GT500

Emsisoft Employee
  • Content Count

    13290
  • Joined

  • Days Won

    412

Everything posted by GT500

  1. Who did you talk to? I'm not seeing any support tickets in our system for the e-mail address associated with your forum account. If you used a different e-mail address when contacting us about this issue, please send me a private message with the e-mail address so that I can look up the ticket history in our system.
  2. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  3. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. It's probably due to Windows Defender's state being changed. If Windows Defender's protection turns on even momentarily, then the Windows Security Center may attempt to turn off Emsisoft Anti-Malware's protection to keep both from monitoring at the same time.
  7. It's no longer supposed to. My instructions were not intended to change this, but merely reset the EEK behavior back to default since it appears to be loading the old position and size data from the config file even though it won't save new position and size data.
  8. For anyone else who reads this, if you create a workspace by mistake in MyEmsisoft then you can remove it as long as you haven't added any devices to it. To delete a workspace, simply click on the workspace in the list of workspaces, select Settings in the menu on the left, and there's a Delete workspace link at the bottom of the settings page. Workspaces are part of Emsisoft Cloud Console, which allows you to manage Emsisoft Anti-Malware installations on all connected computers (home computers, workstations, servers, etc) from our web interface at my.emsisoft.com. There's a user guide with information on how to use Emsisoft Cloud Console at the following link: https://help.emsisoft.com/en/2323/emsisoft-cloud-console-user-guide/
  9. It's possible that the VirusTotal scanner may not have had the latest database. As long as Emsisoft Anti-Malware is fully up-to-date, then trust what it says over what VirusTotal says. Note: The (B) on the end of the detection name means it was detected by the BitDefender scan engine, so BitDefender (and all other products that use BitDefender's scan engine) should detect the file with the same name. If they don't, then your installation of Emsisoft Anti-Malware may not have the latest database.
  10. Online Armor (a firewall software we discontinued a few years ago) had similar features. We didn't bother implementing them in any of our other products because they aren't really that effective, and most security software that includes them only does so to make it look like they are giving you extra protection. There are better and more effective systems already in place to protect against these issues on most major websites (as I said above there are server-side protections that must be implemented to provide proper man-in-the-middle attack protection). Google tarafından sağlanan çeviri: Online Armor (birkaç yıl önce bıraktığımız bir güvenlik duvarı yazılımı) benzer özelliklere sahipti. Bunları diğer ürünlerimizin hiçbirinde uygulamaya zahmet etmedik çünkü gerçekten etkili değiller ve onları içeren çoğu güvenlik yazılımı bunu yalnızca size ekstra koruma sağlıyor gibi görünmek için yapar. Çoğu büyük web sitesinde bu sorunlara karşı koruma sağlamak için halihazırda daha iyi ve daha etkili sistemler mevcuttur (yukarıda söylediğim gibi, ortadaki adam saldırı koruması sağlamak için uygulanması gereken sunucu tarafı korumaları vardır).
  11. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  12. We don't have access to the database of private keys operated by the criminals, so we have no way to obtain private keys from them.
  13. If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/
  14. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  15. If I'm not mistaken I think it's a Windows Security Center issue. Updates to Windows Defender should have no effect on Emsisoft Anti-Malware.
  16. If it's not related to this topic, then that would be best. Everyone who's following this topic gets an e-mail notification when someone adds a new post.
  17. It's more than likely legitimate. Once a Microsoft Store app is installed, Windows doesn't allow third-party applications to edit it, so the app would have had to contained malicious code when it was installed. Since it's normal for apps to use cryptographic API's, seeing files with the word "crypto" in their name isn't entirely uncommon.
  18. You can send any e-mails to [email protected] and be sure to leave a link to your forum topic in the e-mail so we know it's you.
  19. Private keys for offline ID's are donated by victims who have paid the ransom. There's no way to predict when someone may do this.
  20. You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. With online ID's there is unfortunately nothing that anyone can do without the private key for your ID, and only the criminals who made/distributed the ransomware have access to those.