Jump to content

Amigo-A

Visiting Expert
  • Posts

    2436
  • Joined

  • Last visited

  • Days Won

    61

Everything posted by Amigo-A

  1. Hello @nanaessel A running Emsisoft Decryptor will most likely tell you that it does not have a key and that decryption is not possible because the encryption key was generated on the ransomware server and transferred to the computer to encrypt the files. It cannot be hacked by listing all the combinations for the entire period of a person's life. Next, I'll tell you what you should do as soon as possible and how else you can try to get some files back. What to do? Everything is lost? If there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that the computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe be an info-stealer, miner, backdoor, and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  2. No need to write an address. Just drag the files to the site window with the mouse. As a result, you will receive the download link that you give me.
  3. Here is a rough list of ways you can find the originals of encrypted files: 1 ) on flash drives, external drives, CD / DVD, memory cards of the camera, smartphone; 2 ) in attachments of emails sent or received by you; 3 ) among the copies of shared photos of friends, relatives (on their PC) that you gave; 4 ) among the uploaded photos on the social networks, including via smartphone and tablet; 5 ) among the uploaded photos to cloud services (Google Disk, OneDrive, Dropbox, etc.); 6 ) among unencrypted files, copies, renamed files on your PC; 7 ) on an old PC or disk, from where you transferred photos and documents to a new PC; 8 ) you can re-upload from the Internet previously downloaded photos, pictures, etc .; 9 ) use photos or pictures that you previously posted on the avatar or attached to messages on forums. 10 ) you can use sample images supplied with Windows (link);
  4. Through a simple exchange site that does not use encryption. dropmefiles.com sendspace.com For the success of work, you only need to find a few unencrypted files from the same series of images. This is not difficult to do, but it will take time, patience, wish.
  5. Yes. Through a simple exchange site that does not use encryption. dropmefiles.com sendspace.com
  6. Is he only saying this? Copy and paste the message he tells you.
  7. Most likely, text files cannot be recovered. They are not fragmented and if the encryptor encrypted over them, then there will be heterogeneous unreadable content. It doesn't even compare to text on paper cut into small pieces with scissors. It is best to recover text files using recovery programs, but only immediately after encryption, adhering to the rules that I talked about earlier. After the time expires, the free space will be overwritten many times and text files (more precisely, their numerous copies) cannot be restored from the freed disk cells.
  8. You can send me these 5-6 files + 1 more, which has an unencrypted original version. All of these files must be from the same series of photographs. For example, shot with the same photo-camera (webcam), making out of the same device. Only in this case, it is still possible to prepare a recovery algorithm. Otherwise, nothing will work.
  9. Drop some zip archives on the file exchange site and give me the link. If you have files in JPG / JPEG format, you can also send me 1 folder with such files. I will try to process them with another unpublished (experimental) method.
  10. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than losing everything...
  11. A running Emsisoft Decryptor will most likely tell you that it does not have a key and that decryption is not possible because the encryption key was generated on the ransomware server and transferred to the computer to encrypt the files. It cannot be hacked by listing all the combinations for the entire period of a person's life. Next, I'll tell you what you should do as soon as possible and how else you can try to get some files back. What to do? Everything is lost? If there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that the computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe be an info-stealer, miner, backdoor, and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  12. Hello. Read the Guide, at least the 1st part. Download and run the Emsisoft decryptor. He will tell you the result.
  13. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than losing everything...
  14. What to do? Everything is lost? If there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that the computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe be an info-stealer, miner, backdoor, and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  15. Hello @Lara_H You can decide for yourself what types of files you want to decrypt the most. For example: - photo files in JPG / JPEG; - ZIP / RAR archive files; - media files. This is not decryption, but it works. Success depends on the desire to get the files back. I can offer you several options for recovering files. You can do it yourself, or you can send me a bunch of different files for me to do some test work. For example, 5 files of each listed above type.
  16. This is the result of a Doyuk Ransomware attack. So far, we only have this short description of the ransomware. If you would like the Emsisoft specialists to investigate this case, attach some unencrypted files and a Warning.txt note file to the message. Archive all files or use a file-sharing site and give us the download link. You need to search the malicious file that was launched on your PC. Then upload this file to the VirusTotal website and give us a link. Experts can only investigate cases and try to create a Decryptor after getting these elements of ransom. Decryptors do not appear out of thin air.
  17. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than losing everything...
×
×
  • Create New...