Jump to content

Amigo-A

Visiting Expert
  • Posts

    2436
  • Joined

  • Last visited

  • Days Won

    61

Everything posted by Amigo-A

  1. Hello. Read the general help for this problem.
  2. Then give the antivirus file or Delete it bypassing the Recycle Bin - with the 'Shift' key pressed.
  3. It will be better if you send the extracted file as written here https://www.emsisoft.com/en/support/submit/ The less manipulation, the safer.
  4. As mentioned above, files encrypted with these encryptors are unlikely to be decrypted. But specialists can investigate the specific case with your files. Sometimes, very rarely, some intermediate versions have flaws that allow some files to be decrypted. This is rare, but sometimes it happens. It's bad when the files are encrypted with 2-3 encryptors, in which case the probability of returning the files tends to 0...
  5. Yes. Isolated files are safe as long as they have a neutral extension. But even in this form, antiviruses can detect these files as dangerous. When switching from one antivirus to another, users are faced with a problem when the new antivirus grabs isolated files from the remaining quarantine and reports the discovery of a malicious files. This gives reason to think that the new antivirus is better than the old one. Talk about all the nuances for a long time.
  6. I will clarify. The files may be needed for analysis not by me, but by Emsisoft specialists. Kaspersky specialists use their own naming system. Sometimes, under one of these names, an encryptor or one of its components may be hidden. In rare cases, when an attack can be well researched and described with an article, they give it a unique name or use an international one. --- To prevent Kaspersky antivirus from deleting files, you need to configure its action for malicious files. If you can recover files without quarantine, then do it by one. Upload each separately or all in one archive to the resource from the link. https://www.emsisoft.com/en/support/submit/ Indicate this subject and your contacts (if you want to receive a response by mail) in a message box.
  7. If you have a malicious exe file that produced encryption, upload it to the resource from the link. https://www.emsisoft.com/en/support/submit/
  8. Hello. It will be better if you use this resource to check the possibility of decryption. You need to upload ransom notes and 1 encrypted file. The result will be displayed in a new window. https://www.emsisoft.com/ransomware-decryption-tools/
  9. OK. We are in contact with different people, from different countries, using different PCs and OS, having different levels of preparedness or having no experience, therefore it is better to say, to warn, to advise than to say nothing. What antivirus software quarantined the file? Is this an Emsisoft program or another Antivirus? What language is used?
  10. Yes, this is one of the most effective methods of attacking and infecting user computers. Another: using infected repackaged and hacked distributions of popular applications (Photoshop, Office, and others). For these programs is easier to find a free or low price alternative and not use repack, hacks and cracks. --- For Windows, finding an alternative is a little more difficult, but it is safer to buy and use a key for 1 activation. This is a legal method, available to everyone, and you don't have to use hacked and repackaged distributions from pirate sites.
  11. For a more accurate analysis, you need a malicious file that did the encryption. Malware distributors and sites specially prepared for the attack may not store malicious content for a long time. Moreover, they may not deliver it to all visitors, for this they use exploits that work differently, depending on the version of the operating system, browser version, installed updates, and other parameters. Over time, the version of the malicious component may also change. If nothing has changed since the attack on your PC, then the provided link to the file can help in the analysis.
  12. It is hardly necessary to add a malicious file to exclusions https://www.virustotal.com/gui/file/513cea9bee716d2c18c805dddd097928a1d68eeb5a9675658fdc7efba2e7658c https://www.virustotal.com/gui/url/5cee97d2f17060c9276e0bd67630c73e90d610d2d968a68c5af0dee1d73dd5f0?nocache=1
  13. Hello. Read the Guide, or at least the first part of it, to understand the essence of the problem. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  14. Hello. Read the Guide, or at least the first part of it, to understand the essence of the problem.
  15. Hello. Attach a ransom note.
  16. Hello. You probably need to read this Guide first. At least the first part of it, in order to understand the essence.
  17. You didn't say which ransomware attacked your PC. Was it 'STOP Ransomware'? You probably need to read this Guide first. At least the first part of it, in order to understand the essence.
  18. Hello. You probably need to read this Guide first. At least the first part of it, in order to understand the essence.
  19. Hello. Unable to decrypt because the encryption key was obtained from the extortionist's server, where it was previously randomly generated. It is impossible to calculate it using a super-computer within the limits of human life. There is no other legitimate decryption tool. Read more in this Guide
  20. Hello. You probably need to read this Guide first. At least the first part of it, in order to understand the essence.
  21. Hello. You probably need to read this Guide first. At least the first part of it, in order to understand the essence.
  22. 1) Despite this, we recommend that you save the encrypted files on an external medium and disconnect it from the PC. Perhaps in the future, after the arrest of extortionists or their servers, decryption keys will be obtained. 2) I can recommend that you do some steps to recover some important files if you have the desire, time, and patience. This is not decryption, this is the use of alternative possibilities. Only advice, no technical support, at your peril.
×
×
  • Create New...