LebGeeks

A community for technology geeks in Lebanon.

You are not logged in.

Pages: 1

#1 September 10 2019

naimelhajj
Member

STOP djvu ransomware?

Hi everyone,
My pc got infected with ransomware STOP djvu.
Now all my files have .meds extension.
Is there a way to retrieve the files without having to pay?

Offline

#2 September 10 2019

duke-of-bytes
Member

Re: STOP djvu ransomware?

i can try several decryptors .. can you send me a small encrypted file .. maximum around 5 MB ?

Offline

#3 September 10 2019

Kazouza
Member

Re: STOP djvu ransomware?

Any idea how you got infected?

Offline

#4 September 10 2019

naimelhajj
Member

Re: STOP djvu ransomware?

duke-of-bytes wrote:

i can try several decryptors .. can you send me a small encrypted file .. maximum around 5 MB ?

Sure! Where can I send it?

I was an infected by a zip file I downloaded.

Offline

#5 September 10 2019

duke-of-bytes
Member

Re: STOP djvu ransomware?

naimelhajj wrote:
duke-of-bytes wrote:

i can try several decryptors .. can you send me a small encrypted file .. maximum around 5 MB ?

Sure! Where can I send it?

I was an infected by a zip file I downloaded.

post it to google drive and send me the link by pm

Offline

#6 September 11 2019

naimelhajj
Member

Re: STOP djvu ransomware?

Turns out this particular version of STOP djvu cannot be decrypted. I was able to restore to a previous version of windows to save data on my pc, but the infected files on my external drives still have the .meds extension.

Is there a way to restore previous versions of these files to a point before the infection?

Offline

#7 September 11 2019

potato
Member

Re: STOP djvu ransomware?

you can use this website to test it out if its possible to decrypt no need to share the files with anyone

https://id-ransomware.malwarehunterteam.com/

I'm interested to know from which website you downloaded the zip file

Offline

#8 September 11 2019

naimelhajj
Member

Re: STOP djvu ransomware?

potato wrote:

you can use this website to test it out if its possible to decrypt no need to share the files with anyone

https://id-ransomware.malwarehunterteam.com/

I'm interested to know from which website you downloaded the zip file

Yea just check it again, it's impossible to decrypt.

The file I downloaded was for a site called mazterize dot com. It was a software for a 3D printer.

Offline

#9 September 11 2019

Kazouza
Member

Re: STOP djvu ransomware?

naimelhajj wrote:

Is there a way to restore previous versions of these files to a point before the infection?

I don't think you can do that unless you had it enabled in the settings.

Best thing you can do is wait until this version can be decrypted.

Offline

#10 September 11 2019

NoReGreT
Member

Re: STOP djvu ransomware?

Maybe this will help, https://www.bleepingcomputer.com/forums … try4682102

Offline

Pages: 1

Board footer