This is one nasty Trojan malware!

Read This.

Yeah..true..hope someday i can afford it hehe

Why i cant find it? Write free word already..just full version and need to register user to activate trial

Yeap..all about money..scam people for money..world now today..now recovery using easus data wizard..its that wondershare repairit better? Virus remove already..but still i want format it after recovery my hdd to cloud...now recovery all data..hdd 2tb..but recovery found 3.5tb haha..

This post has been edited by shuyina: May 17 2022, 08:33 PM

what do u meant i linked the website ald. both just need to register free acc to use with email

Yeah..i search not found the free link version..just page to download normal or pro version with subsribe to activate...will download kaspersky n bitdefender for my pc...its there have for android version also?

antivirus just use one. else they will fight against each other.
android free version
https://www.kaspersky.com/android-security-free
https://www.bitdefender.com/solutions/antiv...or-android.html

Ok..i used bitdefender for hp and laptop..thanks for advice

Your BitDefender did not manage to block the ransomware before it spread? Ransomware won't simply attack your computer if you didn't do anything hanky pranky.

How ransomware spread and attack their victim?
1. Download and install illegal/pirated software/games
2. Browsing to video streaming websites (porn or non-porn)
3. Visiting to porn or illegal online gambling websites
4. Malicious email attachment or links thru email
5. Someone purposely inject the malware onto USB storage and share it to you
6. Someone on the same network got infected by the ransomware and it spread across network thru share folder

Basically, DJVU ransomware is not that new anymore and those file which encrypted by ransomware cannot be recover. Just forget it unless those data encrypted worth over 6 digits. There are many case that corporate paid to the ransomware creator but it didn't manage to decrypt back all files 100%.

This post has been edited by JonathanHanYT: May 18 2022, 09:06 AM

Honestly I dont really use those software that shows up first in results like easeus, wondershare, etc...

because they just want to sell you their software

they generate many articles with a template like "How to fix [problem]"

the first few methods are hard and confusing, so you give up on those and download their software instead.

Not used bitdefender before..using 360 total security only

Yeah they sold app..but i manage to get some picture using easus recovery..the problem is i recover 2tb hdd..but total size recover is 4tb..haha..where can i put those 4tb file..haha..all picture can view but not sorting in folder anymore

Uninstall 360 Total Security. This China AV always secretly download and install something on your computer. My friend install it on his laptop before and after that found out got many tiny application installed and running on his laptop without his knowledge. I also installed it on my dad old laptop and it also install some plug-in and additional software onto the laptop. I working as IT in international school before, I got few student come to my office seek for help because the laptop becoming slower and I found out all of them running with this 360 Total Security. I help them remove it and clear the registry with CCleaner. After reboot, everything run smoother.

edited

This post has been edited by chocobo7779: May 19 2022, 11:41 PM

First of all, please upload the ransom note and the encrypted file here:
https://id-ransomware.malwarehunterteam.com/

This will determine the type of ransomware you've been infected with

From the thread title, you said that it is a STOP (DJVU) ransomware - this is a very common form of ransomware, spread through pirated/cracked software, especially popular software such as Windows/Office/Adobe software suites/AutoCAD:

https://www.bleepingcomputer.com/news/secur...adware-bundles/


Note that ransomware attacks can be very devastating not just due to loss of important data, in many cases ransomware can bundle additional malicious software such as infostealers (information stealers) that can steal passwords and credentials of your online accounts such as email and online banking accounts which can be used to take over or compromise your online accounts for more nefarious purposes
https://www.bleepingcomputer.com/news/secur...e-cryptominers/

You should change your passwords for all your online accounts on an uninfected machine, and enable 2 step verification (also known as 2 factor authentication, 2FA) if the online accounts supports it. Enabling 2 factor authentication can significantly improve your security of your online accounts by requiring an additional authentication method, such as codes generated from a mobile app. This will prevent cybercriminals from accessing your account even if your password has been compromised in some ways or another

You should also never try to pay the ransom, as cybercriminals are not obliged to give you the data back even if the ransom are paid (in fact this will further incentivizes the ransomware author more), see here:
https://www.bleepingcomputer.com/forums/t/4...-2#entry5109879

It is also possible that the encrypted data may not be recoverable and in this case occurs, your data should be considered permanently lost and you should restore them from a backup
Warning: you should only restore your data if your machine has been thoroughly disinfected, otherwise the ransomware can encrypt your backups


Now, you should try using ShadowExplorer and try to recover your files through Shadow Copy (a Windows feature that takes snapshots of files which can be used for file recovery). However this may not work as many ransomware often deletes the snapshots to prevent any possible restoration of data:
https://www.bleepingcomputer.com/download/shadowexplorer/

There is a forum thread dedicated to assist DJVU ransomware victims, so it might be worth asking here instead:
https://www.bleepingcomputer.com/forums/t/6...-topic/page-753



From the forum thread:
Unless the cybercriminal responsible for the ransomware has been arrested by the police with the decryption key being released to the public, there's basically nothing you can do to get your data back. Make this a hard lesson that:
1. Never download pirated software as many ransomware tends to be bundled with cracked software
2. Never visit shady websites or websites offering links to pirated content
3. Use an adblocker; while the use of adblocker is controversial as this can deprive the website owner of ad revenue, however an adblocker will be useful against malicious advertising (malvertising) and sometimes it is considered as a important security feature for modern web browsers

Even cloud storage may not help in this case due to ransomware can encrypt the cloud folder of your PC, which will be synced to your account unless your cloud storage supports some form of versioning

Not long ago, a netizen come to programming board and ask for help, though I was skeptical of his request, might he use the program as ransomware to encrypt target's data?