Jump to content


  • Content Count

  • Joined

  • Days Won


Everything posted by cybermetric

  1. The error can also mean the poster's computer wasn't connected to the internet when he ran the decrypter.
  2. I don't think that the poster has 2 ID's. it looks like he truncated the ID from the PersonalID. txt file.
  3. What extension was added to your encrypted files?
  4. Did you run the Emsisoft decrypter? It would have told you.
  5. What is the extension added to your encrypted files?
  6. Recently. Run the Emsisoft decrypter on your files.
  7. What is the id? If your files were encrypted by an offline key, the Emsisoft decrypter will recover your files, WHEN/IF Emsisoft is able to recover the offline/private key. Suggest you run the decrypter on a test bed of encrypted files every week or so.
  8. The OP is probably using an earlier version of the Emsisoft decrypter - he needs to be on V That problem was corrected in an update.
  9. The offline ID for .msop is d8TwbCMGuw5Ei5PlymKj0pldFtsUYeGxci3YGlbt1 - .msop It is NOT the same as yours.
  10. Well, the ID you posted is the offline ID for this variant, and Emsisoft has recovered the offline/private key for .vawe. So, if you ran the decrypter on all of your files and none were decrypted, (you got the 'decryption is impossible' message), all were encrypted by an online key, and the decrypter cannot help you.
  11. The link is: https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu The latest version is You don't have to download a new decrypter every time - it very seldom changes. The information about the offline keys is stored in the Emsisoft server, not in the decrypter.
  12. There should be no danger. You have to be connected to the internet for the decrypter to do it's job. It has to contact the Emsisoft server which has the offline keys in its database.
  13. Run it now. The offline key for the .covm variant has been recovered by Emsisoft.
  14. @allenpaul: The file you uploaded to Sendspace is NOT encrypted. If I remove the .covm extension and replace it with .jpg, the file dsplays a picture about YIFY-Torrents.com.
  15. That kind of a response from the decrypter usually indicates that the file is not encrypted. I cannot access the file - Emsisoft doesn't allow it. Upload it to sendspace or the equivalent and post the link here. By the way, what kind of a file is this COVM.covm? You are missing the extension for the file type - pdf, doc, txt, and so on. Why would you have a file named COVM.covm anyway?
  16. What does the decrypter say about those files? Does it say this: No key for New Variant online ID: brzGonoHEO8LfAV4n6zPrFprfPw6cMCbE5fDNTWy (just an example, yours will be different).Notice: this ID appears to be an online ID, decryption is impossible If so, the files were encrypted by an online key and are not decryptable.
  17. That means you have files encrypted by an offline key. They can be decrypted WHEN/IF Emsisoft recovers the offline/ private key. Suggest you run the decrypter on a test bed of some of these files every week or so to check. Emsisoft doesn't announce key recoveries. Suggest you run the decrypter NOW.
  18. You must be connected to the internet when running the Emsisoft decrypter. It has to check with the Emsisoft server for recovered offline keys.
  19. No. It applies to all of the 'new djvu' variants which first appeared in the middle of August 2019, almost all of which have 4 letter extensions. That would include the latest, .koti
  20. His files were encrypted by an offline key. The Emsisoft decrypter cannot recover files encrypted by .mado with an online key.
  21. This is the offline ID for the .btos STOP variant - offline/private key has not been recovered.
  22. You don't have just a double encryption - you have a triple encryption, blower.fwgyqk.blower. If all of your files have that extension, it's unlikely that you will recover them.
  23. This isn't a key. It's the identifier that STOP ransomware places at the end of files it has encrypted. It is useless for decryption.
  • Create New...