的时候要求提供邮箱、卡号、卡有效期、卡的安全验证码。相当于将卡的所有信息都提供了。国内购买的连接,直接支付就行,并不需要提供这些。所以,谨慎支付 看不懂、估计没救了、重要给钱吧。
不重要格式化! 百度找对应勒索病毒的解密工具,找不到果断重装就行,如果有重要文件可以试试硬盘恢复,如果抢救不了也没办法。 只能找专业解锁,我们公司有这方面的技术,可以找我们。 980美刀 真敢要啊 hongskai1 发表于 2021-6-9 16:48
只能找专业解锁,我们公司有这方面的技术,可以找我们。
一般怎么收费呀?我看看情况,谢谢! pserlee 发表于 2021-6-9 18:29
MPPQ 病毒清除 如何恢复 .mppq 文件
Source: https://howtofix.guide/mppq-virus-removal/
非常感谢!我测试下 本帖最后由 jlsplbr 于 2021-6-10 18:43 编辑
这个网站也提供一个病毒介绍和工具链接,楼主可以参考下
https://www.pcrisk.com/removal-guides/21057-mppq-ransomware
https://www.myantispyware.com/2021/06/09/how-to-remove-mppq-ransomware-decrypt-mppq-files/