cdcc ransomware

Status
Not open for further replies.
L

litepeps

New Member
Thread author
Jan 28, 2024
1
please can anyone help me?
when im trying to recovery my files with emsisoft decryptor for STOP djvu
(this ID appears to be an online ID, decryption is impossible) this is the notice.
is any chance to recovery my files?
i install new windows but my D and E disk is already virused cant open single files. please someone help me if there is any worker or app to help me for my files recovery. thank you

eh2.PNG.eh1.PNG
 
icotonev

icotonev

Super Moderator
Verified
Staff Member
Mar 9, 2017
536
Hello ..! Welcome to MalwareTips..! :)
My name is icotonev and I'm here to help you remove malware ..!

Unfortunately, your files are encrypted with a new variant of STOP/DJVU ransomware. Аre only decryptable if an offline key was used. For variants with an online key you cannot decrypt files.


www.bleepingcomputer.com

STOP Ransomware (.STOP .Djvu, .Puma, .Promo) Support Topic - Page 804 - Ransomware Help & Tech Support

Page 804 of 813 - STOP Ransomware (.STOP .Djvu, .Puma, .Promo) Support Topic - posted in Ransomware Help & Tech Support: Hi quietman7, Hm. A suggestion from my side would be to get a least rid of the hyperlinks. But... sorry for even speaking up in this case. I only wondered why my 2 abuse...
www.bleepingcomputer.com www.bleepingcomputer.com

malwaretips.com

CDCC Ransomware Virus: How It Works & What To Do If Infected

This guide details CDCC's attack methods, encryption process, ransom demands, and how to detect infection plus remove the virus completely.
malwaretips.com malwaretips.com

Your options:

1) Recovery: Your only solution would be to restore the files from a good backup if you have one. In rare cases ransomware fails to delete shadow volume copies or fails to delete the original files properly. You can try to recover files via shadow volume copies and file recovery software.
2) Repair: Certain file types, mainly video and audio files, can possibly be repaired with tools like MediaRepair. But these files will loose some data.
3) Wait: Backup encrypted files and a ransom note and wait in case a solution comes up later. Maybe law enforcement gets hands on the keys or the criminals publish the keys as it happened with, e.g., GandCrab. I suggest reading the news on this. Emsisoft will update their decrypter if that happens.
4) Pay: There is the option of paying the criminals, but we highly recommend against this step. You will just fund later attacks. You may also pay without getting your files back. These are criminals and as such not trustworthy.
Click to expand...

I highly recommend you follow this thread:

www.bleepingcomputer.com

STOP Ransomware (.STOP .Djvu, .Puma, .Promo) Support Topic - Ransomware Help & Tech Support

Page 1 of 813 - STOP Ransomware (.STOP .Djvu, .Puma, .Promo) Support Topic - posted in Ransomware Help & Tech Support: According to information previously posted on the Emsisoft Forum, they no longer have any method to decrypt STOP (DJVU) Ransomware unless the encryption occurred before the 29th...
www.bleepingcomputer.com www.bleepingcomputer.com

Navigate to this topic.

www.bleepingcomputer.com

ID Ransomware - Identify What Ransomware Encrypted Your Files - Ransomware Help & Tech Support

Page 1 of 101 - ID Ransomware - Identify What Ransomware Encrypted Your Files - posted in Ransomware Help & Tech Support: ID Ransomware ID Ransomware is a website I have created where a victim can identify what ransomware encrypted their files. All too often after a ransomware attack, the...
www.bleepingcomputer.com www.bleepingcomputer.com

Submit a sample of the compromised files for their review.They will reply and let you know what you are dealing with...!


Next ....:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.
If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

In your next reply, please include:
  • FRST.txt
  • Addition.txt
 
Last edited:
icotonev

icotonev

Super Moderator
Verified
Staff Member
Mar 9, 2017
536
Due to lack of activity, this topic is now closed.
If you still need help, open a new topic, and wait for a new helper.
 
Status
Not open for further replies.

Similar threads

crispeekreme
  • Locked
Waiting for reply A variant of DJVU (.nood) says online forum, please help.
Replies
1
Views
520
Windows Malware Removal Help & Support
nasdaq
nasdaq
S
IServ
Replies
0
Views
152
Inactive Support Threads
Surfrex
S
K
  • Locked
cant get rid of myhoroscopepro
Replies
2
Views
504
Inactive Support Threads
icotonev
icotonev

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top