Jump to content

GT500

Member
  • Posts

    14249
  • Joined

  • Days Won

    456

Posts posted by GT500

  1. I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
    https://id-ransomware.malwarehunterteam.com/

    You can paste a link to the results into a reply if you would like for me to review them.

  2. On 5/20/2021 at 11:56 PM, globo depre said:

    In full year 05/2021, I have this problem variant online extension .igvm, can someone help ???

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  3. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  4. 9 hours ago, alialtahan said:

    please help me to solve my pc the id is offline what a work to solve it

    Another victim who also has this same offline ID will have to pay the ransom, and donate the private key to us so that we can add it to our database for our decrypter.

  5. 16 hours ago, amiretto said:

    No key for New Variant offline ID: ffMYeEIl8VXTNtDFDB8XTask2PZgkOrOTmhHKet1
    Notice: this ID appears be an offline ID, decryption MAY be possible in the future

    This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

    There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  6. 18 hours ago, IslamCR7 said:

    So if i unchecked the second option "Automatically quarantine programs with bad reputation", it will give me the options to decide or it will not work at all.

    If you disable "Automatically quarantine programs with bad reputation" then the Behavior Blocker will display an alert for known bad programs rather than taking automatic action.

    • Thanks 1
  7. 6 hours ago, lassegoa said:

    Are there people that are dedicated to solve these things out there?? I meen there MUST be some computer geniuses/hackers/Athorities/Megatech companies that are working on this global problem out there...

    The type of encryption used is well known, as are the RSA keys used by the ransomware. If anyone is doing anything, it would be probing for vulnerabilities in the way files were encrypted that might allow for decryption. If anyone is doing this, then they have not made it publicly known (it would more than likely be against everyone's best interest if they did).

    Regardless of whether anyone is still analyzing this ransomware (and I doubt that anyone is), the best chance or everyone getting their files back is for law enforcement agencies to find and arrest the criminals behind this ransomware, and liberate their database of private keys for us to add to our decrypter's database.

     

    7 hours ago, lassegoa said:

    how soon is it possible a solution wil be put out?

    It's been 2 or 3 years since the "Djvu" variant of the STOP ransomware first appeared. I don't expect anything to change any time soon, however it really isn't possible to guess when someone may release private keys for a ransomware.

  8. 8 hours ago, Sabbir said:

    No key for New Variant online ID: ul4OVgNd7bJyiDBt4m1rSzN7xoQqd1OawnZF8elL
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  9. 16 hours ago, shafeeq said:

    No key for New Variant online ID: NJZrv9LFZSyt0462KBiOiDW0Mn44l65cGS42SAH5
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  10. 16 hours ago, Sashikant Mohanty said:

    No key for New Variant online ID: vdgPBXNVavg52fMUIFL2nSBjNjegzLnJlqmlL9N9

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

     

    16 hours ago, Sashikant Mohanty said:

    When can I expect this to come?   Please inform when It will crack.

    If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back.

    Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

    We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:
    https://www.bleepingcomputer.com/

    If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:
    https://www.bleepingcomputer.com/feed/

  11. 6 hours ago, IslamCR7 said:

    the problem is Emsisoft gives me the options to decide most of the times but sometimes it automatic detects and quarantines the threat with notification in the right center of the screen. I want to know why is this happening?

    The alert setting only applies to the Behavior Blocker. The File Guard will still automatically quarantine anything that the Anti-Virus engines used by Emsisoft Anti-Malware detect as malicious or potentially unwanted.

    Note that the Behavior Blocker exists as a backup for the File Guard, and only takes action for files that are unknown. Emsisoft Anti-Malware isn't intended to only do behavioral detection, nor is it intended to function like a HIPS (Host-based Intrusion Prevention System) which asks the user about everything.

  12. 1 hour ago, brunosilva said:

    used decrypt_STOPDjvu by descripty the archives but show me this error exception during a WebClient request.

    That happens because the decrypter requires access to our online systems while it runs.

     

    1 hour ago, brunosilva said:

    No key for New Variant online ID: sZ593qN0T5vgLLmmrNPzGhYk64q7k2XNtmo5PIPZ
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  13. 8 hours ago, Wasif.Malik said:

    No key for New Variant online ID: EztsiB7CUW0qd8XZawIDGheYGtpFurALM7fvLKpD
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  14. 8 hours ago, rasp said:

    No key for New Variant offline ID: 3pNdLH1399769YerBBKCxHURRAqLhaXsGw3Fbkt1
    Notice: this ID appears be an offline ID, decryption MAY be possible in the future

    This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

    There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  15. 11 hours ago, andykurniawan17 said:

    No key for New Variant offline ID: 3pNdLH1399769YerBBKCxHURRAqLhaXsGw3Fbkt1
    Notice: this ID appears be an offline ID, decryption MAY be possible in the future

    This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

    There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  16. 11 hours ago, Supervegito said:

    I ran the emsisoft decryptor but its stuck at starting.

    That usually means that the decrypter is still searching for encrypted files. It may take some time if there are a lot of files for it to search for. It may also appear to get "stuck" on this step if another program (such as Anti-Virus software) is interfering with it, so please make sure it is excluded in any security/Anti-Virus software you have installed.

  17. On 5/15/2021 at 2:01 PM, JohnnyZ957 said:

    No key for New Variant online ID: kTw8TSKcKHv1Z3hxBdkAC0VVp4YU5afaN7Go3vXA
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  18. On 5/15/2021 at 8:14 AM, rajkumar55 said:

    No key for New Variant online ID: pv5IAa1sR9j0WiodaZnMD7PiAN2nQeZkfTGZtio0
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

×
×
  • Create New...