Jump to content

GT500

Member
  • Posts

    14249
  • Joined

  • Days Won

    456

Everything posted by GT500

  1. You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  2. If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/ Yes and no. If they're large enough then you might be able to open them in Notepad, Notepad++, or another text file editor and see part of the file (the beginning of the file will be encrypted and won't be recoverable). Text files aren't usually large enough though, so expect most of them to be unrecoverable.
  3. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ One of our moderators let me know that I posted the wrong reply. This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. I don't know what variant of STOP/Djvu you have, however you can just run the decrypter. If it can decrypt your files then we have the private key for your ID, and if it can't then we don't have the private key.
  5. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like for me to review them.
  8. Unfortunately text files won't be possible to decrypt without a private key, and even with one I'm not sure if our decrypter will do it. They don't have a file header, so there's no way for the decrypter to tell what they are in order to verify that they decrypted successfully.
  9. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  10. We certainly recommend a backup. As for reformatting, that's not normally necessary with the STOP/Djvu ransomware as it is relatively easy to remove, however if there is the possibility of other infections on the computer then feel free to go ahead and reformat and reinstall Windows if you'd prefer to do that. Traducción proporcionada por Google: Sin duda recomendamos una copia de seguridad. En cuanto al reformateo, normalmente no es necesario con el ransomware STOP / Djvu, ya que es relativamente fácil de eliminar, sin embargo, si existe la posibilidad de otras infecciones en la computadora, no dude en seguir adelante y reformatear y reinstalar Windows si lo prefiere. Para hacer eso. Traducción proporcionada por DeepL: Ciertamente recomendamos una copia de seguridad. En cuanto al reformateo, normalmente no es necesario con el ransomware STOP/Djvu, ya que es relativamente fácil de eliminar, sin embargo, si existe la posibilidad de otras infecciones en el equipo, entonces no dude en seguir adelante y reformatear y reinstalar Windows si prefiere hacerlo.
  11. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  12. There is some information on repairing video files and some audio/music files available at the more information link I posted earlier. I'll paste it below:
  13. Private keys are requires to decrypt files that have been encrypted by newer variants of STOP/Djvu, and only the criminals who made the ransomware have the private keys. Until that changes, decryption will be impossible.
  14. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Traducción proporcionada por Google: Esta es una variante más nueva de STOP / Djvu, y su identificación es una identificación en línea, por lo que actualmente no hay forma de descifrar sus archivos. Hay más información en el siguiente enlace: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Traducción proporcionada por DeepL: Esta es una variante más reciente de STOP/Djvu, y su ID es una ID en línea, por lo que actualmente no hay manera de descifrar sus archivos. Hay más información en el siguiente enlace: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  15. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  16. Those are just encrypted files. Without the ransomware itself we can't figure out how the encryption process works.
  17. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  18. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  19. That upload form is only for older variants of the STOP/Djvu ransomware. It doesn't work with newer variants, since they use RSA keys.
  20. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. Are you able to delete the EEK folder?
  22. I didn't see anything obvious in your FRST logs, so I forwarded them to QA.
  23. It's possible that we may extend it again. Please note that EAM on Windows 7 will continue to work and continue to receive database updates for 12 months after we officially discontinue support for Windows 7. This means that even if we cut off support right now, technically Windows 7 users would still have 1 year of continued service.
  24. This is a newer variant of STOP/Djvu. If you have an online ID then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
×
×
  • Create New...