GT500

Emsisoft Employee
  • Content Count

    12603
  • Joined

  • Days Won

    380

Everything posted by GT500

  1. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  2. That might work if their driver stops filtering traffic or stops running on Windows startup when web protection is turned off. You'll have to confirm that with their support though, as I don't know any technical details about their software. Only if you continue to have crashes.
  3. OK. I know we made a number of performance improvements in 2020.7, so I just want to see if they have any effect on the issue you're having before we get more debug info.
  4. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/ There's more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. That's a screenshot from ID Ransomware. This is the decrypter: https://www.emsisoft.com/ransomware-decryption-tools/stop-djvu There's more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  8. Google tarafından sağlanan çeviri: Bu STOP / Djvu'nun daha yeni bir çeşididir. Çevrimdışı bir kimliğiniz varsa, bu varyantın şifre çözme anahtarını bulup veritabanımıza eklediğimizde, dosyalarınızı kurtarabilmeniz gerekir. Ancak, çevrimiçi kimliğiniz varsa (bu daha olasıdır), dosyalarınızı kurtarmak mümkün olmayacaktır. Aşağıdaki bağlantıda daha fazla bilgi var: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  10. There is currently a known BSoD caused by Malwarebytes' Web Protection driver when Emsisoft Anti-Malware (EAM) is installed. Their QA team has been made aware of it, however there is no ETA on a fix (at least not that I have been made aware of). For now, please try the following, and that should allow EAM and Malwarebytes to run on the same computer until this issue is resolved: Right-click on the little Emsisoft icon in the lower-right corner of the screen (to the left of the clock). Go to Protection status. Select Disable Web Protection. Note that after doing this you will need to restart the computer. On Windows 8.1 and Windows 10 you will need to restart by right-clicking on the Start button, going to Shut down or sign out, and selecting Restart from this menu to bypass Fast Startup.
  11. This is a newer variant of STOP/Djvu. We do have the private key for .npsk's offline ID, so as long as all of your files have this ID then they should be decryptable. There is more information at the following link, including a link to the decrypter download page: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  12. This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  13. That's what it looks like, however we recommend waiting for Dr. Web to complete their analysis just in case there was something we overlooked.
  14. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  15. In regards to reinstalling Windows, we haven't found anything that would suggest you shouldn't do it, however it would be best to wait for Dr. Web to finish their analysis as well just in case they find a reason why reinstalling Windows would be bad.
  16. Our malware analysts say this ransomware appears to be secure, and files will most likely not be decryptable.
  17. The Online/offline ID thing only applies to the STOP/Djvu ransomware, as it uses pre-programmed credentials to encrypt files when it can't connect to its command and control servers so that the criminals can try to maximize their illicit income from victims paying the ransom.
  18. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  19. Newer variants of STOP/Djvu use RSA keys, which are not susceptible to attacks. File pairs would be useless. No. We don't even know for certain if it will ever be possible. Just in case it is ever possible, our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/
  20. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. Formatting your drives won't prevent future infections, however you may feel free to do so if you would like to. Traducción proporcionada por Google: Formatear sus unidades no evitará futuras infecciones, sin embargo, puede hacerlo si lo desea.
  22. These are newer variants of STOP/Djvu. If you have offline ID's, then once we can find the decryption keys for these variants and add them to our database you should be able to recover your files. However, if you have online ID's (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Traducción proporcionada por Google: Estas son nuevas variantes de STOP / Djvu. Si tiene ID sin conexión, una vez que podamos encontrar las claves de descifrado para estas variantes y agregarlas a nuestra base de datos, podrá recuperar sus archivos. Sin embargo, si tiene una identificación en línea (que es más probable), entonces no será posible recuperar sus archivos. Hay más información en el siguiente enlace: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  23. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/