mioc 0 Posted November 6, 2019 Report Share Posted November 6, 2019 Quote Link to post Share on other sites
GT500 860 Posted November 6, 2019 Report Share Posted November 6, 2019 That means it's an ID we don't have in our database. This is a newer variant of STOP/Djvu. If you have an online ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. however, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
mioc 0 Posted November 6, 2019 Author Report Share Posted November 6, 2019 Where can I get an online ID to unlock the decryption? Quote Link to post Share on other sites
GT500 860 Posted November 7, 2019 Report Share Posted November 7, 2019 9 hours ago, mioc said: Where can I get an online ID to unlock the decryption? You can't. ID's are assigned by the ransomware when it encrypts your files. If it can connect to its command and control servers then it asks the servers for a random ID and public key (an online ID and key) for encryption. If it can't connect to its command and control servers, then it uses a built-in ID and public key (and offline ID and key) for encryption. Quote Link to post Share on other sites
mioc 0 Posted November 8, 2019 Author Report Share Posted November 8, 2019 how do you disconnect the command and control server? please help me to be able to open the lock offline thanks you Quote Link to post Share on other sites
GT500 860 Posted November 9, 2019 Report Share Posted November 9, 2019 8 hours ago, mioc said: how do you disconnect the command and control server? It's too late. Your files are already encrypted. Quote Link to post Share on other sites
mioc 0 Posted November 10, 2019 Author Report Share Posted November 10, 2019 (edited) I have a problem. error: Remote name could not be resolved: 'decrypter. emisoft.com ' Edited November 12, 2019 by GT500 Removed pasted web page. Quote Link to post Share on other sites
GT500 860 Posted November 12, 2019 Report Share Posted November 12, 2019 You may need to reset your HOSTS file back to default. Microsoft has information about how to do that at the following link:https://support.microsoft.com/en-us/help/972034/how-to-reset-the-hosts-file-back-to-the-default Quote Link to post Share on other sites
Amigo-A 136 Posted November 12, 2019 Report Share Posted November 12, 2019 There are known methods of malicious attacks when naive recommendations from Microsoft look like game 'Toy Trains'. The 'hosts' file can simply be deleted manually, if the user himself has never used it to ban certain sites. Only after that, the malicious program will not be able to reuse it and will not create a new file. Quote Link to post Share on other sites
GT500 860 Posted November 13, 2019 Report Share Posted November 13, 2019 21 hours ago, Amigo-A said: The 'hosts' file can simply be deleted manually, if the user himself has never used it to ban certain sites. Doing this may break some applications that use the HOSTS file for blocking bad websites, however beyond this it shouldn't have any negative side effects, and it is safe to delete the HOSTS file if you aren't using it to block bad websites. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.