SalasKafa

New Variant offline ID

Recommended Posts

Hi guys!! Got infected... 

No key for New Variant offline ID: K72FcnkdIQC15Y6gSOcshlkpUbvUZNl4zrQFK1t1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

 

Please help ME! 

Share this post


Link to post
Share on other sites
20 hours ago, jazzy said:

i know that but i just want to know any estimated time?

It's not possible to estimate a time. It could be days, weeks, or months. It's even possible it may never happen, although for offline ID's the odds of us getting the private key are fairly good.

 

18 hours ago, Marius said:

No key for New Variant offline ID: K72FcnkdIQC15Y6gSOcshlkpUbvUZNl4zrQFK1t1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

No key for New Variant offline ID: 8TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1

Notice: this ID appears be an offline ID, decryption MAY be possible in the future

it's .mado virus

Please help me..

Share this post


Link to post
Share on other sites
On 4/11/2020 at 3:17 PM, Zubair said:

No key for New Variant offline ID: 8TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
On 1/31/2020 at 7:09 PM, SalasKafa said:

Hello,

I run the program multiple times, it gave the same error or [not responding] issue occured everytime I tried. So, I had to try another way: Instead of scanning entire drivers at single time, I started the software - by selecting folders one by one - each time after process finished. This way take much more time than usual, of course... but it was worth it.

At the end, we can "officialy" say that the decryption of ID: 7757TLxCRXnSjhJoq4TruFpvTlag0OKn6hPITYt1 is completed perfectly!!  Now all files are as same as before the infection.

Thank you so much Emisoft :) I am so happy.

Beside that, I also got my lesson.. back up your files! :)

Have a good day dear friends.

Hello,

 

Please clarify in details what exactly you have done to solve this issue? My family photos are hacked by this. Showing mpaj as a extension to all my files.

Share this post


Link to post
Share on other sites

My all audio video documents files showing mpaj extension. Tried to remove that extension but file is not running after changing it. 

No key for New Variant offline ID: RNDHQwNS07HCo9nNdWwsQzumCtR12dC9OhcDrut1

My whole family photos are there. 

Attached some files which are affected like that. 

Will be great if you help me in this case. 

_readme.txt Tariff_page.pdf.mpaj

Share this post


Link to post
Share on other sites
5 hours ago, Kiran2020 said:

Tried to remove that extension but file is not running after changing it.

Your files are encrypted. Changing the extension won't do anything.

 

5 hours ago, Kiran2020 said:

No key for New Variant offline ID: RNDHQwNS07HCo9nNdWwsQzumCtR12dC9OhcDrut1

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
On 4/14/2020 at 10:17 AM, GT500 said:

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Any estimated time?

Share this post


Link to post
Share on other sites
8 hours ago, cybermetric said:

There is no 'estimated time'. The offline key might be recovered in days,weeks, months, or never.

This is correct. It's impossible to estimate the amount of time it will take for someone to donate a private key after paying the ransom, which is the only way we can get private keys for offline ID's.

Share this post


Link to post
Share on other sites

No key for New Variant online ID: F7ZZ2S5kMlh0rUhFYWbFfqy7nQHRiWUpNO7dEfjX
Notice: this ID appears to be an online ID, decryption is impossible

 

please somebody help me :(
 

Share this post


Link to post
Share on other sites
7 hours ago, Judy said:

No key for New Variant online ID: F7ZZ2S5kMlh0rUhFYWbFfqy7nQHRiWUpNO7dEfjX
Notice: this ID appears to be an online ID, decryption is impossible

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

help me please
Start Emmısoft Stop/djvu
No key for New Variant offline ID: 8TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

; sayed

 .mado problems help me please

_readme.txt ACDA3988.jpg.mado

Share this post


Link to post
Share on other sites
14 hours ago, oguz said:

No key for New Variant offline ID: 8TaHEsq5r7cNJKbYdWseLEB2pW1FuZKoKjKg5tt1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

I got the virus from these files here. description of this video. he is spreading it see !!!

<malicious link removed>

Share this post


Link to post
Share on other sites

@ dinho
 

As I noted to you (dinho2020) at another security forum site...please do not post active links to possible malware (malicious files), including links which may lead to sites where infections have been contracted and spread. If it is malicious, we don't want other members accidentally clicking on such links and infecting their machines. All such links will be removed to protect other members reading our forum topics.

Share this post


Link to post
Share on other sites
15 hours ago, dinho said:

I got the virus from these files here. description of this video. he is spreading it see !!!

We already have access to any version of this ransomware we want, and don't need any new samples to be submitted.

Share this post


Link to post
Share on other sites

Hi I'm Vusi

I have a problem with this virus and it has encrypted all my files.

 No key for New Variant offline ID: A9GoURN1YjdAQyaC6wsAFQH69tLYb2jZFkNvyct1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

.npsg

Can someone please help me with the decryption process

thank you.

Share this post


Link to post
Share on other sites
17 hours ago, Vusi said:

No key for New Variant offline ID: A9GoURN1YjdAQyaC6wsAFQH69tLYb2jZFkNvyct1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

hello sir

i got the key how can i decrypt my files ?

{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

this key for npsk online encrypt

Share this post


Link to post
Share on other sites
On 5/9/2020 at 7:11 PM, zoyacell said:

i got the key how can i decrypt my files ?

{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

this key for npsk online encrypt

That's not an RSA private key. That's not even an RSA public key. That looks like a CLSID, which has nothing to do with encryption.

Share this post


Link to post
Share on other sites
13 hours ago, GT500 said:

mado indicates a variant of the STOP/Djvu ransomware, and we already have a decrypter for that. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

I Tried to run a decryptor but it keeps on saying the same message.  

I don't know whether I'm failing to run it in a proper way. 

Please help🙏🏻

Share this post


Link to post
Share on other sites
9 hours ago, MuziQ said:

I Tried to run a decryptor but it keeps on saying the same message.

What's the message?

Share this post


Link to post
Share on other sites
2 hours ago, GT500 said:

What's the message?

 The message is:

No key for New Variant offline ID: A9GoURN1YjdAQyaC6wsAFQH69tLYb2jZFkNvyct1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

Share this post


Link to post
Share on other sites

Hy Everyone .

I am infected by Mado, some of my files are decrypted but some are not, how can I decrypt all of them?

Thanks GT500 for ur assistance .

Share this post


Link to post
Share on other sites
1 hour ago, MuziQ said:

I am infected by Mado, some of my files are decrypted but some are not, how can I decrypt all of them?

What does the decrypter say about files it can't decrypt?

Share this post


Link to post
Share on other sites
17 hours ago, MuziQ said:

It say nothing but it skip them

Would it be possible to copy the log output from the decrypter and paste it into a reply?

Share this post


Link to post
Share on other sites
On 5/13/2020 at 5:32 AM, MuziQ said:

 The message is:

No key for New Variant offline ID: A9GoURN1YjdAQyaC6wsAFQH69tLYb2jZFkNvyct1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is the offline ID for the .btos STOP variant - offline/private key has not been recovered.

Share this post


Link to post
Share on other sites
Quote

Please note: this identifier looks like a standalone identifier, decryption MAY be possible in the future

Emsisoft Decryptor will help you when the decryption keys are loaded into it. You were attacked by the new variant of 'STOP Ransomware', there are no keys to it yet.

Only this decryptor will help you. He will help for free! 

You need to be patient and wait. Download the new version every week and check.

Share this post


Link to post
Share on other sites
21 hours ago, dartmoor2012 said:

Emsisoft Decryptor for STOP Djvu Version: 1.0.0.4 did not help me   😢

What did the decrypter tell you when it failed to decrypt your files?

  • Like 1

Share this post


Link to post
Share on other sites
38 minutes ago, GT500 said:

What did the decrypter tell you when it failed to decrypt your files?

There is no key for the new version of the standalone ID: ZHTDPc8sLY4CFFin0dsu3ZLkCGBPqvDIYFN5Okt1

Please note: this identifier looks like a standalone identifier, decryption MAY be possible in the future

Share this post


Link to post
Share on other sites

I CAN NOT THANK MORE. I AM GRATEFUL. ALL DATA RECOVERED. I AM FULL WITH JOY. THANKS AGAIN GT500 AND EMSISOFT FAMILY

Share this post


Link to post
Share on other sites

same issue with a .mpal virus, can anyone kindly help??

No key for New Variant offline ID: HXrY0WMqvNQvSwO4TneG0C9cVMtVYLf0bH8uYft1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

Share this post


Link to post
Share on other sites
On 5/16/2020 at 5:46 AM, dartmoor2012 said:

There is no key for the new version of the standalone ID: ZHTDPc8sLY4CFFin0dsu3ZLkCGBPqvDIYFN5Okt1
Please note: this identifier looks like a standalone identifier, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
On 5/16/2020 at 4:50 PM, jazzy said:

Im soo happy all data recover from mado THX again GT500

Awesome. I'm glad we were able help decrypt your files. 👍

Share this post


Link to post
Share on other sites
On 5/17/2020 at 3:09 AM, sewaq said:

I CAN NOT THANK MORE. I AM GRATEFUL. ALL DATA RECOVERED. I AM FULL WITH JOY. THANKS AGAIN GT500 AND EMSISOFT FAMILY

You're welcome. Be sure to keep your computer and your data safe going forward. 👍

Share this post


Link to post
Share on other sites
On 5/18/2020 at 3:36 AM, heldworld said:

No key for New Variant offline ID: HXrY0WMqvNQvSwO4TneG0C9cVMtVYLf0bH8uYft1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.