What is SD 1.1 Ransomware?
SD 1.1, alternative name is NewSource Ransomware, it’s a cryptovirus encrypting user data of various formats using a combination of 2 algorithms AES-128 & RSA-2048. As a rule, these can be MS office documents, audio files, video files, multimedia, archives and much more. SD 1.1 changes the file extension using the simple/(compound) extension .enc/.[Unlock11@protonmail.com].enc. Needless to say, files become unsuitable for further use. This is due to the fact that users rarely use paid anti-virus software or other utilities that are able to prevent the penetration of such threats. SD 1.1 creates several variants of notes with the same names containing the requirements of attackers:
HOW TO RECOVER YOUR FILES INSTRUCTION
ATENTION!!!
We are realy sorry to inform you that ALL YOUR FILES WERE ENCRYPTED
by our automatic software. It became possible because of bad server security.
ATENTION!!!
Please don’t worry, we can help you to RESTORE your server to original
state and decrypt all your files quickly and safely!
INFORMATION!!!
Files are not broken!!!
Files were encrypted with AES-128+RSA-2048 crypto algorithms.
There is no way to decrypt your files without unique decryption key and special software. Your unique decryption key is securely stored on our server.
* Please note that all the attempts to recover your files by yourself or using third party tools will result only in irrevocable loss of your data!
* Please note that you can recover files only with your unique decryption key, which stored on our server.
HOW TO RECOVER FILES???
Please write us to the e-mail (write on English or use professional translator):
Unlock11@protonmail.com
We recommed you to attach 3 encrypted files to your message. We will demonstrate that we can recover your files.
* Please note that files must not contain any valuable information and their total size must be less than 5Mb.
OUR ADVICE!!!
Please be sure that we will find common languge. We will restore all the data and give you recommedations how to configure the protection of your server.
Unlock11@protonmail.com”””
All your files have been encrypted!
Many of your documents, photos, videos, databases, and other files are no longer available because they have been encrypted.
Maybe you are busy looking for a way to recover your files, but do not waste your time, nobody can recover your files without our decryption service
+++++++++++++++++++
Can I Recover My Files?
Sure We guarantee that you can safely recover all your files
and easily,But first buy the recovery key
+++++++++++++++++++
How can I trust?
For your trust, we will decrypt a file for free.
+++++++++++++++++++
Do you want to decrypt your files?
Send email for me if you want to call with me => Unlock11@protonmail.com
None of the notes contain an exact indication of the amount of the ransom, it is only known that the ransom must be made in bitcoins and its size can reach several hundred dollars. Why Bitcoin? The thing is that cryptocurrency transactions cannot be traced, therefore fraudsters try to hide their actions. The user is prompted to send 3 files for free decryption, however, in reality, there are no guarantees that your files will be decrypted after the ransom payment. You need to read our recommendations to delete SD 1.1 Ransomware and decrypt your files. Guides are listed below.
Update: Use following service to identify the version and type of ransomware you were attacked by: ID Ransomware. If you want to decrypt your files, please follow our instruction below or, if you have any difficulties, please contact us: submit@securitystronghold.com. We really can help to decrypt your files.
How to remove SD 1.1 from your computer?
You may try to use anti-malware tool to remove SD 1.1 ransomware from your computer. Newly advanced ransomware detection technology is able to run an instant ransomware scan, which is perfect to protect your computer in case of a new ransomware attack.
SpyHunter provides an opportunity to remove 1 detected malware for free during trial period. The full version of the program costs $39,99 (you get 6 months of subscription). By clicking the button you agree to EULA and Privacy Policy. Downloading will start automatically.
SpyHunter provides an opportunity to remove 1 detected malware for free during trial period. The full version of the program costs $39,99 (you get 6 months of subscription). By clicking the button you agree to How to decrypt .SD 1.1 files?
Once you’ve removed the virus, you are probably thinking of recovering files from encryption. Let’s take a look at possible ways of decrypting your data.
Recover data with Data Recovery
- Download and install Data Recovery
- Select drives and folders with your files, then click Scan.
- Choose all the files in a folder, then press on Restore button.
- Manage export location.
Restore data with automated decryption tools
Unfortunately, due to the novelty of SD 1.1 ransomware, there are no available automatic decryptors for this encryptor yet. Still, there is no need to invest in the malicious scheme by paying a ransom. You are able to recover files manually.
You can try to use one of these methods in order to restore your encrypted data manually.
Restore data with Windows Previous Versions
This feature is working on Windows Vista (not Home version), Windows 7 and later versions. Windows saves copies of files and folders which you can use to restore data on your computer. In order to restore data from Windows Backup, take following steps:
- Open My Computer and search for the folders you want to restore;
- Right-click on the folder and choose Restore previous versions option;
- The option will show you the list of all the previous copies of the folder;
- Select restore date and the option you need: Open, Copy and Restore.
Restore the system with System Restore
You can always try to use System Restore in order to roll back your system to its condition before infection infiltration. All the Windows versions include this option.
- Type restore in the Search tool;
- Click on the result;
- Choose restore point before the infection infiltration;
- Follow the on-screen instructions.
Written by Rami D