All Activity

This stream auto-updates     

  1. Today
  2. You need to upload files of different formats to the new decryption service, but you need to do this separately for each file type (PNG, JPG, DOC, PDF, RTF, TXT... ) If you found the largest original PDF, then need find its encrypted version. This must be uploaded to the service so that the decryptor finds a way to decrypt this file. After that, you should try to decrypt all other PDF files. Similarly, you need to do with other types of files. This way you can decrypt almost all files, but it will take a lot of time for all operations.
  3. Please follow the steps here and attach the requested logs so that one of our experts can help you. https://support.emsisoft.com/announcement/2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/
  4. Hi, My Windows file: C:\Program Files (x86)\Windows Media Player\wmpshare.exe Gen:[email protected] (B) C:\Windows\SysWOW64\bthudtask.exe Gen:Variant.Strictor.58214 (B) C:\Windows\SysWOW64\Dism\DismHost.exe Gen:[email protected] (B) C:\Windows\SysWOW64\iexpress.exe Gen:[email protected] (B) C:\Windows\SysWOW64\odbcad32.exe Gen:[email protected] (B) How to clean up this file ??
  5. Scan type: Custom Scan Objects: Rootkits, Memory, Traces, C:\, E:\ Detect PUPs: On Scan archives: On Scan mail archives: On ADS Scan: On File extension filter: Off Direct disk access: Off
  6. Just wondering what type of scan it was Jeremy.. a malware scan?
  7. Win8.1 64 bit, EAM 2019.9.0.9753 Clicked Pause in scan GUI, which did change to show Resume, but scan continued. Probably complicating things, a signatures update happened around the same time. There was definitely communication happening between the scanning service and the GUI. because the display of a just-scanned filename continued to change. Debug logs sent to @GT500
  8. Thank you so much! I just checked it. But unfortunately I was not able to automatically decrypt my files. I have to pair first. I tried on some pdf files and glady it works!! But the my problem right now is that. I have to make all my files be processed. And some of my files are really big. So I will have a hard time uploading it. My question will does all of my files needs to be learnt? And what if I have bigger files? I've read that you guys can help if the files are so big. Thank you for the big help!
  9. That's more than likely STOP/Djvu, and we have a new decryption service to aid with recovering files (as Amigo-A already pointed out). There is more information and instructions on using the service at the following link: https://www.bleepingcomputer.com/news/security/stop-ransomware-decryptor-released-for-148-variants/
  10. This new decrypter is capable of decrypting files that were not encrypted using an offline key, however it requires a little help. You need to have a few original (unencrypted) files and encrypted copies of the same files (called "file pairs") in order to upload to our decrypter page so that it can learn how to decrypt some of your files. Note that this doesn't work for all files, for instance if you upload a file pair for a PNG image, then the decrypter will be able to decrypt any other PNG pictures on your computer that were encrypted at the same time, however it won't be able to decrypt anything else, so you'll need file pairs for each type of file you need to decrypt. The BleepingComputer article has more detailed information and instructions on how to use the decrypter. https://www.bleepingcomputer.com/news/security/stop-ransomware-decryptor-released-for-148-variants/
  11. @GT500 and @Amigo-A, thank you for the insights. I'll report back as soon as I do as instructed.
  12. Yesterday
  13. Didi This file is in the Downloads and in the Recycle Bin - C:\$Recycle.Bin\***. You need to remove it physically and empty the Trash (Recycle Bin).
  14. If you suspect that your files are being encrypted again, then a malicious file might remain on your PC, which update the encryptor and encrypt the files again.
  15. This decryptor is made to replace the previous one. The developer is the same, Demonslay335 (Michael Gillespy), but now a digitally signed Emsisoft decryptor is used. Therefore, now decryptor bears a name starting with the name of the vendor — Emsisoft. Newer variants and versions of STOP-Djvu Ransomware are not supported in this version of the decryptor.
  16. you are amazing thank you very much this really helps me to decrypt some files . but i just wondered about the other files which are still being encrypted if is there will be any another solution soon? as i think it's not offline key that encrypt my files
  17. No is never was a free decryptors for all variants of the Matrix Ransomware. But there is an original decryptor from extortionists. I received it from the victims who paid the ransom. I sent it to VT and external specialists. But original decryptor will not help decrypt files without the unique keys that only ransomware has. See at the original decryptor and key-files.
  18. Dear All friends I am in trouble, my all data has been encrypted by (.masodas) could you please help me any one? Zubair
  19. I've confirmed that there is currently no decrypter for the Matrix ransomware.
  20. This appears to be the latest variant of STOP/Djvu. In most cases this will not be decryptable. I recommend reading the information at the following link: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-tro-djvu-rumba-openmetxt-support-topic/?p=4682102
  21. Remove KMS and any pirated software, then run the DSIM /CheckHealth and DSIM /ScanHealth commands and the SFC SCANNOW command, make sure the computer is restarted if any repairs were made, and then if the firewall still isn't running try the Microsoft firewall repairs again. Note: KMS is known to install malware on computers, and it is rather common for victims of the STOP/Djvu ransomware to have been compromised shortly after installing KMS.
  22. That ransom note has an online ID in it, meaning that the ransomware was able to connect to its command and control servers and get a random encryption key. This means that decryption will not be possible.
  23. In most cases, with that variant of STOP/Djvu, it's not going to be possible. If you're lucky enough that the ransomware couldn't contact its command and control servers then there's a possibility, however there are no guarantees.
  24. Check this, and give me solution please _readme.txt
  25. I don't recall hearing of a decrypter for this one, however I will try to verify that.
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up