Jump to content

my files are encrypted


Recommended Posts

hello my files are encrypted and my english is bad i use transtale

I have something like this in my files


ATTENTION!

Don't worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
https://we.tl/t-I6qIbIYiz9
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that's price for you is $490.
Please note that you'll never restore your data without payment.
Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.


To get this software you need write on our e-mail:
[email protected]

Reserve e-mail address to contact us:
[email protected]

Your personal ID:
0326gDrgo922IaqlBU1I6IKX6eTDABuH3amHHwoa5qUSb8vt1


The error I get when I try to solve it in the program:
Notice: this ID appears be an offline ID, decryption MAY be possible in the future




 
Link to comment
Share on other sites

Quote

Your personal ID:
0326gDrgo922IaqlBU1I6IKX6eTDABuH3amHHwoa5qUSb8vt1

Quote

an offline ID, decryption MAY be possible in the future

Yes, it is probably true. The Emsisoft Decryptor defines this fact very accurately. 

0326 - is .hoop extension

The procedure is as follows:
First, someone buys the decryption key from the extortionists. 
Then he provides the key to the developer of the Emsisoft Decryptor.
Then Emsisoft will add this key to the decoder base.
Then the victims download a Emsisoft Decryptor and decrypt their files. 

Link to comment
Share on other sites

It is impossible to accelerate this happy event. You just have to wait. I'll tell you what to do while you wait.

Why did this happen?

This 'STOP Ransomware' enters the PC due to the fact that computer is poorly protected. People often use free antivirus programs with the 'Free' label in the name. None of these programs will protect PC from programs similar to 'STOP Ransomware', because basic protection is not capable of this feat.
If users used comprehensive protection of the 'Internet Security' class, then it would help protect PC from ransomware attacks.

There is no 100% protection against malware, but what the 'Free' antivirus gives is 1-2 percent protection. 

After this attack, PCs could have stayed other malware elements. This maybe is an info-stealer and something else. Therefore, it is urgent to conduct a full check and destroy malware.

Use an comprehensive anti-virus software such as Emsisoft Anti-Malware to effectively remove the malware. 
You can get a free trial 30-days version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/

It will help you clean your PC from other malware for free.

 

Link to comment
Share on other sites

Only after neutralizing all malicious files ...

I recommend this following method only when there is no other way... or if you cannot wait long.

This is not the decryption, it is the recovery of certain types of files using the features of these files.

1) If you have encrypted archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable.

2) There is an alternative (additional) way to recover some media files:
WAV, MP3, MP4, M4V, MOV, 3GP.

https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp

But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. 

If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%).

An alternative method for other files has not yet been found.

PS. It has been experimentally found that some types of files can be opened (restored) using the application in which they were created.
To do this, you must first remove the extension added by the encryptor. Then can try to open the file from the program in which it was created. So can open audio files, video files.
Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to damage. They can be easily damaged without encryption.

Link to comment
Share on other sites

You have no other way out of the problem.

You do not need to look for ANOTHER Decryptor somewhere, it is not and will not be in the nearest year. All other sites that offer to decrypt files are lying or are colluding with extortionists. 

Why I say this is because I know.
I have been monitoring the malicious activity of this STOP Ransomware for the fourth year now. I know where they are from, who is helping them and where part of the ransom goes. They are well covered and Interpol will not receive a command from above and does not authorize an arrest.

 
Link to comment
Share on other sites

Well, I thought if victim of online encription gives Emsisoft the key they paid for, maybe you guys can use that specific key for specific extension to make also offline encription decryptable.

Edited by Kokiem
Missclicked
Link to comment
Share on other sites

Yea i know that. I thought if someone shares their online key, you might be able to find out how encryption is working, so you can use that knowledge to break offline encryption too. Its silly i know, Im just grasping at straw here.

Link to comment
Share on other sites

@Kokiem,

We know precisely how the encryption works with this family of ransomware.  The encryption algorithm used for this family of ransomware has been implemented correctly.  Which means that encryption keys cannot be reverse engineered and the encryption cannot be broken using the methods and technology available today.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...