GT500

Emsisoft Employee
  • Content Count

    9951
  • Joined

  • Days Won

    288

GT500 last won the day on August 2

GT500 had the most liked content!

Community Reputation

572 Excellent

10 Followers

About GT500

  • Rank
    Emsisoft Support
  • Birthday 10/22/1984

Contact Methods

  • Website URL
    https://helpdesk.emsisoft.com/

Profile Information

  • Gender
    Male
  • Location
    Indiana, USA
  • Interests
    Computers, security, amino acids, fructose malabsorption, liberty, firearms, John Calvin, etc.

Recent Profile Visitors

47614 profile views
  1. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  2. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  3. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  4. I've confirmed the behavior you've reported, and forwarded the info to QA along with debug logs.
  5. I didn't have any trouble executing EmsisoftAntiMalwareSetup.exe on Win 10 1903 (x64) from the command prompt with the parameters you used. It installed without any trouble. The two most obvious possibilities right now are either the installer can't write to the TEMP folder, or it isn't executing with administrator rights.
  6. We digitally sign our software using SHA-256 certificates (it is no longer possible to obtain SHA-1 certificates), and Windows 7 didn't originally have support for the SHA-2 family of hashing algorithms (which includes SHA-256). You need to make sure that Windows is up to date. Please see the following link for more information about updates that include SHA-2 support: https://support.microsoft.com/en-us/help/4474419/sha-2-code-signing-support-update
  7. At this time there's no way to know for certain. It could be a matter of days, or a matter of months.
  8. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.
  9. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.
  10. Normally it's possible, as the EPP driver that comes with EEK doesn't usually continue running after you close the scanner, however there are instances where it doesn't seem to stop and unregister like it's supposed to. If you find a way to reproduce this issue, then please let us know. If we could get debug logs then it would help our developers figure out why it happens.
  11. Which installer are you using? One of the MSI packages, EmsisoftAntiMalwareWebSetup.exe, or EmsisoftAntiMalwareSetup.exe? We maintain a list of installers at the following link if you want more information about them: https://help.emsisoft.com/en/1597/download-installation/
  12. Are they all Windows 7 systems? This could be due to a missing Windows Update (KB4474419). Try installing it on one of the effected systems, and let me know if that resolves the issue. Note that some people with dual-boot setups have issues installing this update. There's a Microsoft Community discussion about it at the following link: https://answers.microsoft.com/en-us/windows/forum/all/kb4474419-will-not-install/658900bc-3103-4a0e-a9ed-08c5c2d31e76
  13. I haven't heard anything new about it. I recommend keeping an eye on BleepingComputer's news, as they will usually report when new ransomware decrypters are available: https://www.bleepingcomputer.com/ They also have an RSS feed available: https://www.bleepingcomputer.com/feed/ When we publish decrypters we usually announce it on our blog: https://blog.emsisoft.com/ We also have an RSS feed: https://blog.emsisoft.com/feed/
  14. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.
  15. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.