Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation since 01/27/21 in Posts

  1. Update seemed to go ok. Regexes: which engine?
    1 point
  2. As far as I know these updates will only show up as optional. Most normal computer users will just rely on Windows installing updates automatically and will rarely check the Windows Update settings page. Right now I have an optional preview of KB4601382 for example. I can install that manually, but Windows won't do it automatically until the next patch Tuesday. It's good to realize that preview updates (which you can get a little earlier than normal updates) and preview builds (which you can get when you're part of the Windows Insiders program) are really different things. It's norm
    1 point
  3. Lots of ways of finding the key.. Magic Jelly Bean is just one of them.
    1 point
  4. PCRE Please note that: 1. RegEx only is supported by Emsisoft Browser Security and not by Web Protection. 2. We soon will publish a new version of Browser Security to the browser stores, which fixes some issues and supports Block/Don't Block rules (managed in EAM and Workspace) and RegEx.
    1 point
  5. The STOP/Djvu ransomware does download and run the Azorult password-stealing trojan. We do recommend you change your passwords.
    1 point
  6. Correct. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/
    1 point
  7. New versions are not released to add support for new variants of the STOP/Djvu ransomware. Doing so isn't necessary, as keys are store in an online database. Also note that we don't have a system for notifying victims about ransomware decrypters, and since there have been many thousands of victims of this specific ransomware it would be impossible to do so by hand. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's n
    1 point
  8. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
    1 point
  9. No new versions have been released because it isn't necessary to do so. Nothing about how the ransomware encrypts files has changed since it was last updated. The decrypter, despite its age, supports all known versions of STOP/Djvu (even ones that first appeared within the past week). Were you having trouble running the decrypter? Did it give you any error messages?
    1 point
  10. No. Your files aren't infected, they're encrypted. Just make sure the ransomware itself have been removed from your computer first, because it will continue to encrypt files if it's still running. Emsisoft Emergency Kit can detect and remove it. https://www.emsisoft.com/en/home/emergencykit/ You can save them wherever you want. My only recommendation is to keep them saved on a device that you don't keep connected to your computer, and it's not a bad idea to have two or more backup copies just in case anything happens to one of them. Probably not. Most ransomw
    1 point
  11. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
    1 point
  12. Bem vindo @Déco
    1 point
  13. You need to post here: https://support.emsisoft.com/forum/6-help-my-pc-is-infected/ There's instructions at the top of that forum about the information you need to provide. Good luck!
    1 point
  14. We need a copy of the ransomware (the malicious program that encrypted your files) for analysis. Let's try getting a log from FRST, and see if it's still on your computer. You can find instructions for downloading and running FRST at the following link: https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/
    1 point
  15. It's a file related to debugging, and isn't distributed with the extension. Its absence doesn't impact functionality in any way.
    1 point
  16. It looks like it may be a missing file, or perhaps a file that was removed but is still referenced in another file. I'll ask QA about it.
    1 point
  17. Please don't post malicious links on our forums. If you would like for us to analyze a file, or a malicious URL (aka. link), then run it through VirusTotal and post the link to the analysis here for us to review. We can download files from VirusTotal, so anything you upload there we have access to.
    1 point
  18. Because the decrypter already supports it. The reason it can't decrypt files encrypted by this newer variant is due to the fact that we don't have the private key for it's offline ID. We have to wait for a victim with an offline ID who paid the ransom to donate their private key to us.
    1 point
  19. We’ve just released Emsisoft Anti-Malware 2021.2.0.10670 beta. You will have to enable beta updates to get this version. Fixed: Rare Workspace disconnect issue.
    1 point
  20. We’ve just released Emsisoft Anti-Malware 2021.2.0.10664 beta. You will have to enable beta updates to get this version. Several minor tweaks and fixes.
    1 point
  21. Our extension only officially supports Google Chrome, Microsoft Edge (both new and old versions), and Mozilla Firefox. That being said, the extension does work in other Chromium based browsers (such as Vivaldi), and thus it should work fine in Opera as well.
    1 point
  22. It only comes in to play if a running process actually does something the Behavior Blocker monitors for. If a program isn't doing anything that appears malicious, then there's no need to verify whether or not it's safe, and doing it any other way would be a huge performance drain on your system.
    0 points
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...