Jump to content

David B.

Member
  • Posts

    205
  • Joined

  • Days Won

    13

Everything posted by David B.

  1. Hello nitaaaaa, Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ For STOP related support, please read our blog post about the tool. The section marked "Community collaboration" explains how to get support in this situation. Newer STOP(Djvu) like yours is currently impossible to decrypt without the encryption keys held by the criminals. Online ID correspond to encryption keys that are unique. That means that it is currently technologically impossible to decrypt without the encryption key used to encrypt your files. Make sure you remove the malware from your system first before using this decrypter. If you don't, the malware may lock your system or encrypt your files again. Use an antivirus such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/. Emsisoft Emergency Kit is also effective, here: https://dl.emsisoft.com/EmsisoftEmergencyKit.exe Quite a lot more information about STOP(Djvu) can be found here: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ While it is very rare that it helps, you might try undelete software, or if your files are very important it may be worth talking to a company that specializes in ransomware negotiation, and will communicate in your behalf with the criminals that created the ransomware. Exercise a bit of caution when looking for a company to help, though. Generally speaking, if a company claims to be able to decrypt files that were encrypted by a type of ransomware for which no decryption tool is publicly available, that company is probably just going to pay the ransom and charge you more than you would have paid if you had dealt with the criminals directly. Better is to search for companies who specialize in ransomware negotiation. Again, if the STOP(Djvu) decrypter does not decrypt any of the encrypted files, there is nothing else we can do. We do not recommend paying the ransom unless there is absolutely no other choice.
  2. The answer really depends on the value of the encrypted data. We never recommend negotiating with the criminals, as there is no way to know whether they will honor the payment, or where the money goes. You could try undelete software such as Recuva from Piriform to see if you can get some of your data back; hopefully enough that you won't need to worry about paying the ransom. To answer your question though, it is never entirely safe dealing with criminals. Whatever you choose, good luck, and I'm sorry there's nothing we can do.
  3. Please follow the instructions here, and email the requested logs back in reply to this email: https://help.emsisoft.com/en/1711/how-to-get-help-when-malware-can-not-be-removed-automatically/ Also provide detailed symptoms to help us pinpoint the problem areas.
  4. This might help to understand why decryption is impossible and unlikely in the near future: https://www.quintessencelabs.com/blog/breaking-rsa-encryption-update-state-art/#:~:text=It would take a classical,RSA-2048 bit encryption key.
  5. This might help explain why it is currently impossible and likely to stay that way: https://www.quintessencelabs.com/blog/breaking-rsa-encryption-update-state-art/#:~:text=It would take a classical,RSA-2048 bit encryption key.
  6. Packerman, Yes, of course. We've shifted employee duties a bit, and I personally haven't been keeping up on forum posts very well yet. My fault entirely.
  7. Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Newer STOP(Djvu) is currently impossible to decrypt without the encryption keys held by the criminals. That applies to online or offline ID, but offline ID may be shared by many victims. If one pays and reports the encryption keys to us, we can add them to the decrypter so others with the same offline ID can decrypt their files. Online ID correspond to encryption keys that are unique. Make sure you remove the malware from your system first before using this decrypter. If you don't, the malware may lock your system or encrypt your files again. Use an antivirus such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ Quite a lot more information about STOP(Djvu) can be found here: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ For STOP related support, please read our blog post about the tool. The section marked "Community collaboration" explains how to get support in this situation. While it is very rare that it helps, you might try undelete software, or if your files are very important it may be worth talking to a company that specializes in ransomware negotiation, and will communicate in your behalf with the criminals that created the ransomware. Exercise a bit of caution when looking for a company to help, though. Generally speaking, if a company claims to be able to decrypt files that were encrypted by a type of ransomware for which no decryption tool is available, that company is probably just going to pay the ransom and charge you more than you would have paid if you had dealt with the criminals directly. Better is to search for companies who specialize in ransomware negotiation. Again, if the STOP(Djvu) decrypter does not decrypt any of the encrypted files, there is nothing else we can do. We do not recommend paying the ransom unless there is absolutely no other choice.
  8. Hello getachala, Unfortunately, STOP(Djvu) was updated, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Be sure to closely read the information presented by the decrypter when it is run. It will indicate online or offline ID, and new or older STOP(Djvu). Newer STOP(Djvu) is currently impossible to decrypt without the encryption keys held by the criminals. That applies to online or offline ID, but offline ID may be shared by many victims. If one pays and reports the encryption keys to us, we can add them to the decrypter so others with the same offline ID can decrypt their files. Online ID correspond to encryption keys that are unique. Make sure you remove the malware from your system first before using this decrypter. If you don't, the malware may lock your system or encrypt your files again. Use an antivirus such as Emsisoft Anti-Malware to effectively remove the malware. You can get a free trial version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/home/antimalware/ Quite a lot more information about STOP(Djvu) can be found here: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ For STOP related support, please read our blog post about the tool. The section marked "Community collaboration" explains how to get support in this situation. While it is very rare that it helps, you might try undelete software, or if your files are very important it may be worth talking to a company that specializes in ransomware negotiation, and will communicate in your behalf with the criminals that created the ransomware. Exercise a bit of caution when looking for a company to help, though. Generally speaking, if a company claims to be able to decrypt files that were encrypted by a type of ransomware for which no decryption tool is publicly available, that company is probably just going to pay the ransom and charge you more than you would have paid if you had dealt with the criminals directly. Better is to search for companies who specialize in ransomware negotiation. Again, if the STOP(Djvu) decrypter does not decrypt any of the encrypted files, there is nothing else we can do. We do not recommend paying the ransom unless there is absolutely no other choice.
  9. Hello, Hotfix 2021.5.1 went out yesterday. If you're still having trouble, please update Emsisoft Anti-Malware and try again.
  10. Hello, It seems we're able to communicate now, fortunately. All of your messages did get replied to, but seem to have never landed in your inbox. Hopefully we can get you completely squared away shortly.
  11. You're correct, with it uninstalled, the logs are gone. I don't know about the Firefox issue, but I had the same Chrome issue the other day. It's apparently happening to a lot of people, and the fix was fairly simple: Move this folder to your desktop: C:\Users\<your Windows username here>\AppData\Local\Google\Chrome\User Data Start Chrome/Edge. They should work now. Optionally, move the subfolder "default" inside the User Data folder back to its original location to preserve favorites and settings. Not necessary if you're using Chrome's sync feature however.
  12. Hello Skippy, Please email [email protected] with the following: Please send me the Emsisoft program's logs database. There are a few ways of sending it, and this is the easiest usually: Open your Emsisoft product, whether it's Emsisoft Anti-Malware or Emsisoft Emergency Kit. Click the "Support" link, which is the 'chat bubbles' icon in the lower left of the program's main screen, or the "Need assistance" link in Emsisoft Emergency Kit. Click "Send an email". Fill in the form and use the same email address you're using for this correspondence. Make sure the "Logs database" entry is checked on the right hand side of the form, then click Send. That should compress the logs database and get it to me. If you're savvy, you can also copy the following file to your desktop, compress it (zip, 7z, etc.) and attach it to a reply: C:\Program Files\Emsisoft Anti-Malware\Logs\Logs.db3
  13. Hallo anno1800, Ich benutze DeepL Translate, und meine Muttersprache ist Englisch. Bitte mailen Sie einige Informationen an [email protected]: Bitte senden Sie mir die Logs-Datenbank des Emsisoft-Programms. Es gibt ein paar Möglichkeiten, diese zu senden, und dies ist normalerweise die einfachste: Öffnen Sie Ihr Emsisoft-Produkt, egal ob es sich um Emsisoft Anti-Malware oder Emsisoft Emergency Kit handelt. Klicken Sie auf den "Support"-Link, das ist das "Chat-Bubbles"-Symbol unten links auf dem Hauptbildschirm des Programms, oder den "Brauche Hilfe"-Link im Emsisoft Emergency Kit. Klicken Sie auf "E-Mail senden". Füllen Sie das Formular aus und verwenden Sie die gleiche Email-Adresse, die Sie für diese Korrespondenz verwenden. Stellen Sie sicher, dass der Eintrag "Logs-Datenbank" auf der rechten Seite des Formulars markiert ist und klicken Sie dann auf "Senden". Das sollte die Logs-Datenbank komprimieren und mir zukommen lassen. Wenn Sie geschickt sind, können Sie auch die folgende Datei auf Ihren Desktop kopieren, sie komprimieren (zip, 7z, etc.) und an eine Antwort anhängen: C:\Programmdateien\Emsisoft Anti-Malware\Logs\Logs.db3
  14. Emsisoft Mobile Security should automatically use the language on your device. To change the language of the Bitdefender Mobile Security interface, go to your device’s Language & keyboard settings and set the device to the language you want to use. Let me know if you have trouble.
  15. Norman, The devices are listed under 'subscription', not in My Accounts. Please email [email protected] from the Google account you use to sign into central, and I'll help you find out what's going on. I think I already do, but we'll need to share some information from your account that shouldn't be posted in public.
  16. If you've already removed the old device, you should only need to follow the 6 numbered steps. Let me know how it goes, or you can also email us at [email protected] Be sure to paste this thread's web address (URL) into the email if you do that.
  17. Hello Norman, Try these instructions: Visit the online portal for Emsisoft Mobile Security and log in with the Google email address you are using for our security app: https://central.emsisoft.com/ Choose "My devices" from the menu on the left and look for the entry describing your older device, then click the three little dots in the upper right corner of the entry for the old device and choose "Remove" to remove it from your account. On your newer mobile device you should only need to install Emsisoft Mobile Security from the Google Play Store and make sure to log in with your Google email address at the first start of the app. Then, on the new device: Open Emsisoft Mobile Security. Tap the pyramid of three dots in the bottom right corner. Tap your device's Google account name at the top of the menu. Tap logout. Wait 10 seconds. Tap login.
  18. Hello Packerman, You can set up notifications in Emsisoft Cloud Console at the bottom of the settings section for your workspace, with several options. If you haven't already seen it, we do have an Emsisoft Cloud Console user guide.
  19. Yes, you can delete the workspace from the bottom of the settings section of the workspace. It should automatically put the license back in your personal licenses section. The license key is also shown in the settings section. Auto-renewal is standard policy that activates at time of every purchase, but that can be turned off using the horizontal three lines icon to the right of the license, or by request to [email protected]
  20. Yes, I meant Emsisoft Browser Security. For Emsisoft Mobile Security app support, I'm afraid I don't have information on when or if browsers other than the leading market ones will be supported.
  21. Hello Quirky, Try using the Chrome version. It typically works on Chromium-based browsers. Your mileage may vary.
  22. Hello maniac2003, Yes, they can be removed. Any license associated with an Emsisoft Cloud Console workspace will be seen in the workspace settings, not in your personal licenses list. Please email [email protected] with your request to remove the expired licenses, and we'll take care of it for you.
  23. Unfortunately no, there is no way to do this. We will keep it in mind for future development, of course!
  24. Thank you for your feedback, Raynor. We do pay attention to suggestions, and we may consider yours for future development. Have a great day!
  25. For anyone finding this thread while searching for resolution to their own issue, what worked (and the first thing tried) is to uninstall Emsisoft Anti-Malware, restart the computer, then install fresh.
×
×
  • Create New...