Jump to content

Amigo-A

Member
  • Posts

    2187
  • Joined

  • Last visited

  • Days Won

    55

Everything posted by Amigo-A

  1. When you start the Emsisoft Decryptor, it will also write to you : The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  2. Only after neutralizing all malicious files ... I recommend this following method only when there is no other way... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found.
  3. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible. Otherwise, the files may be encrypted using the online ID and decryption will never be possible.
  4. Hello. Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  5. Hello. Archive the ransom note and several encrypted files. Submit to any exchange site and give me the download link. For example, such a site https://dropmefiles.com/
  6. Identically encrypted files located in different directories, but are initially copies of each other? They will not be equally encrypted. The Decryptor developer can tell you more.
  7. To get started, read the Guide on this topic. Download the Emsisoft decryptor and read what it tells you.
  8. It is unlikely that I can give a short, unambiguous answer. This ransomware uses a simple encryption implementation. But online key generation sweeps away all attempts to calculate the key and decrypt files in the coming years of human life.
  9. Hello @diu My post above has all the information on media file recovery. There are several methods for images, but they don't work remotely. You can read there on the link about the recovery methods used by the author of the method. But he is not the only one in this regard, there are many methods and specialists who could recover image files if they had direct access to a PC. Only the result will be different every time - from a heap of garbage to a decent amount. The main factor is the fullness of the disk from which you want to recover files.
  10. Only after neutralizing all malicious files ... I recommend this following method only when there is no other way... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found.
  11. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible. Otherwise, the files may be encrypted using the online ID and decryption will never be possible.
  12. Hello. Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  13. You need to be more specific about your request. Can guess by words, but it's better to ask a question and get an answer. I could look at your files, but attachments are now only available to Emsisoft employees. If you want me to look at them, then you can transfer the files to me through the site dropmefiles.com or via others.
  14. Only after neutralizing all malicious files ... I recommend this following method only when there is no other way... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found.
  15. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible. Otherwise, the files may be encrypted using the online ID and decryption will never be possible.
  16. Hello @sunoko Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  17. If you try these methods and don't recover your files, then you can decide for yourself what to do next. This decision can only be made by you, the owner of the files, and the PC.
  18. If you try these methods and don't recover your files, then you can decide for yourself what to do next. This decision can only be made by you, the owner of the files, and the PC.
  19. Only after neutralizing all malicious files ... I recommend this following method only when there is no other way... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found.
  20. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible. Otherwise, the files may be encrypted using the online ID and decryption will never be possible.
  21. Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  22. Only after neutralizing all malicious files ... I recommend this following method only when there is no other way... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found.
  23. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible. Otherwise, the files may be encrypted using the online ID and decryption will never be possible.
  24. Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  25. !!! In order for the ability to decrypt files to remain, you need to neutralize all malicious files in the system. This should be done as quickly as possible. Otherwise, the files may be encrypted using the online ID and decryption will never be possible.
×
×
  • Create New...