Jump to content

GT500

Emsisoft Employee
  • Content Count

    13795
  • Joined

  • Days Won

    432

Posts posted by GT500

  1. 21 hours ago, Eijar said:

    Why when im uploading the picture it says "error -200" i tried a bunch of times...It always says that....btw im uploading at my phone

    Errors when uploading are usually due to ad blockers, however most phones don't have ad blockers (unless you use Firefox Mobile of course which supports some extensions like uBlock Origin).

     

    21 hours ago, Eijar said:

    Yes it works when I put the windows 10 to " safe mode " but...My huge problem is that i cant use wifi only lan so.....The decryptor says " online check failed " something like that... 

    That's because everything in Safe Mode automatically runs as administrator.

    BTW: Normal Safe Mode doesn't allow networking at all (so no Internet), however if you use Safe Mode With Networking then most Internet connections will work. Some wireless devices may not work even in Safe Mode With Networking though.

    Note that you may be able to solve the issue by making sure your Windows User Account Control settings are set to default. There are instructions at the following link (be careful of the ads):
    https://www.tenforums.com/tutorials/3577-change-user-account-control-uac-settings-windows-10-a.html

    Also note that this issue could be due to an infection on the system, or changes made by an infection. You may want to run a scan on the computer with Emsisoft Emergency Kit (Anti-Virus scanner that's free for personal/home use) and quarantine anything it finds:
    https://www.emsisoft.com/en/home/emergencykit/

  2. 15 hours ago, maki said:

    EEK doesn't have any logs, so there is no information about the scanned item!

    Scan logs don't contain debug information.

     

    10 hours ago, maki said:

    I am asking for a quick diagnosis of the problem /

    Did adding exclusions to your Anti-Virus software help?

    If not, then we're going to need debug logs and scan engine debug logs (they're two different kinds of logs saved in two different places). While debug logs can be enabled in the EEK settings, scan engine debug logs must be enabled via a registry entry, so it would be best to just use a batch file to enable both. You can download it at the following link, and the instructions for using it are below:
    https://www.gt500.org/emsisoft/Debug_Log_Batch.zip

    1. Once you've downloaded and opened that file, double-click on Emsisoft_Debug_Tool to run the batch file.
    2. Make sure to click "Yes" when Windows asks if you want to allow the Windows Command Processor to make changes to your computer. Administrator rights are required in order to create and delete the registry entries for debug logging.
    3. Once the batch file is ready, you will see a menu like in the screenshot below (the shade of blue may be brighter on Windows 10).
    4. Enter the number 1 for general debug logs and then press Enter on your keyboard.
    5. Press any key (spacebar, Enter, etc) to return to the menu.
    6. Enter the number 3 for Scan Engine logs and press Enter again.
    7. Press Enter twice to close the tool, or click the X button.

    Once both forms of logging are enabled, run your scan in EEK again. Once you're confident the scan is "stuck", you can close EEK and collect the logs. They are located in the following paths:

    • E:\EEK\bin64\ScanEngineDebug.log
    • C:\ProgramData\Emsisoft\Logs\a2emergencykit_....log (assuming Windows is installed on the C:\ drive)

    Here's the screenshot showing what the batch file's menu is supposed to look like:

    debug_log_batch_file_64-bit.png

  3. Let's try getting a log from FRST, and I can use the information in the log to write a script that will remove the service. You can find instructions for downloading and running FRST at the following link:
    https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/

    Note: When FRST checks the Windows Firewall settings, Emsisoft Anti-Malware's Behavior Blocker will quarantine it automatically. This can be avoided by clicking "Wait, I think this is safe" in the notification that is displayed while FRST is scanning.

  4. 7 hours ago, HAWKI said:

    UPDATE -- NVM - It took a while but auto-renewal was cancelled.

    I'm glad to hear that the subscription was canceled in time. Do you need any help updating your payment information in our system? I can have someone from our Sales Team contact you to give you a hand.

  5. 14 hours ago, andrewek said:

    However, these changes will obviously be implemented in the stable version in December?...

    More than likely, but we'd like to know if it helps before we release the stable version.

     

    13 hours ago, JeremyNicoll said:

    Trying a Beta is a bit like being a participant in a drug trial. 

    Except the risk factor when trying one of our betas is significantly less than with trying experimental drugs. ;)

    • Like 1
  6. 17 hours ago, JeremyNicoll said:

    @GT500 - the modern trend with software is to provide no manuals, or only the most basic user guides - I don't know why any software vendor thinks that's a good idea.

    Our manual is available online, that way anyone can view it from any Internet-connected device, even before they install our software:
    https://help.emsisoft.com/

     

    17 hours ago, JeremyNicoll said:

    The long-established idea of: buy software, get licence code, enter it somewhere in the software .. is simple and common to many applications.

    It's also one of the more problematic ways to handle licenses. I expected it to be replaced with logins a long time ago, as other Anti-Virus software companies had gone that route over a decade earlier (ESET is a good example). Workspaces are just a way of simplifying that, allowing you to download in 3 clicks an installer that is already tied to your account, and which will automatically activate after installation. No need to find/remember and enter a license key, and a far lower likelihood of your license information being stolen (stealing accounts is more difficult than stealing license keys, even without 2-Factor Authentication).

  7. 10 hours ago, Amigo-A said:

    The 'STOP Ransomware' variant with the .lisp extension has a version number of 267. 

    Perhaps their files were encrypted by multiple variants of the STOP/Djvu ransomware?

     

    16 hours ago, Masamune said:

    Your personal ID:
    0261ergaLjBgxZ1g0lIwZ9XiX0bgUlo4MW5WWkzTJ5ohlAVH

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  8. 16 hours ago, DaC said:

    is there any way to recover .kasp files

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  9. On 11/26/2020 at 4:12 PM, alperyel said:

    When will the .lezp ransomware solution arrive? Please all my photos are gone. I've been waiting for 7 months. Offline key.

    We're waiting for a victim who have the offline ID for .lezp to pay the ransom and donate their private key to us so that we can add it to our database. Unfortunately there's no way to know when that might happen.

    Google tarafından sağlanan çeviri:
    .Lezp'in çevrimdışı kimliğine sahip bir kurbanın fidyeyi ödemesini ve özel anahtarını veritabanımıza ekleyebilmemiz için bize bağışlamasını bekliyoruz. Ne yazık ki bunun ne zaman olacağını bilmenin bir yolu yok.

  10. On 11/26/2020 at 3:01 AM, Eijar said:

    btw i already tried running the decryptor with admin or not but it didnt work

    the image below shows everytime i run it....... Im on windows 10

    That could indicate that the decrypter has been modified or corrupted in some way. Below is a screenshot of what you should see when you run the decrypter:

    image.png

     

    BTW: It isn't possible to take a screenshot of a User Account Control (UAC) popup. If you were able to take a screenshot of it, then it may not be a legitimate popup from the UAC.

  11. If a scan hangs or freezes, then it is most commonly due either to filesystem issues, or another program interfering with the Emergency Kit Scanner.

    If you have any Anti-Virus software (or other security software) installed, then try adding the EEK folder to the exclusions to see if that resolves the issue.

  12. 1 minute ago, digmor crusher said:

    Let me ask you, what is easier, entering a license key or messing around in the console for 30 minutes trying to figure it out?

    You don't need to mess around in the console. You can just install EAM, and when the license activation dialog appears you log in with your MyEmsisoft credentials and select your workspace.

  13. Has anyone having these issues had a chance to try the current beta? We have made some changes to how Windows Security Center integration works.

    https://blog.emsisoft.com/en/37266/emsisoft-anti-malware-2020-12-beta/

    Here's how to install the beta:

    1. Open Emsisoft Anti-Malware.
    2. Click on the little gear icon on the left side of the Emsisoft Anti-Malware window (roughly in the middle).
    3. Click on Updates in the menu at the top.
    4. On the left, in the Updates section, look for Update feed.
    5. Click on the box to the right of where it says Update feed, and select Beta from the list.
    6. Right-click on the little Emsisoft icon in the lower-right corner of the screen (to the left of the clock).
    7. Select Update now from the list.

     

    • Like 1
  14. On 11/26/2020 at 3:25 PM, digmor crusher said:

    My suggestion " buy the license, install the software, enter the key and away you go." Why do home users need a work space, I guess for users with multiple licenses or corporate but for the rest of us its way overboard.

    We're trying to move away from license keys entirely. It's a step a lot of companies took a long time ago, because there are a number of problems with license keys (they're easier to lose than an account, it's easier to guess/steal someone else's key than it is someone else's account, etc).

  15. On 11/26/2020 at 10:33 AM, digmor crusher said:

    New license shows under Workspaces, does not show under Personal Licenses.

    I've verified that new license keys are added as workspaces automatically. You should have received an e-mail explaining this. Please let us know if you didn't, or if there was anything specific about the e-mail that didn't make sense.

    The workspace that your new license is assigned to is named "******************".

     

    On 11/26/2020 at 10:33 AM, digmor crusher said:

    Still cannot register new license.

    This is because it is already associated with your account.

     

    On 11/26/2020 at 1:38 PM, digmor crusher said:

    Yup, agree 100%, it should be easy enough for anyone to figure out. This may affect whether I choose to renew in a year.

    We're moving away from using license keys, and in order to activate EAM customers will need to log in using their MyEmsisoft account and select the workspace that contains the license they want to use with that device. Our Sales Team is going to discuss ways of simplifying things and better explaining them in the e-mail customers receive after purchase, that way customers have an easier time using and managing their licenses. If anyone has any suggestions for ways that workspaces could be easier to use, then please let us know.

  16. 22 hours ago, My system said:

    You Can Download the file from the below link and the rar zipped password will share later or through email.

    What e-mail address did you send it to?

    We can download from VirusTotal, and it's a safe way to share malicious files with Anti-Virus software companies. If you're going to use file sharing networks where anyone can download the files, then send the download links in a private message rather than posting them publicly.

×
×
  • Create New...