Decryptor ransom baru
β π[UPDATE] #STOP_Ransomware Decrypter for .gero | .hese | .kvag | .meds | .moka | .nesa | .peta and .seto
βONLY for files crypted by the OFFLINE KEY
βΉ Find the PesonalID.txt file on your infected machine. This file is in the folder C:\ SystemID\PesonalID.txt.
You will be able to check if there is only one or multiple ID.
If one of this ID is ending by t1 there is some chance that some or your files are crypted by the offline key and, when we will find it, you will be able to recover those files for free.
If you find ID not ending by t1 there are some bad chance that somes of your files are crypted by an online key and, for the moment, there are no way to decipher them except by paying the ransom to hackers. We highly recommand to victims not to pay any ransom to these criminal hackers because this is giving them strengh to continue this dirty business.
β Download: https://we.tl/t-JpXEaFB3oZ
β Backup all your encrypted files to an external drive before start decrypting.
β Start decrypter_2.exe
β copy and paste the key for your variant below:
You need copy-paste Private key with —–BEGIN PRIVATE KEY—– and —–END PRIVATE KEY—–
.seto = https://pastebin.com/xLM2Xxq2
.gero = https://pastebin.com/xUEq3Axq
.hese = https://pastebin.com/u6Rk8EVN
.kvag = https://pastebin.com/v1XM0Qvm
.meds = https://pastebin.com/VQumz2rC
.moka = https://pastebin.com/vcBS6C9E
.peta = https://pastebin.com/1hRYdvLw
.nesa = https://pastebin.com/T0aVkYnD
β Select the button Decrypt file to make a test with one file before selecting Decrypt Folder or Start.
βΉ Many victims have files crypted by both an online key and the offline key so it may not decrypt all your files.
βΉ Credit:
Emmanuel_ADC-Soft, Yousif_Ayman, Demonslay335