Jump to content

David Biggar

Emsisoft Employee
  • Posts

    195
  • Joined

  • Days Won

    10

Posts posted by David Biggar

  1. Hello Ferchich,

    The file you submitted was encrypted with an online encryption key.

    Refer back to the link ShadowPuterDud gave you, please.

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

    You can try deleted file recovery software such as Revo from Piriform to see if you can recover older copies of some files, but this does not usually work well. With larger files such as movies or music, sometimes the files will still work if you just change the filenames back to original, since STOP(Djvu) only encrypts the first part of each file. There will of course still be part of the file that is encrypted and effectively corrupt.

    For further questions please refer to bleepingcomputer.com forums: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/

    And thanks again for contacting Emsisoft.

  2. Hello abhinav,

    Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

    For further questions please refer to bleepingcomputer.com forums: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/

    And thanks again for contacting Emsisoft.

  3. Hello amitkarmakar and Asif N Siddiqui,

    That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

    For further questions please refer to bleepingcomputer.com forums: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/

    And thanks again for contacting Emsisoft.

  4. That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

    For further questions please refer to bleepingcomputer.com forums: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/

    And thanks again for contacting Emsisoft.

  5. Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

    For further questions please refer to bleepingcomputer.com forums: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/

    And thanks again for contacting Emsisoft.

  6. Hello TeaJay,

    If that happens, please begin by restarting the computer. Sleep mode is traditionally a bit flaky, so I'm not entirely surprised by your report.

    In case there is something interfering that I can spot, please gather two logs using FRST, a tool used worldwide by malware removal experts for free malware removal and tech support, and attach them to a reply to this email. Instructions can be found here: https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/

  7. Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

    For further questions please refer to bleepingcomputer.com forums: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-puma-djvu-promo-drume-help-support-topic/

    And thanks again for contacting Emsisoft.

    1. Log into your MyEmsisoft account, using your email address and password, using the forgot password link if needed: https://my.emsisoft.com/
    2. Click the "Install protection" or "Add device" button in the upper-right side of the page to download a pre-keyed installer. Do not rename the file that is downloaded, because the long name is required for activation to work properly.
    3. Run the downloaded installer, and it should take care of installing and/or activating with your subscription for you. If you already have Emsisoft Anti-Malware installed, the installer will not appear to do anything when you run it, but it will activate Emsisoft Anti-Malware with your subscription.
    4. Open Emsisoft Anti-Malware, or wait for it to open if this is a new installation, and click the 'update' link in the lower right to update and synchronize with your subscription.
  8. If you have the problem of Emsisoft Anti-Malware asking you to re-authenticate, there are a few things that can work. Easiest first, with the most 'drastic' last.

    1. Wait. Sometimes it will sort itself out in a day or so.
    2. Restart the computer. If you're using Windows 10, restart by right-clicking the Windows start button and using restart from the shutdown sub-menu. That performs a full restart instead of the cached rapid restart that is Windows 10's default.
    3. Sign into MyEmsisoft, click 'add device', and download the tagged installer. Don't rename it, and run it when it's done downloading. It might not appear to be doing anything, but it is. Give it 30 seconds, then open Emsisoft Anti-Malware and click update.
    4. Uninstall Emsisoft Anti-Malware, restart the computer (same method as above for Windows 10), then download and run your tagged installer per option 3.

    If everything fails, email us at [email protected], explain what you tried and what if anything didn't go right with each step you tried, and we'll help.

  9. If you have the problem of Emsisoft Anti-Malware asking you to re-authenticate, there are a few things that can work. Easiest first, with the most 'drastic' last.

    1. Wait. Sometimes it will sort itself out in a day or so.
    2. Restart the computer. If you're using Windows 10, restart by right-clicking the Windows start button and using restart from the shutdown sub-menu. That performs a full restart instead of the cached rapid restart that is Windows 10's default.
    3. Sign into MyEmsisoft, click 'add device', and download the tagged installer. Don't rename it, and run it when it's done downloading. It might not appear to be doing anything, but it is. Give it 30 seconds, then open Emsisoft Anti-Malware and click update.
    4. Uninstall Emsisoft Anti-Malware, restart the computer (same method as above for Windows 10), then download and run your tagged installer per option 3.

    If everything fails, email us at [email protected], explain what you tried and what if anything didn't go right with each step you tried, and we'll help.

  10. Hello,

    That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

  11. Hello,

    That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter.

  12. Olá, estou a utilizar DeepL Traduzir, e a minha língua materna é o inglês.

    Esta extensão é utilizada pela STOP(Djvu). Infelizmente, o STOP(Djvu) foi actualizado, e já não temos qualquer método para decifrar este resgate, a menos que a encriptação tenha ocorrido há algum tempo atrás, antes de 29 de Agosto de 2019.

    Para mais informações, consulte este post do fórum: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    Em resumo, uma identificação online é impossível de decifrar com a tecnologia actual. Um ID offline é decifrável se qualquer vítima com o mesmo ID pagar pela chave de encriptação e nos informar, para que a possamos adicionar ao nosso decifrador.

  13. That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019.

    Please refer to this forum post for more information: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

    To summarize, an online ID is impossible to decrypt with current technology. An offline ID is decryptable if any one victim with the same ID pays for the encryption key and reports it to us, so we can add it to our decrypter. Your ID is an offline ID, so there is some hope that with time, an encryption key will be reported to us so we can add it to our decrypter.

×
×
  • Create New...