Jump to content

Amigo-A

Member
  • Posts

    2186
  • Joined

  • Last visited

  • Days Won

    55

Everything posted by Amigo-A

  1. Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  2. Hello @Fjr stones Yes. Read this guide. If you don't want to read a long text, here's a quick guide to what you need to do: 1) You need to determine the type of ID that was used. Download and run the Emsisoft Decryptor. Take a screenshot or copy what he says as a result of the check. 2) Insert screenshot or text with results here. Only the last lines are needed.
  3. Only after neutralizing all malicious files ... I recommend this following method only when there is no other way... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the encryptor. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found.
  4. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free.
  5. Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. What to do? Everything is lost? No. It is recommended that you save the encrypted files to an external drive. It is possible that in the future the decryption method will change or the extortionists will publish the decryption keys. There have been several such unexpected cases recently when others extortionists shut down their ransomware projects and published decryption keys and master keys for everyone who got encrypted. The percentage of such happy cases is small, but it still exists. Next, I'll tell you what you need to do now, immediately, and what you can try after that.
  6. Take a screenshot of the result you got after starting the Emsisoft Decryptor. It is important to see the result, I do not need encrypted files.
  7. This may indicate other problems with the system, including those related to other malware.
  8. This may indicate other problems with the system, including those related to other malware.
  9. You need to download and run the Emsisoft Decryptor in order for it to determine if decryption is possible. https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The general guide:
  10. You need to download and run the Emsisoft Decryptor in order for it to determine if decryption is possible. https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The general guide:
  11. You need to download and run the Emsisoft Decryptor in order for it to determine if decryption is possible. https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The general guide:
  12. You need to download and run the Emsisoft Decryptor in order for it to determine if decryption is possible. https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The general guide:
  13. I didn't understand what you wanted to know. Perhaps a general guide will help you find the answer to the question. 😊
  14. If you need help, this forum section can help you neutralize malware in memory.
  15. Hello @Barker Your computer needs to be optimized. I see that it hasn't been optimized even after purchase. If the pre-installed software is from a PC manufacturer, there are traces of malware, questionable software, repackaged, there is even Avast. If you have installed Kaspersky, then you need to clean the system from previous antiviruses. Use at least avastclear. Incomplete removal of Avast antivirus may be due to malfunctions after a Stop Ransomware attack or with Avast's self-defense failure. Before uninstalling Avast, you must disable its self-defense in the settings, and then restart the PC in Safe mode, since this tool works better in Safe mode. Windows Startup should also be optimized. The Chrome browser also needs to be cleaned or run Reset. Chrome works in the background and everything that sits in it also hangs in the memory. You can entrust the Kaspersky antivirus with the work of neutralizing malware and questionable programs. This takes time, Kaspersky can even optimize the PC a little, but it seems to me that this will not be enough.
  16. Some of the information is in my article, the link is in the previous message.
  17. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  18. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  19. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  20. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  21. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  22. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  23. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
  24. You have no other way out of the problem. You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. Why I say this is because I know. I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.
×
×
  • Create New...