How to decrypt files encrypted by Sarut ransomware

If you are infected with Sarut ransomware you can try to follow this guide to recover your files that were encrypted.
  1. Upload a sample encrypted file, possible email addresses used for ransom contacts and readme file HERE.
  2. Download STOPDecrypter tool (latest version HERE).
  3. Right click on it and run it as “Administrator”, then you should see this window:

4.  Click on “Select Directory”.

Select your folder(s) in which you have your encrypted file(s).
5.  Click on “Decrypt”.
6.  And then you can recover your files.
NOTE: The decryption of files depends on ransomware variant and on the type of the key used for the encryption. Usually when the files are encrypted with an offline key by Sarut ransomware is possible to decrypt them, instead with an online key, best is to backup your encrypted files and wait for others solutions in future. It is NOT guaranteed that you have your files back if you pay the ransom!

Antivirus and CPU Cooler. Wait, what???


  • CPU Cooler
  • Junk Cleaner
  • RAM Booster
  • Battery Saver
  • Game Master
  • Notification Cleaner
  • Wi-Fi Speed Test

… and so on.

Lately, we have seen the Google Play Store filled with a mix of Antivirus -Optimization Tools. There are dozens of features that Antivirus applications have. The ones you see listed above are one of them.

However, these features have nothing to do with protection at all. They are just little helpers for users to make them feel like they did something for their device.

Actually, they do nothing, sometimes they can even make the situation worse.

For example, RAM Booster kills your application to make your phone look faster. However, you will run those applications again and again. Most Operating Systems have the same feature to kill unnecessary applications.

Another example is the Junk Cleaner which deletes your caches. In the first few minutes, your device will be faster but later on, the Internet connection will be required more and more to re-download those cached files.

What is our point here?

Antiviruses should protect users and solve their infection problems. They should not spend any time on those unrelated features. The vendors can release such products but they should be connected with a security application.

Nowadays, we have major issues and big security problems but unfortunately, AV vendors try to solve optimization issues instead of security issues. The developer term for that situation is premature optimization.

Let us know your thoughts.

How to Really Understand Your Users’ Real Needs? – Free Style

In today’s world of big data, we may have cultivated a habit of thinking in numbers and percentages about everything.

We believe that data can show us everything or we are simply trying to hide our fear of the unknown behind the big numbers. Grouping phenomenon and making things clear are natural in human behavior.

Trying to understand the understandable as well.

People = number?!

Can we count emotions or make an equation that resolves the mystery of user behavior?!

There are many pros and cons here. We are not here to enter the existing philosophical debate about what is bad and what is good when it comes to this matter.

Rather, we are trying to make our own freestyle.

Many things are changing at Zemana but all these changes are centered around one phenomenon which is our user.

So, naturally, in order to make any changes aligned with this phenomena, we have to ask: Who are our users?

For weeks Zemana’s research team has worked on understanding our users and seeing who they are and what they really need and want.

Instead of simply making data queries and algorithmic predictions we invested our time in communicating with our users.

And, we had a lot of fun…

Every day we talked to our users either via phone or via email and we cherished every minute of it. Every person has its own set of beliefs, emotions, and needs.

To understand all of them we believe that simply running a data query is not enough. You need empathy.

You have to become your users.

Theather day


Two of our colleagues made a marvelous job in preparing a theatre for us where they presented who are our users or more precisely showed us what they feel and what they need.

They helped us in making empathy with you in a very entertaining way.

Beyond survey


Beyond surveys and data, there is empathy.

Beyond boring presentations, there is an innovative theatre.

Instead of saying that we are doing research on users we say:

We are working on understanding our users. We are trying to understand how we can help them.

Every product is a reflection of its users and we strongly believe in that. We will try to make ours even better for you.

Help Us Translate Security For Everyone







There is one way to safety but it is expressed in many ways.

In the past months, we have worked hard to make many improvements in our antivirus app, from the web protection module, cloud scanner, improvements in user experience and during that journey we somehow forgot that we have to translate all those changes as well and make them understandable to all our users.

Let’s help each other.

Become part of our translator community and help us in making cyber-security available and understandable to people worldwide.

We want to enrich our app with as many languages as possible and help everyone understand it.


Of course, we will award you and your loved ones with premium licenses and make you a part of Zemana Mobile Antivirus contributors.

How to start?

  1. Send an e-mail to
  2. Translation magic happens
  3. You make many people happy!

Thank you for contributing 🙂

Release Notes: No one should pay to clean malware!

No one should pay to clean malware. Full stop.

We build our company on the belief that everyone should be free of malware. To put this belief in practice we created products that help in keeping you malware free.

However, even though we knew that malware has no place in your cyber journey we never knew what you actually need and what is best for you.

Until you told us.

Build a forever free malware removal tool and make it available to everyone.

We heard you. Loud and clear. 

Every good phenomenon gives birth to a bad phenomenon. Internet was (still is) a great invention that opened, to all of us, a totally new and exciting world with many possibilities, including the bad ones.

That is how the great new cyberspace led to the creation of hackers, malware creators and similar alike that utilize cyber possibilities with bad intentions.

There are certain things in life that are essentials and that should be free to everyone. On this matter, everyone may have their own views and ideas. So, do you guys. Even though it seems so logical now, but we were totally not aware of the fact that we fit in that “essentials” concept until you told us.

And luckily you did. 

You believe that removing malware should be free and available to everyone. Well, we believe too. And we put this belief in practice. As of today, we made available to everyone a forever free malware removal tool, No strings attached, No limitations.

Zemana AntiMalware (Forever Free)

How we came to this point?

Actually, we started carefully listening to your feedback. For two years we have been running an uninstallation survey on our website that now we see with totally different eyes than we did before.

One of the main reasons you guys uninstalled our product is due to lack of money. You need the product, you like it but simply there is not enough budget for it.

I mean you didn’t choose to get infected with malware. And now you have to pay to clean it. IT MAKES NO SENSE. 

So, what do we have now?


All of us have a forever free antimalware model that does the following:

1. Scans your PC in less than a few seconds

It is even faster than Zemana AntiMalware 2.0. You don’t believe us? Check out the video.






2. Has no back-end processes

It doesn’t work in the background because it is a free removal tool and we do it for your overall PC’s health and for the better user experience. There is no need for this product to run in the background because there are no additional and unnecessary features on the product that require running in the background.

3. Advanced malware detection

If it’s free it doesn’t mean you don’t have access to advanced malware removal force. You do. We implemented some strong Artificial Intelligence models that keep our malware detection on a high level and we will continue improving it more and more.

So, what’s up next?

We actually listen to our users and develop a totally free version that has no back end process and is available to everyone. So if you ask us what’s next? Well, we will continue listening to you and improve the product with additional protection modules.

Are you in the mood to give us feedback?

Simply download Zemana AntiMalware Free. Open the product and start your scan.


Once the scan finishes you will see this screen. Put your email address so we can stay in touch, share your ideas and click on “Send Feedback”.

Make sure to share your thoughts about the product as well. We would like to hear about it.

P.S. Today we are also celebrating  30 years of the World wide web (www). Just 30 years ago a new era started. Today, let’s start a new one.

World wide malware free (wwmf).



Still didn’t download? Start your download here.


Why clicking the “X” closes Zemana AntiMalware 3.0 on my PC?

Zemana AntiMalware 3.0 is a free malware removal tool. The main purpose of this product is to detected and remove malware from your PC. For free.

Having said that, recently we have seen many support request asking: Why Zemana AntiMalware 3.0 closes when we click on “X”?

For one simple reason.

It doesn’t work in the background because it is a free removal tool and we do it for your overall PC’s health and for the better user experience. There is no need for this product to run in the background because there are no additional and unnecessary features on the product that require running in the background.

This product runs only when you keep it open because this is how the product works. So, whenever you suspect you have malware just open Zemana AntiMalware, detect the malware and remove it. Voila, that’s it. 🙂

However, you can open it again and again as much as you want. Just keep in mind it runs only when it is opened. 🙂


ZMA Release Notes: Surf the Internet! We will protect you for FREE!

From today we say NO to malicious websites. Enough is enough.

We are all browsing through Internet on daily basis many many times. And while we are doing that we want to find many things that will entertain us, teach us, amuse us and etc.

…but what we certainly don’t want to find is malware.

You should enjoy browsing through the Internet and we decided to help you out with that.

In the previous release, we have pumped up our app with a brand new Cloud Scanner that has enhanced detection rate amazingly. Since then we worked hard to give you many other new things.

So, let’s see what we have done for you.

ZMA v1.7.9 highlights




Web Protection

Alright. The name says it all.

In the past months, we worked hard on this module that will keep you away from malicious websites. So it works like this (Let’s give you an example).


You take your phone and you try finding some interesting new shelf for your room. You open Google and start your shelf hunt. You find amazing things on interesting websites filled with many links. You click on the first one and you find this great shelf that you have been looking for. You click on another link: OMG you find an amazing new discount that redirects you to a new website. Click again.



Voila! We are there.

Every website that has a malicious code will be blocked.

How Web Protection works?

When the end user (in this case you) accesses any website via their device, Zemana Mobile Antivirus scans the URL that the end user wants to connect to and if we detect any malicious activity it immediately blocks end user’s interaction with the requested URL and loads a warning page that offers three options to end users to either: go back to safety, continue to the URL or add this preferred URL to white-list.

We don’t store any data of yours, we just scan the website you want to visit to see if there is any malicious code there or not.



Just like it was the case with The Cloud Scanner also in order to use Web Protection feature you have to accept EULA agreement once you launch the application. In case you decline the EULA, unfortunately, you will be unable to access this feature. So, please make sure to accept it.

Everyone on board? Great. Let’s move on.

This app is for you

We made some small design modifications in the app and some statements that say a few words about the team behind the app. It’s actually a small team but with a great will to provide you with a malware free journey.



As you can see we have also a new logo, we inserted some fresh new colors and reorganized the order in the settings bar menu so you always have access to the most important features at the top and at the bottom you have your license info and also a way how to reach out to us any time you wish.



So, to summarize all.

  • You know those annoying malicious websites. Well, we block them all now.
  • We made some in-design changes and made the app “prettier”.
  • And as usual some minor bug fixes and improvements:)

What’s up next?

For our next move, we are waiting for your feedback. We have some ideas for now: Dark mode implementation and scan scheduler.

What do you think about those?

Send us your ideas and let’s discuss them together.