Jump to content

GT500

Emsisoft Employee
  • Content Count

    13994
  • Joined

  • Days Won

    442

Posts posted by GT500

  1. Well, your ID for STOP/Djvu (.coos) is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

    There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

     

    As for files with .ROGER added to their names, those were encrypted by Dharma, and there's no way to decrypt them without paying the ransom.

    • Like 1
  2. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  3. 7 hours ago, EhabAdel said:

    sir please my pc infected by .coos ransomware virus with online key: zOwuuF28V80ZDzE4dI6E1siTfpgrHOM0QmT2yZO2

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

     

    7 hours ago, EhabAdel said:

    i restore my windows and scanned it with many malware software like malwarebytre , spy hunter , Emsisoft Internet Security and GridinSoft Anti-Malware and im looking for decrypt my data

    Emsisoft Internet Security is a discontinued product, and hasn't been updated in years. If you really do have it installed, note that it won't be able to detect the STOP/Djvu ransomware, and that it is too old to receive database updates.

    Here are links to our currently available products which we still maintain:

  4. 8 hours ago, Papai said:

    In my case, an online ID. They tried to sign into my social networking accounts too. Lost all crucial data.

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    The information at the link includes this, but the ransomware also downloads and runs the Azorult trojan, which steals your passwords.

  5. 8 hours ago, Usman 12 said:

    Hello Emsisoft my files are encrypted for over a week now. How can I decrypt them ? Help Please

    Assuming this is a newer variant of STOP/Djvu, if you have an offline ID then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  6. 15 hours ago, Rafi Dzulfikar Hariz said:

    No key for New Variant online ID: U7CwZnBczoEhv6YtVxPWU749BqC06KMwSTHrVLqj
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  7. 16 hours ago, Bhawnai Singh Bhati said:

    No key for New Variant online ID: NKHApqUuxevUITWSaK4VLXdPBVuTLj8AeL6Z1lh3
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  8. 20 hours ago, Bay Kog said:

    Should I wait? What can I do?

    Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

    We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:
    https://www.bleepingcomputer.com/

    If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:
    https://www.bleepingcomputer.com/feed/

  9. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  10. 13 hours ago, Black6177 said:

    Is there  is  another way  to recover  my  files?

    If you have an offline ID, then there's currently no other way to recover your files without paying the ransom.

     

    13 hours ago, Black6177 said:

    if  dont, Is it  okey  to  formatt  my  computer  and  reuse  after  installing  windows?

    You certainly can if you want to. If the STOP/Djvu ransomware was the only infection then it's relatively easy to remove, and reformatting the hard drive and reinstalling Windows is a bit overkill. If there were other infections as well, then reinstalling would get you a clean slate to start over with.

     

    13 hours ago, Black6177 said:

    I have no problem with data loss.

    If you have an external (USB) hard drive then you can copy encrypted files to that in order to keep a backup in case they can be decrypted some day.

  11. 15 hours ago, EncryptedPanda said:

    Personal ID:
    0274aSjeetpKEMhIkO1Ri3ICI46pGvUlG5NhV4Xe8icVXNMDB

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

     

    15 hours ago, EncryptedPanda said:

    Can Emsisoft incorporate a functionality within its decrypter to scan the folders for files without ransomware extension (in  my case files without ending in .qlkm) and maybe mark them as files copy-able after building the tree structure to copy exact those files? Because these files avoided being encrypted and are good to copy.

    All of our decrypters are based on a common template that doesn't have this functionality. We do this to make development and maintenance of the decrypters faster and easier.

     

    15 hours ago, EncryptedPanda said:

    Also a functionality of looking/restoring for shadow copies would be awsome. 

    ShadowExplorer has that functionality (be careful of the ads on the page). Windows 10 also has that feature built in when you right-click on a file, go to Properties, and go to the Previous Versions tab.

  12. 6 hours ago, Bay Kog said:

    Is new version stop djvu virus .coos appropriate for current version of emsisoft?

    There is no need to update the decrypter. Nothing about the encryption has changed.

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  13. 20 hours ago, Enver Esad said:

    First thanks for your helpings. My files decrypted offline. And my file extentions transformed to .igal  When we can able to recover our files? Is there any "decrypt_STOPDjvu" update for .igal extentions? I'll be happy if you answer me.

    Thanks for helps.

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    • Upvote 1
  14. 14 hours ago, Ken1943 said:

    Sounds interesting. Can I break anything "playing" with it ??

    Yes, however every setting can be reverted back to default by clicking a little circle with an arrow (looks like a refresh button) to the right of the setting you want to restore.

    image.png

  15. Our Emsisoft Cloud Console (accessible via my.emsisoft.com) is compatible with Emsisoft Anti-Malware Home, Emsisoft Business Security, and Emsisoft Enterprise Security. Pretty much every function in Emsisoft Anti-Malware/Business Security/Enterprise Security are available via the Cloud Console, as well as statistics and alerts (e-mail alerts are configurable in the settings for your workspace).

    We have a user guide available at the following link:
    https://help.emsisoft.com/en/2323/emsisoft-cloud-console-user-guide/

×
×
  • Create New...