GT500 812 Report post Posted July 9, 2019 On 7/7/2019 at 2:29 PM, Xcf said: .kiratos virus extension Personal ID: 072Asdju732sdfAdh1dAZcn629IyyOMmOEYoGDOmaxsTwvupU2MFl0WZV I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you. Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted July 10, 2019 is there any feedback MR GT500? Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted July 10, 2019 3 hours ago, yousef_elmalk said: is there any feedback MR GT500? None yet. We're still working hard on this ransomware though, so please don't give up yet. We haven't. Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted August 6, 2019 hello MR. GT 500 is there anything is needed from my side MR.GT 500? Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted August 6, 2019 9 hours ago, yousef_elmalk said: is there anything is needed from my side MR.GT 500? Just some more patients. Even though it's taking a lot of time, we haven't given up yet. Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted October 19, 2019 We have a new decryption service for STOP/Djvu available. There's more information and instructions on how to use it at the following links:https://www.bleepingcomputer.com/news/security/stop-ransomware-decryptor-released-for-148-variants/https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted November 19, 2019 is there any feedback MR GT500? Quote Share this post Link to post Share on other sites
ilterish 0 Report post Posted November 19, 2019 On 5/4/2019 at 2:06 AM, GT500 said: OK. I've already sent your information to the creator of STOPDecrypter, and he'll archive it in case he is able to figure out your decryption key at some point in the future. Sir No remedy for peet virus? 😭 Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted November 19, 2019 MR. GT 500 i tried to upload the same file through tool but i faced below error Invalid file pair; encrypted file incorrect size Download Image Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted November 20, 2019 again and again ...... Download Image Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted November 20, 2019 2 hours ago, yousef_elmalk said: MR. GT 500 i tried to upload the same file through tool but i faced below error Invalid file pair; encrypted file incorrect size Your files in your screenshot are exactly the same size. This suggests that you may have made a copy of the encrypted file, removed .kiratos from the name, and tried to use it as your original file in your file pair. This won't work, as the original file can't be encrypted. Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted November 23, 2019 i tried again by selecting the original files without copy and again after removing KIRATOS letter , but the same result , i used your tool but i faced below Download Image Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted November 24, 2019 16 hours ago, yousef_elmalk said: i tried again by selecting the original files without copy and again after removing KIRATOS letter , but the same result , Those are errors on files in your recycle bin. Did the decrypter actually decrypt any of your other files (documents, music, pictures, etc)? Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted November 24, 2019 Yes, all data had infected documents, music, pictures, videos, games ... etc. Those are errors on files in your recycle bin, i will remove any data inside it and try again File: C:\Users\Z\Desktop\elle est d'ailleurs.mp3.kiratos.zyaspgnf.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT File: C:\Users\Z\Desktop\IMG_0186.JPG.kiratos.zyaspgnf.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT File: C:\Users\Z\Desktop\Lara Fabian - Adagio (English) Live.mp3.kiratos.zyaspgnf.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT File: E:\sales.xlsx.kiratos.zyaspgnf.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT File: E:\post malone rockstar.MP3.kiratos.zyaspgnf.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT File: E:\Rockstar feat 21savage.mp3.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT File: E:\WhatsApp Image 2019-04-22 at 8.16.24 PM.jpeg.kiratos.zyaspgnf.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted November 25, 2019 Most of those files appear to have been encrypted 3 times (twice by STOP/Djvu, and once by something else). 18 hours ago, yousef_elmalk said: File: E:\Rockstar feat 21savage.mp3.kiratos Error: Unable to decrypt file with ID: gLS3y0S8B1sLghmJRotI5oE48HO2VRo1i8N8qGoT This should be decryptable if you are able to supply file pairs for an MP3 file. Quote Share this post Link to post Share on other sites
yousef_elmalk 0 Report post Posted December 4, 2019 dear MR.GT 500 many of original files are not exist now, it was encrypted, such as my photos, so there is no original files are available, the problem on those files , i donot worry about any files available on internet like songs as i can download it again, my problem in those files that i can never find it again. so kindly advice Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted December 4, 2019 5 hours ago, yousef_elmalk said: i donot worry about any files available on internet like songs as i can download it again If you have files you've downloaded that have been encrypted, and you can re-download the originals, then you can use them as your files pairs to help you recover some of your other files. This will work with many types of files, however it won't work with JPEG/JPG pictures, as there's an oddity with the JPEG file format that requires the pictures used in the file pair to be from the same source as the pictures you want to decrypt. Quote Share this post Link to post Share on other sites
Ryanzain 0 Report post Posted May 16 Please help me with the kiratos ransomware [!] No keys were found for the following IDs: [*] ID: nnIfl4Ey56gYqnkwIYvrAjRTStvfQNUpCtdbuKgR (.kiratos ) Please archive these IDs and the following MAC addresses in case of future decryption: [*] MACs: , 00:FF:F3:46:65:7E, 44:87:FC:5A:57:D8 This info has also been logged to STOPDecrypter-log.txt Quote Share this post Link to post Share on other sites
Ryanzain 0 Report post Posted May 16 I used the latest application and it doesn't work Download Image Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted May 19 On 5/16/2020 at 5:19 PM, Ryanzain said: I used the latest application and it doesn't work You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Share this post Link to post Share on other sites
ahmed0z0 0 Report post Posted July 9 help me please personal ID: 072Asdju732sdfAdhnChN25eVzBdHUsgvENJ6On1xmCy0MEyouWG2PAYE _readme.txt MAC_Addresses.txt Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted July 9 5 hours ago, ahmed0z0 said: help me please personal ID: 072Asdju732sdfAdhnChN25eVzBdHUsgvENJ6On1xmCy0MEyouWG2PAYE You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Share this post Link to post Share on other sites
alirezacr2 0 Report post Posted September 9 hi Ethernet Realtek PCIe Gb: F8-32-E4-88-3E-28 Your personal ID: 072Asdju732sdfAdhSQNVUE6ib8ZCcAdENgPBSQ6u0HkIljoOG0BtNcwI can you help me my files incrypted by .kiratos (mp4 adn jpg formats) Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted September 10 9 hours ago, alirezacr2 said: Your personal ID: 072Asdju732sdfAdhSQNVUE6ib8ZCcAdENgPBSQ6u0HkIljoOG0BtNcwI This is an older variant of the STOP/Djvu ransomware. There is more information (and a decrypter download) at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ You'll need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. Quote Share this post Link to post Share on other sites
alirezacr2 0 Report post Posted September 10 3 hours ago, GT500 said: This is an older variant of the STOP/Djvu ransomware. There is more information (and a decrypter download) at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ You'll need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. i dont know how i have to fix my problem and i tested the djvu decrypter. please help me Quote Share this post Link to post Share on other sites
alirezacr2 0 Report post Posted September 10 3 hours ago, GT500 said: This is an older variant of the STOP/Djvu ransomware. There is more information (and a decrypter download) at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ You'll need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. https://decrypter.emsisoft.com/submit/stopdjvu/ i went here but if i had the original file of my encrypted file i didnt come to you for fixing Quote Share this post Link to post Share on other sites
alirezacr2 0 Report post Posted September 10 can you build a decrypter for me ? Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted September 11 16 hours ago, alirezacr2 said: can you build a decrypter for me ? No, we already have a decrypter. You'll need to have original copies of at least a few encrypted files available in order for our servers to generate a keystream for the decrypter to use. Check anywhere you may have saved or sent files in the past. Check your phone, memory cards, USB flash drives or hard drives. Also check websites you may have uploaded files to such as social media, file sharing networks, e-mail or other messaging services, etc. You can also ask friends and family who you may have shared files with to see if they have original copies of any of your encrypted files. Quote Share this post Link to post Share on other sites
Michlos 0 Report post Posted Tuesday at 08:48 PM Please!! I need your help. File: D:\BACKUP MICHLOS PROJETOS\Achei Pra VC\Projeto\SQL FILES\01 - Create Databank.sql.kiratos Error: Unable to decrypt Old Variant ID: OFHUhlnyj1ofHqYcTuFXbtkE8MAiSpBDvlJVeFBa First 5 bytes: 2D2D2F2F43 _readme.txt 01 - Create Databank.sql.kiratos Decrypter LOG.txt MAC_Addresses.txt Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted Wednesday at 04:47 AM 7 hours ago, Michlos said: File: D:\BACKUP MICHLOS PROJETOS\Achei Pra VC\Projeto\SQL FILES\01 - Create Databank.sql.kiratos Error: Unable to decrypt Old Variant ID: OFHUhlnyj1ofHqYcTuFXbtkE8MAiSpBDvlJVeFBa First 5 bytes: 2D2D2F2F43 You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ 1 Quote Share this post Link to post Share on other sites
Michlos 0 Report post Posted Saturday at 12:49 AM On 9/23/2020 at 1:47 AM, GT500 said: You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Tnks GT. I uploaded the files. But, I was able to decrypt just one XML file. I will w8 for an other emsisoft compiller to try it again. Quote Share this post Link to post Share on other sites
GT500 812 Report post Posted Saturday at 05:59 AM 5 hours ago, Michlos said: I will w8 for an other emsisoft compiller to try it again. There are no plans for any changes to this system. What kind of files are you trying to decrypt? Plain text files are usually not decryptable, as they would need to share the same first 5 bytes with the file pair you use (this is why the decrypter tells you the first 5 bytes of every encrypted file it can't decrypt), and plain text files only share the same first 5 bytes with other files if they start with the same 5 or 6 characters. Quote Share this post Link to post Share on other sites
