Jump to content

Amigo-A

Visiting Expert
  • Posts

    2466
  • Joined

  • Last visited

  • Days Won

    63

Everything posted by Amigo-A

  1. This is not a bug in the program. Thus, the decryptor informs that it does not have a key and that decryption is impossible because the encryption key was generated on the ransomware server and transmitted to the computer to encrypt the files. It cannot be hacked by enumerating all the combinations, for the entire period of human life. Yes, probably true. Emsisoft Decryptor accurately identifies decryption capabilities. Next, I'll tell you what you should do as soon as possible and how else you can try to get some files back.
  2. The decryptor should tell you if it has a decryption key for your variant. If decryption is not possible now, then it will be possible after someone provides the purchased decryption key to the developers. This event may not happen soon or not happen never.
  3. Hello. The Decryptor hangs up due to various reasons. He probably tries to check a lot of files on the system drive. Try to remove the system drive from the scan and point to a separate folder with encrypted files.
  4. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than to lose everything...
  5. What to do? Everything is lost? If there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  6. 'STOP Ransomware' with .rugj extension Use translator https://translate.google.com Yes, probably true. This is not a bug in the program, as decryptor reports that there is no key. Emsisoft Decryptor accurately identifies decryption capabilities. Next, I'll tell you what you should do as soon as possible and how else you can try to get some files back.
  7. The Decryptor will tell you if the files can be decrypted now or in the future. Copy the last two lines from the Decryptor window and paste them into your new message.
  8. Hello Read the Guide, at least the first part of it, and download Emsisoft Decryptor. He will tell you if decryption is possible. The Decryptor will tell you if the files can be decrypted now or in the future. Copy the last two lines from the Decryptor window and paste them into your new message.
  9. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than to lose everything...
  10. What to do? Everything is lost? If there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  11. Yes, probably true. This is not a bug in the program, as decryptor reports that there is no key. Emsisoft Decryptor accurately identifies decryption capabilities. Next, I'll tell you what you should do as soon as possible and how else you can try to get some files back.
  12. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than to lose everything...
  13. What to do? Everything is lost? If there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  14. Yes, probably true. Emsisoft Decryptor accurately identifies decryption capabilities. Next, I'll tell you what you should do as soon as possible and how else you can try to get some files back.
  15. Hello @AlejClar I didn't understand what you wanted to say. Try using a translator from your home language to English. https://translate.google.com
  16. I didn't understand what you wanted to say. Try using a translator from your home language to English. https://translate.google.com
  17. There is a detailed guide here, but if you don’t want to read a lot of text, then I will briefly summarize the essence. There are 't1' characters at the end of the identifier, this usually means that the 'offline ID' is being used and the files can be decrypted in the future when the decryption key for this variant is loaded into the 'Emsisoft Decryptor'. This event depends on the voluntary transfer of the key by someone who bought the key from the extortionists. This may happen or may never happen. Then it will be added to the Decryptor and will allow anyone with the same variant to decrypt the files without paying the ransom. The appearance of a new key is not reported anywhere. The work is done every day. It is recommended to save the encrypted files on an external drive, download the 'Emsisoft Decryptor' once a week and check the decryption capability.
  18. Hello. @Prakashhsm' Read the Guide, at least it's the first part, and download the Emsisoft Decryptor. He will tell you if decryption is possible.
  19. Yes. It is recommended to save the files in a safe place. This must be done before you try to do anything with the files.
  20. Only after neutralizing all malicious files ... This is not the decryption, it is the recovery of certain types of files using the features of these files. 1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable. 2) There is an alternative (additional) way to recover some media files: WAV, MP3, MP4, M4V, MOV, 3GP. https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file. 3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%). Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office. An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than to lose everything...
  21. What to do? Everything is lost? No, there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer, miner, backdoor and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
  22. It's not an Error. Thus, the program informs you that there is no key for this variant and decryption is impossible due to the fact that a randomly generated encryption key was used to encrypt the files when the computer was online.
  23. Hello GlobeImposter 2.0 Ransomware uses AES and encrypts 0x2000 blocks (encrypt, skip, encrypt, etc.). If they haven't changed it... The name GlobeImposter was given in the ID-Ransomware ransomware identification service due to the ransomware appropriating a ransom note from the Globe family. The first variants appeared in December 2016. Purpose: to intimidate victims, confuse researchers, discredit decryption programs issued for the Globe family. All the Globe imitators that are not decrypted by the decryption utilities released for Globe 1-2-3 were code-named GlobeImposter, and after that - GlobeImposter 2.0. Now the most famous imposter-imitator has its own imitators, and some of the extortionists use its code to carry out their own attacks and extortion. There are several that are identified by antivirus as Globeimposter, but in fact, are other ransomware. To say for sure in your case, need to investigate the incident. Emsisoft can assist you on weekdays from Monday to Friday.
  24. With default settings, Windows Defender will not protect files from encryption. For it to be able to protect files, you need to enable ransomware protection in the defender. Then you need to point to the directories (your folders with files) that you want to protect. This may help in the future, but some ransomware may bypass this protection as well. Kaspersky Anti-Virus (there is a paid and a free version) also cannot provide protection against ransomware. To protect files, you need to use Kaspersky Internet Security or Kaspersky Total Security. But even this does not guarantee protection against some ransomware. Windows has many vulnerabilities and some of the methods used by extortionists can bypass protection.
  25. What to do? Everything is lost? No, there is currently no way to decrypt files, but in the future, in theory, extortionists can publish keys to all of their victims. This does not happen often, but this year we have seen such cases several times. Why did this happen? This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat. If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks. There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware. Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ It will help you clean your PC from other malware for free. !!! You need to neutralize all malicious files in the system. This should be done as quickly as possible.
×
×
  • Create New...