cybermetric

Well, the ID you posted is the offline ID for this variant, and Emsisoft has recovered the offline/private key for .vawe. So, if you ran the decrypter on all of your files and none were decrypted, (you got the 'decryption is impossible' message), all were encrypted by an online key, and the decrypter cannot help you.

Run the Emsisoft decrypter NOW.

You should run the Emsisoft decrypter now.

The link is: https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The latest version is 1.0.0.4. You don't have to download a new decrypter every time - it very seldom changes. The information about the offline keys is stored in the Emsisoft server, not in the decrypter.

There should be no danger. You have to be connected to the internet for the decrypter to do it's job. It has to contact the Emsisoft server which has the offline keys in its database.

Run it now. The offline key for the .covm variant has been recovered by Emsisoft.

@allenpaul: The file you uploaded to Sendspace is NOT encrypted. If I remove the .covm extension and replace it with .jpg, the file dsplays a picture about YIFY-Torrents.com.

That kind of a response from the decrypter usually indicates that the file is not encrypted. I cannot access the file - Emsisoft doesn't allow it. Upload it to sendspace or the equivalent and post the link here. By the way, what kind of a file is this COVM.covm? You are missing the extension for the file type - pdf, doc, txt, and so on. Why would you have a file named COVM.covm anyway?

What does the decrypter say about those files? Does it say this: No key for New Variant online ID: brzGonoHEO8LfAV4n6zPrFprfPw6cMCbE5fDNTWy (just an example, yours will be different).Notice: this ID appears to be an online ID, decryption is impossible If so, the files were encrypted by an online key and are not decryptable.

That means you have files encrypted by an offline key. They can be decrypted WHEN/IF Emsisoft recovers the offline/ private key. Suggest you run the decrypter on a test bed of some of these files every week or so to check. Emsisoft doesn't announce key recoveries. Suggest you run the decrypter NOW.

You must be connected to the internet when running the Emsisoft decrypter. It has to check with the Emsisoft server for recovered offline keys.

No. It applies to all of the 'new djvu' variants which first appeared in the middle of August 2019, almost all of which have 4 letter extensions. That would include the latest, .koti

His files were encrypted by an offline key. The Emsisoft decrypter cannot recover files encrypted by .mado with an online key.

This is the offline ID for the .btos STOP variant - offline/private key has not been recovered.

You don't have just a double encryption - you have a triple encryption, blower.fwgyqk.blower. If all of your files have that extension, it's unlikely that you will recover them.