Jump to content

Fabio di Bari

Administrators
  • Posts

    9
  • Joined

  • Last visited

Everything posted by Fabio di Bari

  1. Hi @batcall Welcome to the Emsisoft Support Forums. I understand it is frustrating, but currently, we cannot decrypt files with an Online-ID and some recent versions of STOP/DJVU Currently, we cannot decrypt files that we do not have the Private Encryption Key in our Database. There's the possibility that law enforcement may be able to catch the criminals and release their database of private keys, meaning that you could try again using the tool in a few weeks in case something changed. We do not recommend paying the ransom unless there is absolutely no other choice. 22% of those who paid a ransom never got access to their data. 9% said they got hit with additional ransom demands after paying. We’re talking about criminals, after all. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. Please review our Protection Guides at your leisure, they contain several tips on protecting your computer and data. https://blog.emsisoft.com/en/category/protection-guides/ We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/ Please consider subscribing to a reliable anti-malware application to avoid similar issues in the future. You can get our full version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/pricing/ I know it’s a big loss for you. We are glad to offer this service for free and help as much as we can, but there is not always an immediate resolution for all the cases.
  2. Hello @tenzi hao Welcome to the Emsisoft Support Forums. I understand it is frustrating, but currently, we cannot decrypt files with an Offline-ID that we do not have the Private Encryption Key in our Database. Currently, we cannot decrypt files that we do not have the Private Encryption Key in our Database. There's the possibility that law enforcement may be able to catch the criminals and release their database of private keys, meaning that you could try again using the tool in a few weeks in case something changed. We do not recommend paying the ransom unless there is absolutely no other choice. 22% of those who paid a ransom never got access to their data. 9% said they got hit with additional ransom demands after paying. We’re talking about criminals, after all. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. Please review our Protection Guides at your leisure, they contain several tips on protecting your computer and data. https://blog.emsisoft.com/en/category/protection-guides/ We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/ Please consider subscribing to a reliable anti-malware application to avoid similar issues in the future. You can get our full version of Emsisoft Anti-Malware here: https://www.emsisoft.com/en/pricing/ I know it’s a big loss for you. We are glad to offer this service for free and help as much as we can, but there is not always an immediate resolution for all the cases.
  3. Hello @Duncan Mac Leod Thanks for reaching out! Yes, we are aware of the threat and is normally addressed by our Behavior Blocker. Here's an example of the Emsisoft Anti-Malware in action against SysJoker.
  4. We have released EAM hotfix 2022.1.2 This version includes a new Sciter version that fixes the UI issue: https://blog.emsisoft.com/en/40821/emsisoft-anti-malware-2022-1-2/ If you are still experiencing inconsistencies with the User Interface, feel free to reach out to our Support Channel for further assistance.
  5. Hello! There is already a whole forum section and group of posts dedicated to dealing with this ransomware. You can find more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. This is a newer variant of STOP/Djvu. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Errata Corrige, thanks @cybermetric for pointing it out. Please refer to the thread https://support.emsisoft.com/topic/40105-open_filetutanotacomi0qnxlfz6cha351lilium/#comment-223499
  7. Independently from EDR, Emsisoft's Anti Malware solutions covers all the aspects of DLP related to the prevention of remote access and data exfiltration from other malwares. Of course we cannot help against insider threats, negligent data exposure and phishing by social engineering.
  8. Hello Cormac, This occurs when you run the installer from a network folder. EAM can't read the digital signature over the network share, and thus can't validate the safety of the files. It won't happen if you copy them to the computer and then execute them, but if that's not possible you can add the file location to the exclusions. Please refer to this thread:
×
×
  • Create New...