GT500

Emsisoft Employee
  • Content Count

    10455
  • Joined

  • Days Won

    294

GT500 last won the day on November 4

GT500 had the most liked content!

Community Reputation

589 Excellent

10 Followers

About GT500

  • Rank
    Emsisoft Support
  • Birthday 10/22/1984

Contact Methods

  • Website URL
    https://helpdesk.emsisoft.com/

Profile Information

  • Gender
    Male
  • Location
    Indiana, USA
  • Interests
    Computers, security, amino acids, fructose malabsorption, liberty, firearms, John Calvin, etc.

Recent Profile Visitors

48617 profile views
  1. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  2. That's not a key, and can not be used for decryption. Newer variants of STOP/Djvu use a form of RSA encryption that is secure, and requires a private key to decrypt files. The private key never leaves the command and control server operated by the criminals. Your ID is an online ID. This means the decrypter won't be able to decrypt your files. This is also an online ID, and the decrypter won't be able to decrypt your files either. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  3. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. You didn't have an offline ID, so you'll need to supply file pairs via the submission form so that the decrypter can "learn" how to decrypt your files. There's more information about this at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. @saeed and @AZAD you both have online ID's. Without knowing whether your files were encrypted by an older or newer variant of STOP/Djvu, I can't tell you whether or not your files will be recoverable. If it's an older variant then you just have to supply file pairs to our submission form. If it's a newer variant, then there's nothing we can do. The information at the following link should help you determine that: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. The form of encryption used in newer variants isn't susceptible to the use of file pairs. Normally, with the type of encryption it uses, it's secure enough that there's no way to decrypt files without the private key. The only alternative is waiting tens of thousands of years for a supercomputer to brute force the key.
  8. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. Right now the only possibility (beyond paying the ransom) is if law enforcement is able to catch the criminals and release their database of private keys for us to add to our decryption service.
  10. After a quick look at their website, I see the statement "We gurantee Ransomware recovery from all types of ransomware." I can tell you right now that this statement is 100% false. There are plenty of ransomwares where the only data recovery method is paying the ransom, so the odds are pretty good that when someone doesn't have a free decrypter they can use that they just pay the ransom without telling you and then charge you more than you would have had to pay the criminals.
  11. I'm personally not familiar with this company, however I'll ask our team and see if anyone else is.
  12. They can also buy lists of known phone numbers.
  13. Michael confirmed what I said about the decrypter. It doesn't try to validate the ID, it just requests a key for the ID from our database. If no key is found, then an error is displayed.
  14. It looks like there's nothing we can do about Nemty at the moment. We understand the technical detains about how the encryption works, and in theory we know how to make a decrypter, but we don't know for certain if we could do any better than Tesorion because we can't analyze their decrypter. Our best guess right now is that the file you're trying to decrypt is a type of file that Tesorion's decryption service isn't familiar with, and thus it can't verify if it was able to decrypt the file properly. If there's a way to contact them about it, then that might be the best course of action, as only they know for certain how their decryption service works.
  15. That looks like a little more than a normal STOP/Djvu ID. If part of it is a STOP/Djvu ID, then it certainly doesn't appear to be an offline ID.