NAVAS 0 Posted May 30, 2020 Report Share Posted May 30, 2020 (edited) Hi frinds. my system infected a ransomware & encrypted all fiels as filename.koti i have do backup infected files such as pictures and excel files i have formated my pc to ger rid of ransomware then used EMSISOFT DECRYPTOR FOR STOP dvju it showing "File: H:\phone backup\Android\data\com.zhiliaoapp.musically\cache\picture\fresco_cache\v2.ols100.1\6\2U6JaSd2VhHD2X1ya5h9v5rLg_w.cnt.koti No key for New Variant offline ID: bQzou4YCQGWMhQnYUmmzNP6cr4msBmV2AwESnrt1 Notice: this ID appears be an offline ID, decryption MAY be possible in the future" like messages for all files HOW I DECRYPT FILES 2 Manjeri Old Building.xlsx.koti 3 manjeri out side.xlsx.koti 20d369ebb449ac01703d47a706606477.jpg.koti 51944_dev-joshi-baal-veer.jpg.koti Edited May 30, 2020 by NAVAS to upload sample encryped files Quote Link to post Share on other sites
GT500 853 Posted May 31, 2020 Report Share Posted May 31, 2020 19 hours ago, NAVAS said: No key for New Variant offline ID: bQzou4YCQGWMhQnYUmmzNP6cr4msBmV2AwESnrt1 Notice: this ID appears be an offline ID, decryption MAY be possible in the future This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.