Jump to content

GT500

Emsisoft Employee
  • Content Count

    13803
  • Joined

  • Days Won

    433

Posts posted by GT500

  1. 18 hours ago, haseeb said:

    No key for New Variant online ID: MFID21pdIZfPwiZPOIExF7HaBw9oBjcmFxl8QkTX
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  2. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  3. 17 hours ago, suneez said:

    No key for New Variant online ID: ifjewXDKlTUmnZds9S6cDTsQgzG7yGHPovKJPjXZ
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  4. You may want to have your friend check out our Malware Removal section (there are instructions on what info to supply and how to do so):
    https://support.emsisoft.com/forum/6-help-my-pc-is-infected/

    We also do malware removal via e-mail. Your friend can send us an e-mail at support@emsisoft.com to ask for assistance. Note that it might be a good idea to supply FRST logs when contacting us this way, as that may help expedite the process. Instructions can be found at the following link:
    https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/

  5. "Emsisoft Anti-Malware Home" is the name Emsisoft Anti-Malware uses for newer licenses for home users. "Guard" usually refers to "a2guard.exe" which is the application which draws Emsisoft Anti-Malware's System Tray icon and notifications.

    If you right-click on the shortcut and select "Properties", what application is the target for the shortcut?

  6. 4 hours ago, Hiroshi9 said:

    My pc got infected with same virus but it is an offline variant. I will wait for emisoft to come up with a decryptor. It will be very helpful if emisoft admins send email when they get the RSA key to igal

    We already have a decrypter. We just need a victim who has the offline ID and has paid the ransom to donate the private key so that we can add it to our database. I recommend running the decrypter once every week or two so that you can see when we've had a chance to add the private key for this variant's offline ID.

    There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  7. 13 hours ago, Moeez Ahmad said:

    No key for New Variant online ID: 7IgDCumry5g8wP7WvphE26FJFME7i0L7DoGGZq5H
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  8. On 12/28/2020 at 12:10 AM, Kamrul said:

    This has happened on 25th of December. decrypt_STOPDjvu is unable to decrypt the files. I'm attaching some samples for your kind consideration. please, hep me. I have some very important docs to decrypt.

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  9. 8 hours ago, nir uzan said:

    No key for New Variant online ID: IITSW5NVNbeadYK7lwdKohlK07h9urISX7jZiR02
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

     

    8 hours ago, nir uzan said:

    Are the files infected?

    No. Ransomware encrypts files, it doesn't infect them.

     

    8 hours ago, nir uzan said:

    Is there a situation where the hard drive is also infected and dangerous to use anymore?

    Malware that is capable of infecting hardware is extremely rare, and is usually only used in targeted attacks due to the difficulty in implementing such an attack (doing it on a wide scale would be almost impossible).

    There may still be malicious files saved on the hard drive, however the drive itself is not infected, and an Anti-Virus scanner will more than likely be able to remove most (if not all) of the malware.

  10. 21 hours ago, mukul chaudhari said:

    No key for New Variant online ID: 7r0lVDdZguoWEP6GIeidSu42tSHxNOtSzq7DB7tQ
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  11. If the old computer is still going to be used, then you'll need to uninstall Emsisoft Anti-Malware first (make sure it removes logs and settings). If the old computer isn't going to be used, then it doesn't matter and you can skip to the next step.

    Once you're ready to install Emsisoft Anti-Malware on the new computer, you'll need to log in to MyEmsisoft at my.emsisoft.com. It looks like your license key is in a workspace, so you'll want to select your workspace from the list (if it doesn't show your workspaces right away when you log in then select Workspaces from the list on the left). Once you're looking at the overview for your workspace (where it tells you "Unresolved issues", "Detected threats", "Quarantined objects", Managed devices", etc) you'll want to click on the Install protection button on the right side of the page. From there, simply click the Download button, and when you install Emsisoft Anti-Malware it will automatically connect it to your workspace and activate your license key.

    Note: If you already have Emsisoft Anti-Malware installed, then running the installer downloaded from your workspace's overview will connect Emsisoft Anti-Malware to your workspace without re-installing it.

  12. 1 hour ago, thiruppathi said:

    No key for New Variant online ID: W333lU9pdMRNecoq5x4Zcf3IFY7s5iMdNps80cov
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  13. 12 hours ago, ParhaM said:

    John McAfee keeps telling that AV is useless and dead nowadays

    People have been saying that for decades, and they've always been wrong.

     

    12 hours ago, ParhaM said:

    I don't know if Emsisoft Team which is not that big i don't think if the threat hunters of Emsisoft be like even 10 people since the company is at max maybe 40? analyzed the mentioned url themselves or someone reported it to them sooner( how soon i mean the url was an hour old ) or they just check the urls with Netcraft database with their extension? but yea this i'd like to share with you guys maybe i can see other opinions on it as well 🤔

    It was almost certainly analyzed by someone on our team. I don't think we supplement with Netcraft's database on VirusTotal, or for our Surf Protection in EAM.

     

    As for the main issue, we've noticed that some Anti-Virus software companies do have a bad habit of making mistakes with reports. It's possible that the larger companies, since they handle a larger volume of reports, hire less experienced people to handle those reports rather than having the more experienced analysts handle them.

    We don't have a large team of people, and everyone on the analysis team has a good deal of experience handling malware/phishing/etc. This means that reports are always reviewed by someone who is less likely to misclassify things.

    Keep in mind of course that I am just speculating as to why some companies have this issue, and that I could simply be mistaken. I've never actually worked for a large Anti-Virus software company.

    • Like 1
  14. 5 hours ago, Erfan rahbari said:

    No key for New Variant online ID: cFs4jfsAB2rhYDGIOZYKjNoZTDb6OgRypR2lmtZZ
    Notice: this ID appears to be an online ID, decryption is impossible

    This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  15. 10 hours ago, Ordulu said:

    Bilgisayarıma fidye virüs bulaştı tüm dosyalarım haline geldi. Yardımcı olur musunuz lütfen

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

     

    Google tarafından sağlanan çeviri:
    Bu, STOP / Djvu'nun daha yeni bir çeşididir. Çevrimdışı bir kimliğiniz varsa, bu varyant için şifre çözme anahtarını bulup veritabanımıza ekledikten sonra dosyalarınızı kurtarabilmeniz gerekir. Ancak, çevrimiçi bir kimliğiniz varsa (ki bu daha olasıdır), dosyalarınızı kurtarmanız mümkün olmayacaktır. Aşağıdaki bağlantıda daha fazla bilgi var:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  16. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

  17. 16 hours ago, zens said:

    Your personal ID:
    xxxxx.xxxxxx.xxxxxx.xxxxxxxx

    This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link:
    https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

×
×
  • Create New...