Hello Cimok
I am Karsten and will gladly help you with any malware-related problems.
Please familiarize yourself with the following
ground rules before you start.
- Read my instructions thoroughly, carry out each step in the given order.
- Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
- If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
- Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
- Back up important files before we start.
- Note: On weekends I might be slow to reply
-------------------------------------------------------------------
The file extension
.pcqq has been used by
STOP/DJVU ransomware. STOP/DJVU ransomware variants after August 2019 are only decryptable if an
offline key was used. For variants with an
online key you cannot decrypt files.
Your options
without a backup:
1) Recovery: In rare cases ransomware fails to delete shadow volume copies or fails to delete the original files properly. You can try to
recover files via shadow volume copies and file recovery software.
2) Repair: Certain file types, mainly video and audio files, can possibly be repaired with tools like
MediaRepair. But these files will loose some data.
3) Wait: Backup encrypted files and a ransom note and wait in case a solution comes up later. Maybe law enforcement gets hands on the keys or the criminals publish the keys as it happened with, e.g., GandCrab. I suggest reading the news on this. Emsisoft will update their decrypter if that happens.
4) Pay: There is the option of paying the criminals, but we highly recommend against this step. You will just fund later attacks. You may also pay without getting your files back. These are criminals and as such not trustworthy.
Please let me know if you need assistance for any of the steps 1) or 2)
