Jump to content

having .igdm encryption


NAI
 Share

Recommended Posts

13 hours ago, parth12196 said:

I also have this type of problem since yesterday

This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Link to comment
Share on other sites

Hi, I have the same problem.

I found the file in C:\SystemID\PersonalID (TextDocument) that containing SMBCEWX2G35wVgS6zqkrHnKONE8Qfw327iDGhh88
And I found the file in D:\_readme (Text Document) that containing 0270IsdeSMBCEWX2G35wVgS6zqkrHnKONE8Qfw327iDGhh88 in the last line.

I hope the descryption is found soon.

Link to comment
Share on other sites

19 hours ago, NAI said:

Then What Should I Do Now?

Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:
https://www.bleepingcomputer.com/

If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:
https://www.bleepingcomputer.com/feed/

Link to comment
Share on other sites

13 hours ago, parth12196 said:

can you help us or not

This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Link to comment
Share on other sites

2 hours ago, mrman said:

I found the file in C:\SystemID\PersonalID (TextDocument) that containing SMBCEWX2G35wVgS6zqkrHnKONE8Qfw327iDGhh88
And I found the file in D:\_readme (Text Document) that containing 0270IsdeSMBCEWX2G35wVgS6zqkrHnKONE8Qfw327iDGhh88 in the last line.

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Link to comment
Share on other sites

On 12/12/2020 at 9:49 AM, NAI said:

Hey, So I Found An Original File In My USB Stick and I Have The Encrypted File In My PC

Can You Guys Do Anything With This To Find The Decryption Key?

No, file pairs won't help with this type of encryption. Attempting to brute force the private key would take even a super computer thousands of years.

 

18 hours ago, NAI said:

HELLO, CAN ANYONE HELP?

Unfortunately there's no way to decrypt your files without the private key. Only the criminals have access to it. Until they are arrested, or law enforcement otherwise gains access to their database of private keys, there's nothing anyone can do.

Link to comment
Share on other sites

  • 1 month later...
58 minutes ago, qasimabd said:

personal ID:
0270IsdeesZFmqsO9S5CbFvecEa2WV0g2R3SZb0P4S5oaVt1

This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant.

There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Link to comment
Share on other sites

  • 2 months later...
18 hours ago, satan said:

0270IsdefHcFsOUyZkanUPoQdHIVKmmGLLiy0O85f1zQYDXv

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

Traducción proporcionada por Google:
Esta es una variante más nueva de STOP / Djvu, y su identificación es una identificación en línea, por lo que actualmente no hay forma de descifrar sus archivos. Hay más información en el siguiente enlace:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

Traducción proporcionada por DeepL:
Esta es una variante más reciente de STOP/Djvu, y su ID es una ID en línea, por lo que actualmente no hay manera de descifrar sus archivos. Hay más información en el siguiente enlace:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Link to comment
Share on other sites

4 hours ago, GT500 said:

This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

Traducción proporcionada por Google:
Esta es una variante más nueva de STOP / Djvu, y su identificación es una identificación en línea, por lo que actualmente no hay forma de descifrar sus archivos. Hay más información en el siguiente enlace:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

Traducción proporcionada por DeepL:
Esta es una variante más reciente de STOP/Djvu, y su ID es una ID en línea, por lo que actualmente no hay manera de descifrar sus archivos. Hay más información en el siguiente enlace:
https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Hola,

gracias por la respuesta. Entonces no me queda más que hacer una copia de seguridad y formatear mi PC, por si en algún momento del futuro se pueda desencriptar.

Un saludo.

Link to comment
Share on other sites

19 hours ago, satan said:

Hola,

gracias por la respuesta. Entonces no me queda más que hacer una copia de seguridad y formatear mi PC, por si en algún momento del futuro se pueda desencriptar.

Un saludo.

We certainly recommend a backup. As for reformatting, that's not normally necessary with the STOP/Djvu ransomware as it is relatively easy to remove, however if there is the possibility of other infections on the computer then feel free to go ahead and reformat and reinstall Windows if you'd prefer to do that.

 

Traducción proporcionada por Google:
Sin duda recomendamos una copia de seguridad. En cuanto al reformateo, normalmente no es necesario con el ransomware STOP / Djvu, ya que es relativamente fácil de eliminar, sin embargo, si existe la posibilidad de otras infecciones en la computadora, no dude en seguir adelante y reformatear y reinstalar Windows si lo prefiere. Para hacer eso.

 

Traducción proporcionada por DeepL:
Ciertamente recomendamos una copia de seguridad. En cuanto al reformateo, normalmente no es necesario con el ransomware STOP/Djvu, ya que es relativamente fácil de eliminar, sin embargo, si existe la posibilidad de otras infecciones en el equipo, entonces no dude en seguir adelante y reformatear y reinstalar Windows si prefiere hacerlo.

Link to comment
Share on other sites

  • 1 month later...

Hello @Elmer

This is the result of an attack by the 'STOP Ransomware' program. The extortionists who distribute this malicious program have been operating with impunity for 3.5 years. Interpol and secret services are involved in dirty politics and do not want to direct their efforts against the extortionists. 

Emsisoft Decryptor can decrypt files, but only if there is a "t1" (offline ID) at the end of the ID. Your ID also has "t1".
But this will become possible only after the decryption key of this variant is added to the Decryptor. When this will happen, it is impossible to predict. Save the encrypted files in a safe place, make a copy and re-download the decryptor once a week to try it. The expectation may take some time ...

  • Thanks 1
Link to comment
Share on other sites

29 minutes ago, Amigo-A said:

Hello @Elmer

This is the result of an attack by the 'STOP Ransomware' program. The extortionists who distribute this malicious program have been operating with impunity for 3.5 years. Interpol and secret services are involved in dirty politics and do not want to direct their efforts against the extortionists. 

Emsisoft Decryptor can decrypt files, but only if there is a "t1" (offline ID) at the end of the ID. Your ID also has "t1".
But this will become possible only after the decryption key of this variant is added to the Decryptor. When this will happen, it is impossible to predict. Save the encrypted files in a safe place, make a copy and re-download the decryptor once a week to try it. The expectation may take some time ...

Thank you very much for your great contribution to these unscrupulous people attack problems.

  • Like 1
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...