Jump to content

.jhdd new variant

Recommended Posts


File: C:\Users\tesb_support\Desktop\New folder (3)\03.jpg.jhdd
Error: No key for New Variant offline ID: Xe4NOamOTHZrARTiL9dfVzAylFrEWLGGbr2dngt1
Notice: this ID appears be an offline ID, decryption MAY be possible in the future


Link to comment
Share on other sites

Hello @tenzi hao

Welcome to the Emsisoft Support Forums.

I understand it is frustrating, but currently, we cannot decrypt files with an Offline-ID that we do not have the Private Encryption Key in our Database.

Currently, we cannot decrypt files that we do not have the Private Encryption Key in our Database.

There's the possibility that law enforcement may be able to catch the criminals and release their database of private keys, meaning that you could try again using the tool in a few weeks in case something changed.

We do not recommend paying the ransom unless there is absolutely no other choice. 22% of those who paid a ransom never got access to their data. 9% said they got hit with additional ransom demands after paying. We’re talking about criminals, after all.

Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future.

Please review our Protection Guides at your leisure, they contain several tips on protecting your computer and data. https://blog.emsisoft.com/en/category/protection-guides/

We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/

If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/

Please consider subscribing to a reliable anti-malware application to avoid similar issues in the future.

You can get our full version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/pricing/

I know it’s a big loss for you. We are glad to offer this service for free and help as much as we can, but there is not always an immediate resolution for all the cases.

Link to comment
Share on other sites




If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant.
Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process.

More info >>

It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. 
If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.

Link to comment
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...