123fizh 0 Posted December 6, 2020 Report Share Posted December 6, 2020 This is a new ransomware with this particular _readme.txt message ATTENTION! Don't worry, you can return all your files! All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. What guarantees you have? You can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain valuable information. You can get and look video overview decrypt tool: https://we.tl/t-j3hj0RjttJ Price of private key and decrypt software is $980. Discount 50% available if you contact us first 72 hours, that's price for you is $490. Please note that you'll never restore your data without payment. Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours. To get this software you need write on our e-mail: [email protected] Reserve e-mail address to contact us: [email protected] Your personal ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX When will emsisoft release the new decryption for this ransomware (.Nobu)? Because all my important file are infected and a lot of them that i haven't backup, so yeah pretty desperate here. All my files has extensions of (.Nobu) so then i couldn't open any of the files that are infected. Thank you Quote Link to post Share on other sites
josshart 0 Posted December 6, 2020 Report Share Posted December 6, 2020 c'est carrément dégueulasse je vais porter plainte en haut lieu pour de tel agissement Quote Link to post Share on other sites
bunnyllk 0 Posted December 7, 2020 Report Share Posted December 7, 2020 i need help too, it encrypted all my back up files in the main hard disk and external hard disk Quote Link to post Share on other sites
Stylistic_star 0 Posted December 7, 2020 Report Share Posted December 7, 2020 23 hours ago, 123fizh said: This is a new ransomware with this particular _readme.txt message ATTENTION! Don't worry, you can return all your files! All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. What guarantees you have? You can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain valuable information. You can get and look video overview decrypt tool:https://we.tl/t-j3hj0RjttJ Price of private key and decrypt software is $980. Discount 50% available if you contact us first 72 hours, that's price for you is $490. Please note that you'll never restore your data without payment. Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours. To get this software you need write on our e-mail: [email protected]ail.ch Reserve e-mail address to contact us: [email protected] Your personal ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX When will emsisoft release the new decryption for this ransomware (.Nobu)? Because all my important file are infected and a lot of them that i haven't backup, so yeah pretty desperate here. All my files has extensions of (.Nobu) so then i couldn't open any of the files that are infected. Thank you I'm too facing the same issue I believe emsisoft will help us ! Quote Link to post Share on other sites
Ahmad Abomrish 0 Posted December 7, 2020 Report Share Posted December 7, 2020 me to same virus .nobu i need help please Quote Link to post Share on other sites
Moahmed Badway 0 Posted December 7, 2020 Report Share Posted December 7, 2020 I need help too I got same virus .nobu Quote Link to post Share on other sites
Aa123 0 Posted December 8, 2020 Report Share Posted December 8, 2020 All of my documents has a .nobu extension No recovery tool helped me I moved them to a flash drive and reset my pc . Waiting for a decryption tool from emsisoft Quote Link to post Share on other sites
GT500 873 Posted December 8, 2020 Report Share Posted December 8, 2020 On 12/6/2020 at 7:14 AM, 123fizh said: This is a new ransomware with this particular _readme.txt message This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Stylistic_star 0 Posted December 8, 2020 Report Share Posted December 8, 2020 I hope emsisoft will find it soon and help us kindly do it as soon as possible it's a kind request !🙏 Facing a big problem sir ; Thank you ! Quote Link to post Share on other sites
Stylistic_star 0 Posted December 8, 2020 Report Share Posted December 8, 2020 It shows that the remote name error when offline but when online it shows No key for new variant online id Xxxxxx This id appears to be an online iD decryption is impossible Quote Link to post Share on other sites
phradamon 0 Posted December 8, 2020 Report Share Posted December 8, 2020 Hi! I have the same problem, last night my pc was infected and all my files are now encrypted. Please help! Tell me what you need me to provide so you can decrypt the files. Also, why is difficult to decrypt online variant? Thank you! Quote Link to post Share on other sites
Stylistic_star 0 Posted December 8, 2020 Report Share Posted December 8, 2020 1 hour ago, phradamon said: Hi! I have the same problem, last night my pc was infected and all my files are now encrypted. Please help! Tell me what you need me to provide so you can decrypt the files. Also, why is difficult to decrypt online variant? Thank you! Idk btw there will be a way for sure let's get rid of malwares and Ransome from our systems scan our files and remove viruses at first then I hope the decryption would be possible without the encryption online hosts be hopeless ! That's the only thing we can do now until that we will have to wait for decryption software from emsisoft I hope that they will make it possible ! Thank you , Quote Link to post Share on other sites
Magdana 0 Posted December 8, 2020 Report Share Posted December 8, 2020 9 hours ago, GT500 said: This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ When can we expect decryption tool from emsisoft ? Quote Link to post Share on other sites
Stylistic_star 0 Posted December 8, 2020 Report Share Posted December 8, 2020 I think soon ! Quote Link to post Share on other sites
Akssel 0 Posted December 8, 2020 Report Share Posted December 8, 2020 Error: Impossibile risolvere il nome remoto.: 'decrypter.emsisoft.com' HELP!!! Quote Link to post Share on other sites
GT500 873 Posted December 9, 2020 Report Share Posted December 9, 2020 16 hours ago, phradamon said: Also, why is difficult to decrypt online variant? It's not difficult, it's impossible to do it without the private key for your ID, and only the criminals have access to the private keys. The reason is that an online ID means that the ID, public key, and private key were all randomly generated on the ransomware's command and control server. Only the ID and public key are sent to the infected computer for the ransomware to use during encryption, and the only way to decrypt files is to use the private key. Since it would take thousands of years even for the most powerful super computer to brute force the private keys it's generally considered impossible to decrypt files that have an online ID. Offline ID's at least have a chance of being decrypted because files that have offline ID's were encrypted using an offline public key, and that public key and ID only change when the variant changes, so everyone who has the same ID can use the same private key to decrypt their files. If a victim with an offline ID pays the ransom and donates their private key to us, we can add it to our database for use by our decrypter. Quote Link to post Share on other sites
GT500 873 Posted December 9, 2020 Report Share Posted December 9, 2020 12 hours ago, Magdana said: When can we expect decryption tool from emsisoft ? We already have one. The decrypter needs private keys, and they're in the possession of the criminals who made the ransomware. We don't have any way to get private keys unless victims who have paid the ransom send them to us. This should all be covered in this link to more information:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
GT500 873 Posted December 9, 2020 Report Share Posted December 9, 2020 9 hours ago, Akssel said: Error: Impossibile risolvere il nome remoto.: 'decrypter.emsisoft.com' HELP!!! Is the computer connected to the Internet? Quote Link to post Share on other sites
Stylistic_star 0 Posted December 9, 2020 Report Share Posted December 9, 2020 Nope I'm offline and installed antivirus malware detection software just a awaiting for emsisoft to give the software kindly do for our sake it's really important Thank you , Quote Link to post Share on other sites
Sonny Wijaya 0 Posted December 9, 2020 Report Share Posted December 9, 2020 Hi there Recently in my country Indonesia, i got 3 client infected with .NOBU And fortunately they got their file back, although not 100% percent, but its better than nothing. Because until now no fixed solution for almost all variant ransomware, its better to take off your hard drive, and wait for emsisoft decryptor. Quote Link to post Share on other sites
Stylistic_star 0 Posted December 9, 2020 Report Share Posted December 9, 2020 Hey how which was the software kindly inform me about the decryption ; I've got antivirus and malware detection software and got rid of some malwares detected and now I'm free of infection will I be possible to get my data back coz the links could've been blocked or broken Quote Link to post Share on other sites
Magdana 0 Posted December 9, 2020 Report Share Posted December 9, 2020 5 hours ago, GT500 said: We already have one. The decrypter needs private keys, and they're in the possession of the criminals who made the ransomware. We don't have any way to get private keys unless victims who have paid the ransom send them to us. This should all be covered in this link to more information:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ I have document 'PersonalID' with this code: SDf7R6WUGaEzJNgXcQpRgN6gCpPPwTjbgmTvgSAY This document made criminals. I did not get any information about money for them. Quote Link to post Share on other sites
Stylistic_star 0 Posted December 9, 2020 Report Share Posted December 9, 2020 47 minutes ago, Magdana said: I have document 'PersonalID' with this code: SDf7R6WUGaEzJNgXcQpRgN6gCpPPwTjbgmTvgSAY This document made criminals. I did not get any information about money for them. Good things on our side guys block all your internet connection and run out the malware byte software and remove the injected Ransome viruses for further causes or damage to your data ! I got just now by scanning through Emsisoft Decryptor for STOP Djvu and got this results : Error : The remote name could not be resolved : "decryptor.emsisoft.com" GUYS BLOCK ALL THE INTERNET CONNECTIONS AND REMOVE THE VIRUSES AND MALWARES ; THIS CAN BE A WAY EASIER TO GET BACK OUR FILES EMSISOFT KINDLY HELP US OUT ! THANK YOU , Quote Link to post Share on other sites
Sonny Wijaya 0 Posted December 9, 2020 Report Share Posted December 9, 2020 4 hours ago, Stylistic_star said: Hey how which was the software kindly inform me about the decryption ; I've got antivirus and malware detection software and got rid of some malwares detected and now I'm free of infection will I be possible to get my data back coz the links could've been blocked or broken Unfortunately, as long as i know theres no software or antivirus can detect or give u notification about ransomware trying to breach your system. The only best solution i know is to prevent this thing to encrypt your data. Stop downloading software or serial number, this is the TOP NUMBER 1 THINGS YOU SHOULDNT DO. Quote Link to post Share on other sites
Stylistic_star 0 Posted December 9, 2020 Report Share Posted December 9, 2020 12 minutes ago, Sonny Wijaya said: Unfortunately, as long as i know theres no software or antivirus can detect or give u notification about ransomware trying to breach your system. The only best solution i know is to prevent this thing to encrypt your data. Stop downloading software or serial number, this is the TOP NUMBER 1 THINGS YOU SHOULDNT DO. I got it ; btw I'm being well known about this from emsisoft community thank you ! By we can break the connection Quote Link to post Share on other sites
josssia 0 Posted December 9, 2020 Report Share Posted December 9, 2020 6 hours ago, Sonny Wijaya said: Hi there Recently in my country Indonesia, i got 3 client infected with .NOBU And fortunately they got their file back, although not 100% percent, but its better than nothing. Because until now no fixed solution for almost all variant ransomware, its better to take off your hard drive, and wait for emsisoft decryptor. Download Image Saya juga dari Indonesia, saya kena nobu di semua folder D saya. saya mau tanya, itu client kaka filenya balik dengan sendirinya gimana? Quote Link to post Share on other sites
Akssel 0 Posted December 9, 2020 Report Share Posted December 9, 2020 11 hours ago, GT500 said: Is the computer connected to the Internet? No, I turned off the internet on the PC and also tried to turn off the modem... Quote Link to post Share on other sites
Sonny Wijaya 0 Posted December 10, 2020 Report Share Posted December 10, 2020 15 hours ago, josssia said: Saya juga dari Indonesia, saya kena nobu di semua folder D saya. saya mau tanya, itu client kaka filenya balik dengan sendirinya gimana? Kebetulan saya data recovery pak, hal2 yang berkaitan dengan ransomware itu sebenarnya sedikit bersinggungan dengan teknik data recovery. Sayangnya sampai sekarang, banyak orang yang tidak aware akan bahayanya ransomware ini pak. Boleh tau sudah diapain aja pak hardisknya ? Quote Link to post Share on other sites
GT500 873 Posted December 10, 2020 Report Share Posted December 10, 2020 22 hours ago, Stylistic_star said: Nope I'm offline... That's why the decrypter didn't work. It needs an Internet connection. 18 hours ago, Stylistic_star said: GUYS BLOCK ALL THE INTERNET CONNECTIONS AND REMOVE THE VIRUSES AND MALWARES ; THIS CAN BE A WAY EASIER TO GET BACK OUR FILES Not only is there no need to do this, but doing so will in no way help you recover your files. The STOP/Djvu ransomware is very easy to remove, and most Anti-Virus software can detect it. You can even use EmsisEmsisoft Emergency Kit (free for home/personal use) to run a scan:https://www.emsisoft.com/en/home/emergencykit/ Quote Link to post Share on other sites
GT500 873 Posted December 10, 2020 Report Share Posted December 10, 2020 17 hours ago, Sonny Wijaya said: Unfortunately, as long as i know theres no software or antivirus can detect or give u notification about ransomware trying to breach your system. Emsisoft Anti-Malware's Behavior Blocker is fairly good at stopping ransomware attacks:https://www.emsisoft.com/en/home/antimalware/ Quote Link to post Share on other sites
GT500 873 Posted December 10, 2020 Report Share Posted December 10, 2020 19 hours ago, Magdana said: I have document 'PersonalID' with this code: SDf7R6WUGaEzJNgXcQpRgN6gCpPPwTjbgmTvgSAY This document made criminals. I did not get any information about money for them. Your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
GT500 873 Posted December 10, 2020 Report Share Posted December 10, 2020 16 hours ago, josssia said: Saya juga dari Indonesia, saya kena nobu di semua folder D saya. saya mau tanya, itu client kaka filenya balik dengan sendirinya gimana? This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Terjemahan disediakan oleh Google: Ini adalah varian yang lebih baru dari STOP / Djvu. Jika Anda memiliki ID offline, maka setelah kami dapat menemukan kunci dekripsi untuk varian ini dan menambahkannya ke database kami, Anda akan dapat memulihkan file Anda. Namun, jika Anda memiliki ID online (yang lebih mungkin) maka tidak mungkin untuk memulihkan file Anda. Ada lebih banyak informasi di tautan berikut:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
GT500 873 Posted December 10, 2020 Report Share Posted December 10, 2020 14 hours ago, Akssel said: No, I turned off the internet on the PC and also tried to turn off the modem... The decrypter won't work when it has no Internet connection. Quote Link to post Share on other sites
josssia 0 Posted December 10, 2020 Report Share Posted December 10, 2020 1 hour ago, Sonny Wijaya said: Kebetulan saya data recovery pak, hal2 yang berkaitan dengan ransomware itu sebenarnya sedikit bersinggungan dengan teknik data recovery. Sayangnya sampai sekarang, banyak orang yang tidak aware akan bahayanya ransomware ini pak. Boleh tau sudah diapain aja pak hardisknya ? belum saya apa2in pak karna saya baru pertama kali terkena ransomware ini dan saya gatau apa yang harus saya lakukan Quote Link to post Share on other sites
Akssel 0 Posted December 10, 2020 Report Share Posted December 10, 2020 7 hours ago, GT500 said: The decrypter won't work when it has no Internet connection. When I'm connected to the internet: (Error: No key for New Variant online ID: DE8ADnV8LUx7e5KYh8u0qg96Yw8dAHbQ2aN7oRr7 Notice: this ID appears to be an online ID, decryption is impossible) When I'm offline: (Error: Impossibile risolvere il nome remoto.: 'decrypter.emsisoft.com') It doesn't work in any way😭 Quote Link to post Share on other sites
GT500 873 Posted December 11, 2020 Report Share Posted December 11, 2020 14 hours ago, Akssel said: No key for New Variant online ID: DE8ADnV8LUx7e5KYh8u0qg96Yw8dAHbQ2aN7oRr7 Notice: this ID appears to be an online ID, decryption is impossible This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Kim999 0 Posted December 15, 2020 Report Share Posted December 15, 2020 On 12/10/2020 at 1:07 PM, Sonny Wijaya said: Kebetulan saya data recovery pak, hal2 yang berkaitan dengan ransomware itu sebenarnya sedikit bersinggungan dengan teknik data recovery. Sayangnya sampai sekarang, banyak orang yang tidak aware akan bahayanya ransomware ini pak. Boleh tau sudah diapain aja pak hardisknya ? Yes my friend told me so. Using data recovery. Even though it's not 100% recover your files as it infected almost the WHOLE files in folder and sub folder. I have the back up on external harddisk for some of the files...Now the next issue is that I kind of worried to connect external harddisk in order to copy the files I need from backup-external harddisk. I already scan everything and get my windows massive update. Do you guys thing the malware is cleaned? And how do I make sure it. Ps: I'm from Indonesia also. I use english so that everyone here may know the best solution for this creepy things v^_^ Quote Link to post Share on other sites
GT500 873 Posted December 16, 2020 Report Share Posted December 16, 2020 20 hours ago, Kim999 said: Do you guys thing the malware is cleaned? And how do I make sure it. Most Anti-Virus software can detect it, and it's easy to remove. You can use Emsisoft Emergency Kit (free for home/personal use) for a second opinion scan if you need to:https://www.emsisoft.com/en/home/emergencykit/ Quote Link to post Share on other sites
Ezam 0 Posted December 23, 2020 Report Share Posted December 23, 2020 When is Nobu decryptor will be release...? Quote Link to post Share on other sites
Akssel 0 Posted December 23, 2020 Report Share Posted December 23, 2020 On 12/10/2020 at 3:53 PM, Akssel said: When I'm connected to the internet: (Error: No key for New Variant online ID: DE8ADnV8LUx7e5KYh8u0qg96Yw8dAHbQ2aN7oRr7 Notice: this ID appears to be an online ID, decryption is impossible) When I'm offline: (Error: Impossibile risolvere il nome remoto.: 'decrypter.emsisoft.com') It doesn't work in any way😭 Someone found the solution to descrypt the "NUBE" files????? Quote Link to post Share on other sites
GT500 873 Posted December 24, 2020 Report Share Posted December 24, 2020 19 hours ago, Ezam said: When is Nobu decryptor will be release...? This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
zens 0 Posted December 25, 2020 Report Share Posted December 25, 2020 Please help me from Indonesia, I am being hit by a Ransomware virus accident, the data files that were handed over to drive D and E all files changed to type IGAL File (.igal). and the attached criminal's message. I really hope to get a solution and help. Thank you for your help and attentioncrooks message : ATTENTION! Don't worry, you can return all your files! All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key. The only method of recovering files is to purchase decrypt tool and unique key for you. This software will decrypt all your encrypted files. What guarantees you have? You can send one of your encrypted file from your PC and we decrypt it for free. But we can decrypt only 1 file for free. File must not contain valuable information. You can get and look video overview decrypt tool: https://we.tl/t-aWdCfIWJJ2 Price of private key and decrypt software is $980. Discount 50% available if you contact us first 72 hours, that's price for you is $490. Please note that you'll never restore your data without payment. Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours. To get this software you need write on our e-mail: [email protected] Reserve e-mail address to contact us: [email protected] Your personal ID: xxxxx.xxxxxx.xxxxxx.xxxxxxxx Quote Link to post Share on other sites
GT500 873 Posted December 26, 2020 Report Share Posted December 26, 2020 16 hours ago, zens said: Your personal ID:xxxxx.xxxxxx.xxxxxx.xxxxxxxx This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Quote Link to post Share on other sites
Akssel 0 Posted December 30, 2020 Report Share Posted December 30, 2020 On 12/26/2020 at 6:20 AM, GT500 said: This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ File: C:\Montaggio\VE Project 1.wfp.nobu Error: No key for New Variant online ID: DE8ADnV8LUx7e5KYh8u0qg96Yw8dAHbQ2aN7oRr7 Notice: this ID appears to be an online ID, decryption is impossible Quote Link to post Share on other sites
GT500 873 Posted December 31, 2020 Report Share Posted December 31, 2020 10 hours ago, Akssel said: No key for New Variant online ID: DE8ADnV8LUx7e5KYh8u0qg96Yw8dAHbQ2aN7oRr7 Notice: this ID appears to be an online ID, decryption is impossible That's an online ID. Your files aren't decryptable. Quote Link to post Share on other sites
Magdana 0 Posted January 5 Report Share Posted January 5 On 12/24/2020 at 6:18 AM, GT500 said: This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Did you manage to prepare the decrypter? Quote Link to post Share on other sites
GT500 873 Posted January 6 Report Share Posted January 6 16 hours ago, Magdana said: Did you manage to prepare the decrypter? The decrypter hasn't been updated in quite some time, and when we do update it we only do so to fix bugs. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.