CoolKaushik01 1 Posted May 12, 2020 Report Share Posted May 12, 2020 Need any option to decrypt files which are encrypted with .mzlq extension and while using emsisoft came to know that it is encrypted with online key. So need help to decrypt the files. Very urgent. 1 Quote Link to post Share on other sites
GT500 885 Posted May 12, 2020 Report Share Posted May 12, 2020 5 hours ago, CoolKaushik01 said: Need any option to decrypt files which are encrypted with .mzlq extension and while using emsisoft came to know that it is encrypted with online key. So need help to decrypt the files. Very urgent. This is a newer variant of STOP/Djvu, and since your ID is an online ID there is currently no way to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Raj052 0 Posted May 12, 2020 Report Share Posted May 12, 2020 I found the key to my mzlq malware. But how do I decrypt now? Is there any software which can do this? Thank you, Prithvi Raj Quote Link to post Share on other sites
Amigo-A 142 Posted May 12, 2020 Report Share Posted May 12, 2020 Just attach the _readme.txt file to the message Quote Link to post Share on other sites
GT500 885 Posted May 13, 2020 Report Share Posted May 13, 2020 19 hours ago, Raj052 said: I found the key to my mzlq malware. But how do I decrypt now? Is there any software which can do this? If you found a key, then it was a public key and not a private key, which means it can't help you decrypt your files. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Saadi 0 Posted May 13, 2020 Report Share Posted May 13, 2020 I'm struggling here with . mzlq files as well 😞 I hope you guys can assist, I'll pay for the decryption. Quote Link to post Share on other sites
Saadi 0 Posted May 13, 2020 Report Share Posted May 13, 2020 This is my _readme.txt file Please let me know _readme.txt Quote Link to post Share on other sites
GT500 885 Posted May 14, 2020 Report Share Posted May 14, 2020 23 hours ago, Saadi said: This is my _readme.txt file Please let me know This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Saadi 0 Posted May 14, 2020 Report Share Posted May 14, 2020 1 hour ago, GT500 said: This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ If I backup my encrypted files as they are, to access them at another time in the event of a decryptor being available, will the files not infect my new machine from the backup? Also will it be safe to back them up on an external hard drive without infecting the current files on there? Please advise. Thank you so much! Quote Link to post Share on other sites
GT500 885 Posted May 15, 2020 Report Share Posted May 15, 2020 17 hours ago, Saadi said: If I backup my encrypted files as they are, to access them at another time in the event of a decryptor being available, will the files not infect my new machine from the backup? No. Your files aren't infected, they're just encrypted. 17 hours ago, Saadi said: Also will it be safe to back them up on an external hard drive without infecting the current files on there? As long as you've removed the ransomware from your computer, then yes it's safe. Most Anti-Virus software can detect STOP/Djvu, and it's easy to remove, but if you don't already have something to scan for infections you can use Emsisoft Emergency Kit:https://www.emsisoft.com/en/home/emergencykit/ Quote Link to post Share on other sites
Adriel 0 Posted May 16, 2020 Report Share Posted May 16, 2020 I’m facing the same problem with .mzlq files and this is online ID. Please tell me the truth, will I ever be able to recover my files again because I have already tried most of the softwares available on the internet. Quote Link to post Share on other sites
GT500 885 Posted May 16, 2020 Report Share Posted May 16, 2020 6 hours ago, Adriel said: Please tell me the truth, will I ever be able to recover my files again because I have already tried most of the softwares available on the internet. If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:https://www.bleepingcomputer.com/feed/ Quote Link to post Share on other sites
Adriel 0 Posted May 17, 2020 Report Share Posted May 17, 2020 This is really bad. Some files are really important for me because those have my mother’s pictures and videos, who is no more in this world... And I don’t have any backup. I never thought this will happen. I can’t live without those memories...😭 Quote Link to post Share on other sites
GT500 885 Posted May 19, 2020 Report Share Posted May 19, 2020 On 5/17/2020 at 9:36 AM, Adriel said: This is really bad. Some files are really important for me because those have my mother’s pictures and videos, who is no more in this world... And I don’t have any backup. I never thought this will happen. I can’t live without those memories...😭 It may still be possible to decrypt the files some day. Just keep in mind that it won't been soon. The STOP ransomware has been around for a few years, and the Djvu variant has been around for about a year and a half. Whoever is behind it doesn't show any signs of stopping, and law enforcement hasn't arrested them yet, so it may still be some time before we're able to do anything more than we can right now. Quote Link to post Share on other sites
andon 0 Posted June 9, 2020 Report Share Posted June 9, 2020 Hello, according to the information on the Internet I need to have two files, one original and the second encrypted to use https://decrypter.emsisoft.com/submit/stopdjvu/ Is it true that your personal ID: there is t1 at the end of the code is encrypted with an offline key Quote Link to post Share on other sites
andon 0 Posted June 9, 2020 Report Share Posted June 9, 2020 (edited) Link removed. i take information from this web site Edited June 10, 2020 by GT500 Removed link. Quote Link to post Share on other sites
Amigo-A 142 Posted June 9, 2020 Report Share Posted June 9, 2020 @andon Here is the official help link from Emsisoft staff. Quote Link to post Share on other sites
GT500 885 Posted June 10, 2020 Report Share Posted June 10, 2020 20 hours ago, andon said: Is it true that your personal ID: there is t1 at the end of the code is encrypted with an offline key For any variants of STOP/Djvu in the past year, yes. Quote Link to post Share on other sites
andon 0 Posted June 10, 2020 Report Share Posted June 10, 2020 if i send you 1 file can you try to decrypt , because i cannot Quote Link to post Share on other sites
GT500 885 Posted June 11, 2020 Report Share Posted June 11, 2020 22 hours ago, andon said: if i send you 1 file can you try to decrypt , because i cannot If the decrypter can't decrypt your files, then we can't either. Anyone with an offline ID for .mzlq will have to wait for us to obtain the private key for that variant's offline ID so that we can add it to our database. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
ElSaFeR 0 Posted July 10, 2020 Report Share Posted July 10, 2020 i have the same problem but with .zida extension with personal ID: 0238yjnkjddrtp1EKGvS1O0qLUgSxNEHk7I9nO5py3pOy6dSQEXmr is it possible for decryption or not yet + i have some original unencrypted files for the encrypted files , can it help? Quote Link to post Share on other sites
GT500 885 Posted July 10, 2020 Report Share Posted July 10, 2020 3 hours ago, ElSaFeR said: i have the same problem but with .zida extension with personal ID: 0238yjnkjddrtp1EKGvS1O0qLUgSxNEHk7I9nO5py3pOy6dSQEXmr This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ 3 hours ago, ElSaFeR said: i have some original unencrypted files for the encrypted files , can it help? Newer variants of the STOP/Djvu ransomware use RSA keys, which are impervious to most forms of attack. Quote Link to post Share on other sites
tenpaz 0 Posted July 14, 2020 Report Share Posted July 14, 2020 On 5/17/2020 at 7:06 PM, Adriel said: This is really bad. Some files are really important for me because those have my mother’s pictures and videos, who is no more in this world... And I don’t have any backup. I never thought this will happen. I can’t live without those memories...😭 any luck? Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.