cybermetric

Recently. Run the Emsisoft decrypter on your files.

What is the id? If your files were encrypted by an offline key, the Emsisoft decrypter will recover your files, WHEN/IF Emsisoft is able to recover the offline/private key. Suggest you run the decrypter on a test bed of encrypted files every week or so.

The OP is probably using an earlier version of the Emsisoft decrypter - he needs to be on V 1.0.0.5. That problem was corrected in an update.

The offline ID for .msop is d8TwbCMGuw5Ei5PlymKj0pldFtsUYeGxci3YGlbt1 - .msop It is NOT the same as yours.

Well, the ID you posted is the offline ID for this variant, and Emsisoft has recovered the offline/private key for .vawe. So, if you ran the decrypter on all of your files and none were decrypted, (you got the 'decryption is impossible' message), all were encrypted by an online key, and the decrypter cannot help you.

Run the Emsisoft decrypter NOW.

You should run the Emsisoft decrypter now.

The link is: https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The latest version is 1.0.0.4. You don't have to download a new decrypter every time - it very seldom changes. The information about the offline keys is stored in the Emsisoft server, not in the decrypter.

There should be no danger. You have to be connected to the internet for the decrypter to do it's job. It has to contact the Emsisoft server which has the offline keys in its database.

Run it now. The offline key for the .covm variant has been recovered by Emsisoft.

@allenpaul: The file you uploaded to Sendspace is NOT encrypted. If I remove the .covm extension and replace it with .jpg, the file dsplays a picture about YIFY-Torrents.com.

That kind of a response from the decrypter usually indicates that the file is not encrypted. I cannot access the file - Emsisoft doesn't allow it. Upload it to sendspace or the equivalent and post the link here. By the way, what kind of a file is this COVM.covm? You are missing the extension for the file type - pdf, doc, txt, and so on. Why would you have a file named COVM.covm anyway?

What does the decrypter say about those files? Does it say this: No key for New Variant online ID: brzGonoHEO8LfAV4n6zPrFprfPw6cMCbE5fDNTWy (just an example, yours will be different).Notice: this ID appears to be an online ID, decryption is impossible If so, the files were encrypted by an online key and are not decryptable.

That means you have files encrypted by an offline key. They can be decrypted WHEN/IF Emsisoft recovers the offline/ private key. Suggest you run the decrypter on a test bed of some of these files every week or so to check. Emsisoft doesn't announce key recoveries. Suggest you run the decrypter NOW.

You must be connected to the internet when running the Emsisoft decrypter. It has to check with the Emsisoft server for recovered offline keys.