Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Ransomware


  • Please log in to reply

#1
MikeBack

MikeBack

    Member

  • Member
  • PipPip
  • 57 posts

Good Day All

 

My computer has been infected with Ransomware.

Can anyone on this forum assist in restoring  the files.

 

Thanks

 

Mike Back


  • 0

Advertisements


#2
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 324 posts

If you don't have a set of backups to restore from, then it will depend very much on the type of Ransomware you have been infected with.

 

The following webpage will help you to assess which it is .... https://id-ransomwar...hunterteam.com/

 

Follow the directions on the page, and let me know the results. If it is a version that has a decryptor available, I'll try to advise you further, if not I'll refer you to where you can get more expert help than I can provide.


  • 0

#3
MikeBack

MikeBack

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi

This is the reply that I got from the link given:
 This ransomware may be decryptable under certain circumstances.

Please refer to the appropriate guide for more information.

Identified by
•ransomnote_email: [email protected]
•sample_extension: .bboo
•sample_bytes: [0xE5528 - 0xE554E] 0x7B33364136393842392D443637432D344530372D424538322D3045433542313442344446357D


Click here for more information about STOP (Djvu)
On the info page there is a decoder from Emisoft that says it is a free download. Is it safe to download and run.

I do not have an uninfected backup. At the time of the infection my external backup was connected and I was in the process of backing up files, so it is infected as well.
Thanks
Mike
  • 0

#4
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 324 posts

The decryptor for some versions of Stop Ransomware can be found at ... https://www.emsisoft...tools/stop-djvu... and is safe to use.  Instructions for how to use the decryptor can be found at ... https://www.emsisoft...to_stopdjvu.pdf

 

However, there are a great many varieties of Stop Ransomware and some of the more modern ones cannot be decrypted using Emsisoft's tool.

 

If yours turns out to be one of those, then you need to read the following post at Bleeping Computer ... https://www.bleeping...c/#entry4442422.... and seek assistance by posting in the topic that goes with that post.

 

The experts at Bleeping Computer include the person responsible for writing Emsisoft's tool, and they are your best chance of recovering your files.  They certainly know a great deal more about the subject than I do.

 

Whatever you do ... do not attempt to remove your Ransomware infection until you have recovered your files, or been instructed to by BC's experts ... removing the infection will also usually remove the decryptor keys that any decryptor tool needs to decrypt the encrypted files, so if that goes, then decryption usually is not possible.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP