GT500

Emsisoft Employee
  • Content Count

    12270
  • Joined

  • Days Won

    364

GT500 last won the day on June 4

GT500 had the most liked content!

Community Reputation

737 Excellent

About GT500

  • Rank
    Emsisoft Support
  • Birthday 10/22/1984

Contact Methods

  • Website URL
    https://helpdesk.emsisoft.com/

Profile Information

  • Gender
    Male
  • Location
    Indiana, USA
  • Interests
    Computers, security, amino acids, fructose malabsorption, liberty, firearms, John Calvin, etc.

Recent Profile Visitors

51363 profile views
  1. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  2. No. We can't decrypt any files that have been encrypted by newer variants of STOP/Djvu like .koti unless we have the private key for the encrypted files. For offline ID's we usually get those private keys eventually, however we have to wait for someone to pay the ransom and donate the decrypter the criminals sent them to us so we can extract the private key from it.
  3. The .covm variant of the STOP/Djvu ransomware uses RSA keys, which are not susceptible to this kind of attack.
  4. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. Download and run a scan with Emsisoft Emergency Kit, then quarantine anything it finds: https://www.emsisoft.com/en/home/emergencykit/
  6. From what I'm reading, it should make the system more secure. That being said, Microsoft isn't known for making bug-free features.
  7. Were the results of your test any different?
  8. "Cloud scanning" is not effective for detecting all types of threats, and at least for now traditional Anti-Virus signatures are still required for proper protection.
  9. Right now notifications are displayedin the order they are generated. The only instance I am aware of where one notification can supersede another is when notification being superseded is no longer relevant, and as far as I am aware the only notifications that become irrelevant while they are being displayed like that are the Anti-Malware Network lookup notifications.
  10. Try the following, and let me know if it helps: Open Emsisoft Anti-Malware (EAM). Go to Settings. Click on Advanced in the menu at the top. Disable the option for Windows Security Center integration. Close EAM. Right-click on the Windows Start button, go to Shut down or sign out, and select Restart from this menu to bypass Fast Startup. Turn the Windows Security Center integration option in EAM back on. Right-click on the Windows Start button, go to Shut down or sign out, and select Restart from this menu again.
  11. I'm not aware of any harm that can come to the system by toggling core isolation off and back on. Correct, it doesn't happen on my system either, so it's more than likely something specific to this laptop that's triggering this.
  12. I've just been told that due to a bug in CommService, your logs didn't contain any data about the CPU usage issue. Would it be possibly to do the following? Enable debug logging. Restart your computer (assuming Windows 10 please do this by right-clicking on the Start button, going to Shut down or sign out, and selecting Restart from this menu). Wait for the CPU usage issue to get bad again, and send us the logs manually like you did before.
  13. Just run the decrypter. It will tell you your ID, whether it is online or offline, and whether or not your files can be decrypted.
  14. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  15. If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/