Jump to content

Kevin Zoll

Emsisoft Employee
  • Content Count

    18839
  • Joined

  • Last visited

  • Days Won

    178

Everything posted by Kevin Zoll

  1. Hello @Shenouda, Welcome to the Emsisoft Support Forums. Your ID is an online ID, and as such we are incapable of decrypting the files. Unless, someone releases the private encryption keys, whether that be law enforcement, security researchers, or the criminals, then there is no way to decrypt the files at this time.
  2. All of what you describe can be done without disabling the AV. If disabling the AV is necessary because it trips on the driver, then were right back to my original statement. The problem is no the AV but the buggy driver and crappy coding. The advice to disable the AV is outdated and simply irresponsible of the party making the recommendation. Companies resort to that type of recommendation because they are too lazy to chase down the offending code and fix their code base.
  3. There is always the possibility that anti-virus software can interfere with an update. Disabling the AV should be that last thing you do and only as a last resort. Anybody who suggests disabling the AV before installing the update is covering the fact that their coders write crappy code, that will trigger an AV because, well it is crappy code.
  4. Hello @Jailson, Welcome to the Emsisoft Support Forums. That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated recently, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Quite a lot more information about STOP(Djvu) can
  5. Hello @japowell11, Welcome to the Emsisoft Support Forums. Let's make sure of what we're dealing with. Please visit the following website and upload both an encrypted file (between 256KB and 2MB in size would be best) and a ransom note simultaneously for proper identification, and send me the information it provides: https://www.emsisoft.com/ransomware-decryption-tools/ Please be sure to read the information link on the results page, as whether we have a decrypter or not, sometimes someone else's decrypter is listed, or other information is available that might
  6. Hello @meet, Welcome to the Emsisoft Support Forums. If our decrypter was unable to determine the encryption keys for your encrypted files, then there is no way to decrypt the files without paying the ransom. Which is not something we recommend you do, unless you have no other choice.
  7. Hello @Sharon7262, Welcome to the Emsisoft Support Forums. The ID is an online ID. Unfortunately, that means we cannot decrypted the files. Because STOP(DJVU) is know to installed additional malware on the system I would like to get two scan reports from a third-party tool we use to help with diagnosing issues with systems. Download to your Desktop: Farbar Recovery Scan Tool NOTE: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run
  8. Hello @mopettit, Welcome to the Emsisoft Support Forums. No, we do not make a Mac OS version of our software are currently do not have plans to support Apple devices.
  9. That private key is only good for the files of the victim who paid the ransom. Every victim has a private key and in some cases private keys are generated for each file. You cannot use a private key that was generated for a different system to decrypt your files.
  10. Without paying the ransom, there is no way to get back your files, and then that is not even a sure thing.
  11. Looking at the IDs in your screen shots those are all online IDs. The files cannot be decrypted without the private encryption key which was generated and stored on command & control servers under the control of the ransomware group responsible for encrypting your files. Nobody, including us, other than then the criminals have access to those keys.
  12. IF the service is not accepting your files than the ransomware variant is not supported. Meaning, that you files cannot be decrypted.
  13. Make sure that the files being submitted are at least 150kb in size, also do not use large files either.
  14. You have to use the same file, one that is encrypted and one that is not encrypted. Your screenshot shows that you are using two different files, that just will not work. You cannot compare two files is they are not the same file.
  15. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  16. Hello @Lito, Welcome to the Emsisoft Support Forums. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  17. Hello, Welcome to the Emsisoft Support Forums. That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated recently, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Quite a lot more information about STOP(Djvu) can be found here: https://support.emsi
  18. Hello, Thank you for contacting Emsisoft Support. That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated recently, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Quite a lot more information about STOP(Djvu) can be found here: https://
  19. Hello @ljs3508, Thank you for contacting Emsisoft Support. This is very likely DHARMA(CrySiS). Unfortunately, there is no way to decrypt your files using third-party tools.
  20. Hello @juliandmm, No, we currently do not have a solution for this variant of STOP/DJVU.
  21. @Najeeb Ur Rehman, Thank you for contacting Emsisoft Support. If your files where encrypted using an online encryption key, then It is not possible to decrypt the files without paying the ransom. Which is not something we recommend you do.
  22. Hello, Thank you for contacting Emsisoft Support. The ID In the screenshot is an Online ID, and as such it is not possible to decrypt the files using our decryption tool.
  23. Hello @Tanvir Ahmed, Thank you for contacting Emsisoft Support. The ID you posted in an Online ID. Meaning that the encryption key was generated and stored on a command & control server under the control of the cyber-criminals responsible for encrypting your files. For that very reason your files cannot be decrypted using our decryption tool. Your files cannot be decrypted without paying the ransom. Which is not something we recommend you do. Instead what we recommend is backing up all your encrypted files and store them in a secure location in the event that decyprtion beco
  24. Hello IsraelA, Thank you for contacting Emsisoft Support. If our decryption tool can't decrypt your files, then the files cannot be decrypted without paying the ransom.
  25. Hello @Fahad_826, @bahblo, @Luisa, Thank you for contacting Emsisoft Support. That extension is used by STOP(Djvu). Unfortunately, STOP(Djvu) was updated recently, and we no longer have any method to decrypt this ransomware unless the encryption occurred some time ago, before the 29th of August 2019. Please refer to this blog post for information about a decrypter that may work, and also for support instructions if it does not: https://blog.emsisoft.com/en/34375/emsisoft-releases-new-decryptor-for-stop-djvu-ransomware/ Quite a lot more information about STOP(Djvu) ca
×
×
  • Create New...