Jump to content

infected with .iqll extension


Recommended Posts

hello guys its me vicky here,

Please help me, my all data files are encrypted with iqll extension. once I get to know about ransom virus from internet i installed immediately new window by  formatting "C" Drive but my other data which was on drive such as ( "D" , "E" and "F") its still encrypted. I am not able to open it.

could somebody help me to decrypt my files   

Please help 

 

i also found note from ransom attacker which was inside of "_readme.txt"  check the attachment file.

 

i had tried to decrypt data by using emsisoft decrypted tolls, i am getting this error see below

 

File: I:\Desktop\Publication\Extra\Conflict_of_Interest oxford.doc.iqll
Error: No key for New Variant offline ID: ppmn5q6DzrybvhIkCuuqaearFxJ8Rc3difSaWft1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

 

During my research i have found some information which is really helpful for those who had not installed new window:

 

1)  watch this vedio below, maybe  it would be helpful for someone. in case it was not helpful because i had installed new window.

https://www.youtube.com/watch?v=8mCtBQqHZQA

but if u guys had note installed window yet try to used shadow explorer tool to rollback your data or or Recuva toll for recovery of data

https://www.shadowexplorer.com/downloads.html

https://softradar.com/recuva-portable/

 

2) or you can follow method 2 and 4 

https://www.free-uninstall.org/how-to-remove-iqll-ransomware-and-decrypt-iqll-files/

 

 

 

 

_readme.txt

Link to comment
Share on other sites

10 hours ago, waqas saeed said:

During my research i have found some information which is really helpful for those who had not installed new window:

 

1)  watch this vedio below, maybe  it would be helpful for someone. in case it was not helpful because i had installed new window.

https://www.youtube.com/watch?v=8mCtBQqHZQA

but if u guys had note installed window yet try to used shadow explorer tool to rollback your data or or Recuva toll for recovery of data

https://www.shadowexplorer.com/downloads.html

https://softradar.com/recuva-portable/

 

2) or you can follow method 2 and 4 

https://www.free-uninstall.org/how-to-remove-iqll-ransomware-and-decrypt-iqll-files/

It's all trash and will never help you or others.

Link to comment
Share on other sites

10 hours ago, waqas saeed said:

Error: No key for New Variant offline ID: ppmn5q6DzrybvhIkCuuqaearFxJ8Rc3difSaWft1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future

Good, you have an offline ID. 

This is not a bug/error in the program. This is how the decryptor informs that it does cannot decrypt the files now because it does not yet have the decryption key for this variant.

Its addition to Decryptor depends on the voluntary transfer of the key so that others victims can decrypt the files without paying a ransom. But we cannot predict when someone will share the purchased key with the 'Emsisoft Decryptor' developers.
The encrypted files need to be saved to an external drive to prevent encryption from being repeated by another ransomware attack.

Highly undesirable try different software that is not designed to decrypt files after the 'STOP Ransomware'. 
Other software can damage your files and make decryption impossible. 
If you are doing experiments, make a copy of the encrypted files for testing.

 

Link to comment
Share on other sites

If the files are needed urgently and you can't wait until it becomes possible to decrypt all the files ...

If you have encrypted archives, you can partially recover them. Only 1-2 files are damaged there. The extension can be removed, and the files must be extracted. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable.

There is an alternative (additional) way to recover some media files:
WAV, MP3, MP4, M4V, MOV, 3GP.

https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp 

But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. 

An alternative method for other files has not yet been found.

Link to comment
Share on other sites

This 'STOP Ransomware' enters the PC due to the fact that it is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat.
If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks.
There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. 

After this attack, PCs could have stayed other malware elements. This maybe is an 'info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware.
Use an antivirus such as Emsisoft Anti-Malware to effectively remove the malware. 
You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ 

Link to comment
Share on other sites

Mr Amigo thankyou soo much for helping me out. i have tried all these methods mention above but unfortunate it was not successful.

i have taken the backup of my all data in external drive separately lets hope in future we can find some solution for recovering my data.

once again thankyou so much for your effort, i really appreciate for that.

 

Link to comment
Share on other sites

On 6/28/2021 at 1:26 PM, waqas saeed said:

Mr Amigo thankyou soo much for helping me out. i have tried all these methods mention above but unfortunate it was not successful.

i have taken the backup of my all data in external drive separately lets hope in future we can find some solution for recovering my data.

once again thankyou so much for your effort, i really appreciate for that.

 

Run the Emsisoft decrypter NOW. It appears that Emsisoft has received the offline/private key for the .igll STOP variant.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...