Jump to content

ShadowPuterDude

Emsisoft Employee
  • Posts

    19474
  • Joined

  • Last visited

  • Days Won

    201

Everything posted by ShadowPuterDude

  1. The one I attached is newer. Not yet publicly available. I replied to your PM.
  2. Hello @pathmakumar, Welcome to the Emsisoft Support Forums. Your Personal ID appears to be an Offline ID. I understand it is frustrating, but currently, we cannot decrypt files with an Offline-ID that we do not have the Private Encryption Key in our Database. Please read this Topic. It contains information about your situation and whether or not your files can be decrypted. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  3. Hello @MBR, Let's make sure of what we're dealing with. Please copy/paste all lines of the results of this test into a reply to this email if you need further help. Please visit the following website and upload both an encrypted file (between 256KB and 2MB in size would be best) and a ransom note simultaneously for proper identification, and send me the information it provides: https://www.emsisoft.com/ransomware-decryption-tools/ Please be sure to read the information link on the results page, as whether we have a decrypter or not. Sometimes someone else's decrypter is listed, or other information is available that might be useful for recovery. While it is very rare that it helps, you might try undelete software, or if your files are very important it may be worth talking to a company that specializes in ransomware negotiation, and will communicate in your behalf with the criminals that created the ransomware. Exercise a bit of caution when looking for a company to help, though. Generally speaking, if a company claims to be able to decrypt files that were encrypted by a type of ransomware for which no decryption tool is publicly available, that company is probably just going to pay the ransom and charge you more than you would have paid if you had dealt with the criminals directly. Better is to search for companies who specialize in ransomware negotiation. If the identification process shows a ransomware that is not decryptable, there is nothing else we can do. We do not recommend paying the ransom unless there is absolutely no other choice.
  4. Hello @Rohit5774, Welcome to the Emsisoft Support Forums. Please read this Topic. It contains information about your situation and whether or not your files can be decrypted. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. Hello @Mark Frank, Let's make sure of what we're dealing with. Please copy/paste all lines of the results of this test into a reply to this email if you need further help. Please visit the following website and upload both an encrypted file (between 256KB and 2MB in size would be best) and a ransom note simultaneously for proper identification, and send me the information it provides: https://www.emsisoft.com/ransomware-decryption-tools/ Please be sure to read the information link on the results page, as whether we have a decrypter or not. Sometimes someone else's decrypter is listed, or other information is available that might be useful for recovery. While it is very rare that it helps, you might try undelete software, or if your files are very important it may be worth talking to a company that specializes in ransomware negotiation, and will communicate in your behalf with the criminals that created the ransomware. Exercise a bit of caution when looking for a company to help, though. Generally speaking, if a company claims to be able to decrypt files that were encrypted by a type of ransomware for which no decryption tool is publicly available, that company is probably just going to pay the ransom and charge you more than you would have paid if you had dealt with the criminals directly. Better is to search for companies who specialize in ransomware negotiation. If the identification process shows a ransomware that is not decryptable, there is nothing else we can do. We do not recommend paying the ransom unless there is absolutely no other choice.
  6. @QuirkyPlease download and run the attached Emsisoft Diagnostic Tool on the computer where Emsisoft is not starting properly. Attach the log to your reply. Once I review the log I will remove the log from your post. EmsiDiagTool.exe
  7. The best option is to purchase a Windows 10 key and apply it to your system and then run Windows Update to bring the system up to date. The situation you are experiencing is a good example of why you should not use activation cracks. Especially KMSAuto, KMSSpico and others of that nature. Most of these activation cracks install malware.
  8. Hello @Archi, Welcome to the Emsisoft Support Forums. Please read this Topic. It contains information about your situation and whether or not your files can be decrypted. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  9. Resetting the in most cases a reset will restore the PC in an uninfected state. You'll notice I said "most cases" there is some malware that can survive an OS reset. In this case I recommend that you backup all you date, encrypted and unencrypted, and then reset the PC. We can always check the system after a reset.
  10. C:\Program Files\Common Files\System\symsrv.dll detected: Trojan.AgentWDCR.ERJ (B) [krnl.xmd] C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\msedgeupdate.dll detected: Win32.Floxif.A (B) [krnl.xmd] Both of those files are Windows System files. I can have FRST remove them and during the reboot process Windows File Protection will just restore the infected files. The only way to fix the issue is to replace the files with clean copies of the file from a clean legitimate copy of Windows.
×
×
  • Create New...