NAVAS 0 Report post Posted May 30 (edited) Hi frinds. my system infected a ransomware & encrypted all fiels as filename.koti i have do backup infected files such as pictures and excel files i have formated my pc to ger rid of ransomware then used EMSISOFT DECRYPTOR FOR STOP dvju it showing "File: H:\phone backup\Android\data\com.zhiliaoapp.musically\cache\picture\fresco_cache\v2.ols100.1\6\2U6JaSd2VhHD2X1ya5h9v5rLg_w.cnt.koti No key for New Variant offline ID: bQzou4YCQGWMhQnYUmmzNP6cr4msBmV2AwESnrt1 Notice: this ID appears be an offline ID, decryption MAY be possible in the future" like messages for all files HOW I DECRYPT FILES 2 Manjeri Old Building.xlsx.koti 3 manjeri out side.xlsx.koti 20d369ebb449ac01703d47a706606477.jpg.koti 51944_dev-joshi-baal-veer.jpg.koti Edited May 30 by NAVAS to upload sample encryped files Quote Share this post Link to post Share on other sites
GT500 823 Report post Posted May 31 19 hours ago, NAVAS said: No key for New Variant offline ID: bQzou4YCQGWMhQnYUmmzNP6cr4msBmV2AwESnrt1 Notice: this ID appears be an offline ID, decryption MAY be possible in the future This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Share this post Link to post Share on other sites
