Recommended Posts

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like for me to review them.

  • Like 1

Share this post


Link to post
Share on other sites
2 hours ago, XdroidBryan said:

Same here, there seems to be no solution at the moment for those of us who have this problem.

This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
10 hours ago, Igor13 said:

EQgcqyXFWysI4yPKfVtrNJjcfa7hBHR87o19Ub1g     this is my personal ID, it was on :C disk.

That's an online ID.

Share this post


Link to post
Share on other sites

@GT500, I have been affected by the .remk ransomware and the id given in the ransomnote is

Personal ID:

0214OIQuhkjdxstLXFeXAwy6S6n9cLIDQP2NLNMEepyOGy770ct1

 

Can you please help me with that? Appreciate it.

Share this post


Link to post
Share on other sites
20 hours ago, Igor13 said:

And there is no decrypt for online ID? Is there some other way ?

You can only decrypt files that have been encrypted by newer variants of STOP/Djvu if you have the private key, and since it was generated online (by the ransomware's command and control servers) that means the private key was never on your computer and there is no way for anyone other than the criminals to know it.

In most cases forensic file recovery will not be effective, and you won't be able to recover your files via alternate means either.

 

1 hour ago, Mun said:

Personal ID:
0214OIQuhkjdxstLXFeXAwy6S6n9cLIDQP2NLNMEepyOGy770ct1

This is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

I was also a victim of this new extension :(

Can you tell me if my ID is online?

Thank you

ID: 0214OIQuhkjd08ONeRhC6WRoqpSqib2joUzarOdRhBBkWtw68gwq

Share this post


Link to post
Share on other sites

@Nguyễn Hữu Ánh and @Serge fedjio this is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

@Esteban88 this is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
22 hours ago, GT500 said:

@ Nguyễn Hữu Ánh  và @Serge fedjio  đây là một biến thể mới hơn của STOP / Djvu. Nếu bạn có ID ngoại tuyến, thì một khi chúng ta có thể tìm thấy khóa giải mã cho biến thể này và thêm nó vào cơ sở dữ liệu của chúng tôi, bạn sẽ có thể khôi phục các tệp của mình. Tuy nhiên, nếu bạn có ID trực tuyến (có nhiều khả năng hơn) thì sẽ không thể khôi phục các tệp của bạn. Có nhiều thông tin hơn tại liên kết sau:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

@ Esteban88  đây là một biến thể mới hơn của STOP / Djvu và ID của bạn là ID trực tuyến, vì vậy hiện tại không có cách nào để giải mã các tệp của bạn. Có nhiều thông tin hơn tại liên kết sau:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Thank you @GT500!!! I hope the miracle will come to me. Because of these files I took a lot of time to do. When to recover, please let me know. Thanks for supporting me !!!!!

Share this post


Link to post
Share on other sites

Hi my all files have .remk plz help me how can I recover my data it's very important for me the starting my personal I'd from hacker start from 0214 plz reply me at  **********

*email address removed to avoid member being spammed

Share this post


Link to post
Share on other sites
15 hours ago, Gaurav said:

Hi my all files have .remk plz help me how can I recover my data it's very important for me the starting my personal I'd from hacker start from 0214 plz reply me at  **********

This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.