GT500

Emsisoft Employee
  • Content Count

    10681
  • Joined

  • Days Won

    297

Everything posted by GT500

  1. The last I've heard, the flaw that allowed for decryption of files had been fixed in Nemty Revenge.
  2. I recommend making a backup of any encrypted files. There's always the chance that decryption may be possible at some point in the future.
  3. That's an offline ID, however I would believe this variant is only a few days old. It might take some time for us to get the private key for this offline ID. I recommend trying the decrypter once every week or two to see if the key has been added.
  4. That's an offline ID, however I would believe this variant is only a few days old. It might take some time for us to get the private key for this offline ID. I recommend trying the decrypter once every week or two to see if the key has been added.
  5. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. This is more than likely a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. Out of curiosity, did disabling protection in Emsisoft Anti-Malware have any effect on the issue?
  8. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  10. Even with a supercomputer it would take thousands of years to brute force the private key. AES encryption is extremely strong, and when implemented properly is impervious to most forms of attacks.
  11. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  12. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  13. My recommendation is to try the decrypter once every week or two to see if the key has been added to our database.
  14. At the moment there's no way to decrypt files when they have an online ID. I recommend making a backup of any encrypted files in case it's possible to decrypt them in the future.
  15. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  16. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  17. No, I recommend you make a backup of all encrypted files in case it's possible to decrypt them some day.
  18. The only solution is to try to use file pairs from your friend's computer, specifically other images of the same format, however being JPEG images there's a weird complication where they normally would need to have been saved from the same source (the same camera, the same editing software, etc) in order for that to work. If there's any way to get around that complication, then I'll let you know, however please note that any answers will be slowed down a bit right now due to holidays.
  19. Yes, Windows does hide file extensions by default, so unless you disable that in folder options then you wouldn't have even known. I'm glad you were able to figure it out.
  20. We've received your logs. Our current thinking is maybe it would help to add an exclusion for the PST file, however this will keep the scanner from detecting malicious attachments in the PST file when you run a Custom Scan and enable the option to scan inside archives. Note that this will not prevent the real-time protection from detecting threats in opened attachments, especially if the mail client implements either IOfficeAntiVirus or AMSI (since these are Microsoft technologies most of their stuff implements one of these). If you use our cloud console (accessible through my.emsisoft.com) then I recommend adding the exclusions from there. Otherwise I recommend adding them via the settings in Emsisoft Anti-Mawlare. You will only need to exclude this file from scanning.
  21. Well, unless your friend's computer is still infected, then I don't think you'll be able to get a working file pair. Reinfecting the computer probably wouldn't work, as the command and control server address changes periodically, so it wouldn't be able to connect to the command and control server and wouldn't use the same ID and key that it did before.
  22. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  23. Forget that, I just realized it would only work if you did it on the same computer that the files were originally encrypted on. Did your friend have any files from your camera on their computer that were encrypted?
  24. You would need for the same variant of STOP/Djvu that encrypted your SD card to also encrypt a file you have an original copy of, and then you could use it as a file pair. Unfortunately I don't have a copy of this variant of STOP/Djvu, so I probably won't be able to do it for you. I'll ask our malware analysts in case they happen to have kept one, however that variant is almost a year old so the odds are fairly low that we still have it around.