How to remove STOP (DJVU) Ransomware and decrypt .bufas, .ferosas, .dotmap or .radman files

Standard

STOP Ransomware (DJVU Ransomware) continues its malicious activity in May, 2019, and now adding .bufas, .ferosas, .dotmap or .radman extensions to encrypted files. Malware aims most important and valuable files: photos, documents, databases, videos, archives and encrypts them using AES-256 algorythms. Encrypted files become unusable and cybercriminals start extorting ransom. Ransomware creates _readme.txt file, that is called “ransom note”, on the desktop and in the folders with encrypted files. Hackers demand $980 for decryption of your files (message states, that victims will get 50% discount if they’ll contact cyber criminals within 72 hours after the encryption). According to many reports, malefactors often don’t reply to victims, when they receive ransom payment. We strongly do not recommend paying any money. Files encrypted by some versions of STOP (DJVU) Ransomware can be decrypted with help of STOPDecrypter. Dr.Web specialists decrypted files encrypted with some variants of STOP Ransomware in private. Dr.Web does not have a public decoder. Before trying to decode the files, you need to stop active process, and remove STOP Ransomware.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close