Söylediğim notu da ekledin değil mi?
Söylediğiniz her şeyi rar içine koyup kendisine yolladım.
Dosyalarımı çözen program buldum. Talimatlar şunlar:
Rar dosyalarının içinde örnek resimler mevcut.
t1 ile biten dosyaları çözebiliyor.
************************
decryption instructions for the .kvag files crypted by the offline key ***************************
if your files are crypted with the offline key (personnal ID ending by t1) they can now be decrypted.
To confirm if you have some files with personnal ID ending by t1 you can use
STOPDecrypter v2.2.0.0 from Michael to scan all your infected data.
If this decryptor is not working for some of your files or all your files that means they are not crypted with the offline key.
Thanks to RndmUsr for sharing this usefull info.
To get the decryptor click here :
decrypter_2.zip
The decryptor is safe as shown here :
virustotal report.
1. Backup all your encrypted files to an external drive before start decrypting.
2. download decrypter_2.exe
3. Start decrypter_2.exe
4. ENTER FIELDS: (enter all fields without empty space)
Private key:
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCT7/iU8i1IJPzZ
ACQS2Yl8s9/mberZDpRZu/7YmgSr+opyFtRtGOcBqbJeQyBbjUT6+MsJT6pCBwVR
68Rpgtu3X2xffTCJe0JPqitcIIgwdlNgJJsq++VYh1RqXqMGPZM657Doj9pfIvXY
BfWNb5KW3VyTM4G42j4T6B+lKxp5HVLqv2qYj7IVEiRfRVIVa7B7+dj5oE2BDU+4
qOzJFEjOUPwOIg3qZR1p6YeSk/dghgVYw8St4c7A4+uxfPGXkoHz3CwRY0DYCIAT
q5km6XSSdcIz6O44phXUDKIZ/81E3sv7j9Su6BbgS88YskA0TYXV33/P4ZsINI8B
5Q2fPhhjAgMBAAECggEAYp16AJf7dXcqkeEVKveWPemOHIYzIiQk4jh+ppbs/FOU
DH+JdXw/KY2cmFd4726ZiA9nETrozQDvG+/lS0xu+KsEjBbgzxS6XG6cXtpUzrFh
3NoqEZo/BSeZLxsM43ESfxbJiA20zOx6I1m9mV3Bww2m031nQPlCnnSC+9Bi4k6V
aOLIlvSznPJ+m1vgRR7PMz2Oj4YhfV/esDjp3f2bFQFz2Mxr4IOw5husSnQKIgjj
PGXbwIM64daGCT1G1E8VhEVHLsW6IeEsdO0fwwNj6YAoFyqky8p+YxzSgFY+NoB/
Bj/8UGVUkrblp/otGP2sU1t4lJm5GUmIKwFmLanakQKBgQDFC8Pee1JwYs/a7B+T
fplDUHOPKxHlM+xvi482T/n1+1QETH0ACzG4tn4NrNph5TV9w6R2MRkavonHXfok
XeT25d/qQNloCviBUpgourEk3m3Vb/O9TcWHlgP3eQzNM0nzmgGs97KYmrFL28cO
XGi+30F33SMjjmOFHhb9zaq5WQKBgQDAMtwPOXJs/Dc24Xfj6SETYQVNVYLFB9zZ
Hs+AvpebaCFewnsrdW7E20l5kYdHhYc32fsk/FX4c7h4CqpEeFyFE1MuAImDb9GI
aGIplP31j8IK4J60nY31s1jfblhL65f3KJjqmdLlMz9puY8fwMEfuPqDB0fz4XlR
0otXHANsGwKBgBFsZ+ZtWy3K3vxJssUVBbJZE87ODSgKPlbirUgtLDoe/h/fL5Jo
av4dTOoipbDQVrmHKiy1TLX7sS0q1yqODufyDammEFNN3Ql6Zy/6yh0reeTMoG3V
yaiikDk6v/IJHfnnXUyRHn619wVxKpnPfAecsCpMKIZFWfF0Zq4MmJMJAoGBAKCz
pdZA9VD1DgGgQgtZaSN38uP3hLDT4y/TmDKQqdjyFzzRJgVvWh/VLrksGk2N80Ka
y2fgaM2ljG8qk7VOYiWOw/Tp1BEHFM6WYMVd435IJjnMGEbymbj/rWacL83C/jxV
QI6f8Xtc/z+aPHaTR6cLlsKp+tqLA1KL1aAPNzlTAoGBAJBuE3+bUANOxkLpr1+v
7bk+Z61dNHmkvrjcA3g68/Xb/ZVEbbQYhNxJla+QVpaE/stGudT/3QXRx3faiZtQ
0EcMJBUQXuuUBKI+nKoL+/OXUJTjfXpMwVs7GrDQ5DEw09XZ9q6js1uarhwGId0d
qYnUx7uCbHFfG2gDOn2jS19P
-----END PRIVATE KEY-----
Personal ID:
9AGuZTsAcD5zyqTnBa8w6fa8SRmIGYbvxMuTLIt1
File name:
_readme.txt
5. Select the button Decrypt file to make a test with one file before selecting Decrypt Folder or Start.
It will decrypt all your
STOP .kvag data crypted with the offline key.
Many victims have files crypted by both an online key and the offline key.
Page 49 of 89 - ID Ransomware - Identify What Ransomware Encrypted Your Files - posted in Ransomware Help & Tech Support: My laptop is in the storage location D, all contents cannot be opened because behind the file extension contained (. meds) Unidentified ID...
www.bleepingcomputer.com
Bana bu sekilde cevap yazdi. İlk sayfayi oku diyor kendin bak diyor ama anlamiyorum ilk sayfada. Rahatsiz ediyorum ozur dilerim. Son olarak su anda ne yapmam lazim. Dediginiz sekilde burada dosyalarida paylastim. .cetori virusu var ilk sayfada ama ne yapmam gerek bir turlu cozemedim isi
Kişisel
İlgin icin tesekkur ederim. 3 yasinda oglumun bebeklik resimleri videolari var. Baska hicbirsey onemli degil giden gitsin. Yedek alip bekliyorum o zaman. Belki buyuyunce merak edip kendi cozer artik
tekrar tesekkurler
Kişisel kimliğin T1 ile bitiyorsa son yazdığım cevaba bak tüm dosyalarımı bugün kurtardım. Talimatları yapamazsan konu altına mesaj at yardımcı olurum.
