@qime123 you need to use google because it is to long to type here how to remove this ransomware ...
this here is a little txt abouth wat is this ransomware ...
What is Moqs ransomware?
Moqs is a malicious program belonging to the Djvu ransomware family. It is designed to encrypt data and demand ransoms for the decryption. In other words, this ransomware renders files inaccessible, and victims are asked for payment - to recover access to their data.
During the encryption process, affected files are appended with the "
.moqs" extension. For example, a file initially named something like "
1.jpg" would appear as "
1.jpg.moqs", "
2.jpg" as "
2.jpg.moqs", "
3.jpg" as "
3.jpg.moqs", and so forth. After this process is complete, a ransom note is created in a text file titled "
_readme.txt".
Moqs ransom note overview
The ransom-demanding message ("_readme.txt") states that victims' databases, documents, pictures, and other important files have been encrypted. Decryption keys and tools must be purchased from the cyber criminals - to restore the data. The price of the recovery tools is stated to be 980USD.
If victims establish contact with the criminals within 72 hours - the ransom will be reduced by 50% (490USD). Communication is to be held over email. Additionally, an encrypted file (which does not contain valuable information) can be attached to the emails; the decryption of this file will serve as proof that data restoration is possible.
Should no response from the cyber criminals arrive within 6 hours, victims are instructed to check their "Spam/Junk" email folders for the reply.
Moqs ransomware in detail
Unfortunately, in most ransomware infections, decryption is impossible without interference of the cyber criminals responsible. It might be if the malicious program is still in development and/or has significant flaws. Whatever the case, it is expressly advised against meeting the ransom demands.
Despite paying, victims often do not receive the promised decryption tools. Therefore, their files remain encrypted (essentially worthless) and they experience a financial loss. To prevent Moqs ransomware from further encryptions, it must be removed from the operating system.
However, removal will not restore already compromised data. The only solution is recovering the files from a backup, if one was created before the infection and stored in a different location.
Screenshot of a message encouraging users to pay a ransom to decrypt their compromised data:
Similarities with other infections
Haron, Queclink, DECcenter, and Pause are a few examples of malicious programs within the ransomware category. This malware type operates by encrypting data and/or locking the device's screen - to demand payment for the decryption.
There are two significant differences in-between ransomware - the cryptographic algorithms it uses (symmetric or asymmetric) and the ransom size. To avoid permanent data loss, it is highly recommended to store backups in remote servers and/or unplugged storage devices (preferably, in multiple separate locations).
How did ransomware infect my computer?
Ransomware and other malware are commonly distributed via spam campaigns - large-scale operations during which thousands of deceptive/scam emails are sent. These letters can have infectious files attached to and/or linked inside them.
Malicious files can be in a variety of formats, e.g., PDF and Microsoft Office documents, archives (ZIP, RAR, etc.), executables (.exe, .run, etc.), JavaScript, and so on. When the files are executed, run, or otherwise opened - the infection chain is initiated.
Malicious programs (ransomware-types included) are typically disguised as or bundled with ordinary software/media. Untrustworthy download sources, e.g., unofficial and free file-hosting websites, Peer-to-Peer sharing networks, and other third-party downloaders - often offer malicious software.
Illegal activation ("cracking") tools and fraudulent updaters are prime examples of malware-spreading content. "Medicines" can infect systems instead of activating licensed products. Fake updaters cause infections by exploiting outdated program weaknesses and/or by installing malicious software rather than the updates.