GT500

Emsisoft Employee
  • Content Count

    10690
  • Joined

  • Days Won

    297

Everything posted by GT500

  1. Try using a different file pair.
  2. If law enforcement is able to catch the criminals and release their database of private keys, then we'll be able to add them to our decryption service and most people will be able to decrypt their files. As for infections on your computer, feel free to give Emsisoft Emergency Kit a try (free for home/non-commercial use). https://www.emsisoft.com/en/home/emergencykit/
  3. That error happens when there is no decryption key found in our database for a file's ID. Most of the time it simply means they have an online ID, however with a number of newer variants we still don't have the decryption keys for offline ID's and thus the error can be seen in those cases as well. That's a fairly abnormal error message, and could happen due to a number of issues. Something could be blocking the decrypter from connecting to our servers, something could be preventing DNS resolution for the address of the database the decrypter connects to, or there could just be general Internet stability issues causing problems with connecting to our servers. Are you able to visit the following link in a web browser on the effected computer? https://decrypter.emsisoft.com/
  4. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. Your ID is an online ID, however without knowing whether your files were encrypted by an older variant or a newer variant of STOP/Djvu I can't tell you if your files will be decryptable. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. Your ID is an online ID, however without knowing whether your files were encrypted by an older variant or a newer variant of STOP/Djvu I can't tell you if your files will be decryptable. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  8. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. If law enforcement is able to catch the criminals and release their database of private keys, then we can add them to our decryption service so that most people can recover their files.
  10. They don't leave their real IP address in the e-mails they send. If they did, they'd have been in jail a year ago. Assuming you live in the United States, did you file a complaint via the FBI's Internet Crime Complaint Center? The FBI does investigation into ransomware, and it's best to report ransomware related crimes to them.
  11. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  12. Does it work if you leave a blank line at the end of the whitelist.txt file?
  13. These are both newer variants of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  14. @Joseph Victor and @drekabani this is a newer variant of STOP/Djvu, and your ID's are online ID's, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Once the police are able to catch the criminals and release their database of private keys, we'll be able to add them to our decryption service which will allow the decrypter to decrypt almost everyone's files.
  15. If law enforcement is able to catch the criminals and release their database of private keys, then we'll be able to decrypt files with online ID's. File a report with your country's national law enforcement. They tend to prioritize criminal investigations based on the amount of people effected, so the more reports they get the more motivation they will have to catch the criminals. https://www.nomoreransom.org/en/report-a-crime.html
  16. The public key is public for a reason. It can't reveal anything that would allow for decrypting the data.
  17. Yeah, that's because they secretly pay the ransom for you after negotiating a lower price with the criminals, and pocket the difference. If you want a company that you can pay to handle the ransom payment for you, then there are a few that are honest about the fact that they do this. Coveware is one of the more popular examples, although they usually do this for businesses.
  18. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  19. No new decryption tool will be released for online keys. If at some point private keys for online ID's are released, we'll add them to our database that the current decrypter uses so that it can decrypter files for more victims. If you want to know when that happens, then I recommend keeping an eye on BleepingComputer's news feed, as they usually report on things like that: https://www.bleepingcomputer.com/
  20. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. This is a fairly well known Start Menu replacement for Windows, however they've had their download portal compromised a number of times and when it happens the download is replaced by one with malicious code injected into it. Regardless of what you decide, make sure you have Anti-Virus with real-time protection installed.
  22. I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like for me to review them.
  23. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  24. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  25. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/