Jump to content

GT500

Emsisoft Employee
  • Content Count

    13828
  • Joined

  • Days Won

    434

Everything posted by GT500

  1. The PDF wasn't what I thought it was. My mistake.
  2. It might be possible to use software intended for recovering MP3 files, as the ransomware only encrypts a small portion of the beginning of the files. Larger files that are in formats that are tolerant of missing data can actually be recovered, and some music and video formats fall into that category.
  3. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. You can turn off the various effects that Silent Mode has, however you can't actually prevent Emsisoft Anti-Malware from enabling Silent Mode. If you disable all of the things that Silent Mode does, then it just does nothing when it turns on automatically.
  7. Yes, as long as Emsisoft Anti-Malware and Emsisoft Browser Security are working, then your computer should be protected. Virtual keyboards often work by simulating keyboard input, and it may be possible for keyloggers to read what you type on them like with a real keyboard. Emsisoft Anti-Malware's Behavior Blocker will automatically quarantine anything trying to log keystrokes.
  8. Unfortunately no progress was ever made in the analysis. Our analysts stopped working on it some time ago, so for now we'll have to say this one isn't decryptable.
  9. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  10. I don't think STOP/Djvu will usually double-encrypt files, however it's still technically possible because the ransomware is known to be buggy and sometimes it just does weird and unexplainable things. It's best to get it off of the system and then avoid any pirated software, movies, music, etc. after that to help prevent it from happening again.
  11. It looks like this extension is being used by both GlobeImposter 2.0 and MedusaLocker, both of which are not decryptable. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingco
  12. Is your processor (aka. "CPU") overheating? You can try one of the following utilities to check it (be careful of the ads on the download pages): Core Temp HWMonitor HWiNFO Modern processors can often handle running up to 90°C to 100°C depending on the model and manufacturer, however some older processors may have trouble at lower temperatures than that. Note: Processor temperatures are rarely measured in anything other than Celsius, even in the United States (which still predominantly uses Fahrenheit).
  13. That's understandable. There's a lot of confusing marketing out there. We wrote an article when we discontinued our Internet Security software, which further explains why we believe the Windows Firewall is a good enough firewall these days: https://blog.emsisoft.com/en/28637/emsisoft-windows-firewall-protection/
  14. What did the ransomware add to the end of the names of your files?
  15. I haven't specifically been told if there's been any progress, however I will ask our malware analysts.
  16. There is no issue with decrypting the file. It's probably something preventing the decrypter from accessing the file, and since we removed all I/O errors from the output (people didn't understand what they meant) the decrypter just isn't displaying an error that it is unable to access the file. Try adding the decrypter to the exclusions in your Anti-Virus software.
  17. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  18. The decrypter will tell you the ID for each encrypted file: https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu
  19. We discontinued our Internet Security product that contained a firewall a few years ago. A firewall doesn't keep your banking safe. Sometimes third-party firewall software has gimmicky features that make it sound like it does, but they don't really provide good protection against the biggest threats to online banking.
  20. I'll ask the developer who wrote the decrypter if he can find anything wrong with the file.
×
×
  • Create New...