GT500

Emsisoft Employee
  • Content Count

    12543
  • Joined

  • Days Won

    375

Everything posted by GT500

  1. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  2. As far as I am aware the criminals who make the STOP/Djvu ransomware do usually send a working decrypter.
  3. No. That's not physically possible.
  4. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. You need to try another file pair. Or try removing the ".vesad" from the end of the file name, and see if it opens (you should probably make a copy of the file and try it on that, so that you don't mess up the encrypted file).
  7. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  8. This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. That option is called Controlled Folder Access, is only available on Windows 10, and doesn't usually work if you have a third-party Anti-Virus software installed. It may also be prone to causing issues by blocking access to certain files (or at least preventing you from saving files in your Documents, Pictures, Videos, etc. folders).
  10. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  11. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  12. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  13. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  14. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  15. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  16. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  17. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  18. I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like for me to review them.
  19. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Also, for your own safety, please don't accept assistance from anyone who contacts you via online help forums. The criminals who make these ransomwares monitor these forums, and they will try to scam you out of money. Tradução fornecida pelo Google: Esta é uma variante mais recente do STOP / Djvu, e seu ID é um ID online, portanto, atualmente não há como descriptografar seus arquivos. Há mais informações no seguinte link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Além disso, para sua própria segurança, não aceite ajuda de ninguém que entre em contato com você por meio de fóruns de ajuda on-line. Os criminosos que fabricam esses ransomwares monitoram esses fóruns e tentam enganá-lo sem dinheiro.
  20. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. They only give private keys to those who pay them. The only way we get them is when victims give them to us, but with online ID's the private keys will only work on one computer, so we can't help people with online ID's decrypt their files.
  22. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  23. The information about the encryption used can be found at the following link: https://translate.google.com/translate?hl=en&sl=ru&tl=en&u=https%3A%2F%2Fid-ransomware.blogspot.ru%2F2016%2F11%2Fdharma-ransomware.html It's secure encryption, and there's no way to crack it. If you were able to get a memory dump from the ransomware while it was encrypting files, then in more than likely wouldn't help. RSA keys use a public key to encrypt, and a private key to decrypt. The private key is kept safely in a remote server while the ransomware uses the public key to encrypt files, and there's nothing you can learn from the public key that would help with decryption of files. I would believe the keys are generated securely, and if they were generated on a remote server then you could never be entirely certain what time they were generated, and so even if there was the possibility of a time-based RNG exploit then you wouldn't be able to do anything with it. They won't get powerful enough fast enough. The odds are much better of law enforcement catching the criminals and confiscating their database of private keys. We don't normally recommend that, however if you feel that's the only way to get your files back in a reasonable amount of time then we understand that you have to do what you feel is best.
  24. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  25. That's perfectly fine. Everything the decrypter needs to know about your encrypted files was added to the files themselves by the ransomware.