Sign in to follow this  
pwpantkowiak

.geno online key

Recommended Posts

Hi guys. My computer has been infected by ransomware STOP (Djvu) (.geno file extencion with online key). I know how to deal with offline key, but I don't know what to do with online one. And now I need help.

https://id-ransomware.malwarehunterteam.com/identify.php?case=2d8ee65819fe0bc4f0dc0e3114ede6aa0698ad5f

 

Przechwytywanie.PNG
Download Image

PS. I tried Shadow Exploler, Dmde, Recuva, Stellar, EaseUS and it doesn't help

Share this post


Link to post
Share on other sites

This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites
16 hours ago, pwpantkowiak said:

Is there a version of EMSISOFT where I can enter own online key and unlock files? Or Is it impossible?

If you mean the Emsisoft STOP/Djvu decrypter, then no.

You can send private keys to us to be added to our database, however please note that the only way you would be in possession of a private key that would allow for decryption of your files is if you paid the ransom.

Share this post


Link to post
Share on other sites
12 hours ago, dibyisrael said:

Please i have this offline ID: Gq9C3wfB3EovXBFkGxv1b5wkUKUxVy1x63fasTt1. Can you help so that i can decrypt my files? Thank you in anticipation of your help!

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Share this post


Link to post
Share on other sites

Good morning, I did a real-time cache scan while the virus was running in extension .kasp and I managed to get a temporary: —–BEGIN PRIVATE KEY —–—– END PRIVATE KEY—– and {"public_key": "- ---- BEGIN PUBLIC KEY ----- \\ n \\ n ----- END PUBLIC KEY ----- \\ n "," id ":" zCepAtFaIg8IfVDSKJwm9nYnCUcFQ4aWALSB9Wii "}

I can share the key online, but I need to be told first how to use it myself, on my own.

Share this post


Link to post
Share on other sites
10 hours ago, Jorgy said:

I can share the key online, but I need to be told first how to use it myself, on my own.

The key that was sent was a public key, which is useless for decryption. Private keys are not sent to your computer unless you pay the ransom, and since online ID's are unique for each computer your private key won't work for anyone else.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.