Jump to content

My Files are Encrypted with FUTM Ransomware. Help required


Recommended Posts

Hello @Venkatesanjayam,

 

Welcome to the Emsisoft Support Forums.

 

I understand it is frustrating, but currently, we are not aware of any ways to decrypt files with Online-ID and some recent forms of STOP(DJVU).

 

Please read this Topic. It contains information about your situation and whether or not your files can be decrypted.

https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Link to comment
Share on other sites

Hello @Venkatesanjayam

Only after neutralizing all malicious files ...

This is not the decryption, it is the recovery of certain types of files using the features of these files.

1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable.

2) There is an alternative (additional) way to recover some media files:
WAV, MP3, MP4, M4V, MOV, 3GP.

https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp

But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. 

Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file.

3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%).

Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office.

An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than to lose everything...

Link to comment
Share on other sites

On 11/18/2021 at 10:42 PM, ShadowPuterDude said:

Hello @Venkatesanjayam,

 

Welcome to the Emsisoft Support Forums.

 

I understand it is frustrating, but currently, we are not aware of any ways to decrypt files with Online-ID and some recent forms of STOP(DJVU).

 

Please read this Topic. It contains information about your situation and whether or not your files can be decrypted.

https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

Hi,

Thanks for your reply. I have planned keep the asset aside for long period and see if we get by any chance in future. 

Quick question, Will encryption self destruct if we keep for long period 

Link to comment
Share on other sites

On 11/18/2021 at 11:08 PM, Amigo-A said:

Hello @Venkatesanjayam

Only after neutralizing all malicious files ...

This is not the decryption, it is the recovery of certain types of files using the features of these files.

1) If you have encrypted ZIP/RAR archives, you can partially recover them. Only 1-2 files are damaged there. Remove the extension that the ransomware added to the archives, and extract the files in the usual way. Everything except 1-2 files will be fixed. If there is only 1 file in the archive, then it will most likely be unrecoverable.

2) There is an alternative (additional) way to recover some media files:
WAV, MP3, MP4, M4V, MOV, 3GP.

https://www.disktuna.com/media_repair-file-repair-for-stop-djvu-mp3-mp4-3gp

But before trying the alternative variant with media files, it is recommended that you make a copy of the encrypted files. Something will be restored better, something will be restored worse. 

Some types of files can be opened (restored) using the application in which they were created. To do this, you must first remove the extension added by the ransomware. Then can try to open the file from the program in which it was created. If you open audio and video files in the editor, it will restore the structure, and upon closing it will offer to save the changes in the file.

3) If you have PDFs or files of other e-books, then they may suffer in part if they were not protected from manual modification. Therefore, after removing the added extension, they can be partially read (~ 80%).

Unfortunately, it is not yet possible to recover files created in MS Office applications due to their sensitivity to any damage. They can be easily damaged without encryption. It is easier to recover and read text written on paper or on the stone than one created in MS Office.

An alternative method for other files has not yet been found. I understand that this will not be enough, but recovering some of the files is better than to lose everything...

Hi Ami, 

Thanks for the suggestion. I took a back up of affected files. Will try to install the software and see if I can recover files 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...