GT500

Emsisoft Employee
  • Content Count

    10681
  • Joined

  • Days Won

    297

Everything posted by GT500

  1. Do you have any other pictures taken by the same camera?
  2. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  3. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. Did Windows Defender allow you to report the issue to Microsoft? Public keys don't matter. They're useless for anything other than encrypting data.
  5. It's not possible. Newer variants like .peet use a form of AES encryption that requires a private key for decryption. The private key doesn't leave the command and control servers until a victim pays the ransom, and since the servers generate new keys for every ID and online ID's are unique for each computer you can't use another victim's private keys to decrypt your files. Since AES encryption is secure, there's nothing that can be done without obtaining the private keys from the criminals.
  6. No. newer variants like .lokf use a form of AES encryption that requires a private key for decryption. The private key doesn't leave the command and control servers until a victim pays the ransom, and since the servers generate new keys for every ID and online ID's are unique for each computer you can't use another victim's private keys to decrypt your files. Since AES encryption is secure, there's nothing that can be done without obtaining the private keys from the criminals.
  7. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you will be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Перевод предоставлен Google. Это более новый вариант STOP / Djvu. Если у вас есть автономный идентификатор, то, как только мы сможем найти ключ дешифрования для этого варианта и добавить его в нашу базу данных, вы сможете восстановить ваши файлы. Однако, если у вас есть сетевой идентификатор (что более вероятно), то восстановить ваши файлы будет невозможно. Больше информации по следующей ссылке: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  8. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. That error just means there's no key for your ID in our database. This is because you have an online ID. Fortunately this is an older variant of STOP/Djvu, and you should be able to recover your files by supplying file pairs via the submission form to help the decrypter "learn" how to decrypt your files. There's more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  10. Theoretically it should be, however it may take a long time. There are a number of different ransomwares that have come and gone and yet the criminals behind them still haven't been caught.
  11. I wouldn't expect a reinstall to have any effect. I noticed that your whitelist.txt has a UTF-8 character encoding, however I tested in a virtual machine and only had Notepad so my whitelist.txt had an ANSI character encoding. Try converting/saving your whitelist.txt file into ANSI, and let me know if that helps.
  12. Would you mind sending us debug logs? Here's how to get them: Open Emsisoft Anti-Malware. Click on the little gear icon on the left side of the Emsisoft Anti-Malware window (roughly in the middle). Click Advanced in the menu at the top. Scroll to the bottom of the Advanced section, and change the option for Debug logging to Enabled for 1 day. After that, close the Emsisoft Anti-Malware window. Reproduce the issue you are having (try copying/syncing your PST file). Once you have reproduced the issue, open Emsisoft Anti-Malware again. Click on the little icon in the lower-left (right above the question mark) that looks like little chat bubbles. Click on the button that says Send an email. Select the logs on the right that show today's dates (if you try to send too many logs, then we may not receive them). Fill in the e-mail contact form with your name, your e-mail address, and a description of what the logs are for (if possible please leave a link to the topic on the forums that the logs are related to in your message). If you have any screenshots or another file that you need to send with the logs, then you can click the Attach file button at the bottom (only one file can be attached at a time). Click on Send now at the bottom once you are ready to send the logs. Important: Please be sure to turn debug logging back off after sending us the logs. There are some negative effects to having debug logging turned on, such as reduced performance and wasting hard drive space, and it is not recommended to leave debug logging turned on for a long period of time unless it is necessary to collect debug logs.
  13. EAM can't monitor what's happening within the web browser (Surf Protection works by monitoring network traffic for DNS requests). For that you need extensions, such as Emsisoft Browser Security and uBlock Origin. Also note that neither of these monitor for potentially unwanted JavaScript functions (most security extensions don't), so many people prefer to use an extension such as NoScript to prevent scripts from loading on unknown websites (I would believe it can also manage which scripts are allowed to load).
  14. Yes, that's because it's an online ID. The files won't be decryptable.
  15. Try using a different file pair.
  16. If law enforcement is able to catch the criminals and release their database of private keys, then we'll be able to add them to our decryption service and most people will be able to decrypt their files. As for infections on your computer, feel free to give Emsisoft Emergency Kit a try (free for home/non-commercial use). https://www.emsisoft.com/en/home/emergencykit/
  17. That error happens when there is no decryption key found in our database for a file's ID. Most of the time it simply means they have an online ID, however with a number of newer variants we still don't have the decryption keys for offline ID's and thus the error can be seen in those cases as well. That's a fairly abnormal error message, and could happen due to a number of issues. Something could be blocking the decrypter from connecting to our servers, something could be preventing DNS resolution for the address of the database the decrypter connects to, or there could just be general Internet stability issues causing problems with connecting to our servers. Are you able to visit the following link in a web browser on the effected computer? https://decrypter.emsisoft.com/
  18. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  19. Your ID is an online ID, however without knowing whether your files were encrypted by an older variant or a newer variant of STOP/Djvu I can't tell you if your files will be decryptable. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  20. Your ID is an online ID, however without knowing whether your files were encrypted by an older variant or a newer variant of STOP/Djvu I can't tell you if your files will be decryptable. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  22. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  23. If law enforcement is able to catch the criminals and release their database of private keys, then we can add them to our decryption service so that most people can recover their files.