
bflmpesseveze
Member-
Content Count
6 -
Joined
-
Last visited
Community Reputation
0 NeutralAbout bflmpesseveze
-
Rank
New Member
-
Encrypted files "theva"
bflmpesseveze replied to bflmpesseveze's topic in Help, my files are encrypted!
You can try Shadowexplorer to recover files from shadow copy. You don't need to have history files enabled. It won't work everytime but you can try it at least. -
Encrypted files "theva"
bflmpesseveze replied to bflmpesseveze's topic in Help, my files are encrypted!
PDFs:https://uloz.to/!gOklqoTGuB9h/3m77099-rpt-zip JPGs: https://uloz.to/!p5Z3PHToomB7/3m3-0780-kasparova-zip -
Encrypted files "theva"
bflmpesseveze replied to bflmpesseveze's topic in Help, my files are encrypted!
do you think it will scan all ports for the RDP service? Because our infected customer has open RDP but routed from different port, not the default one. -
Encrypted files "theva"
bflmpesseveze replied to bflmpesseveze's topic in Help, my files are encrypted!
I can send you encrypted and decrypted files. Is JPG alright? I have few of them PDF also. PM or post it here? But with those exe files I'm sorry, bitdefender deletes it all. -
Encrypted files "theva"
bflmpesseveze replied to bflmpesseveze's topic in Help, my files are encrypted!
Dear Sarah, thank you for your answer. I will wait then. Have a nice day. -
Greetings, Our customer get some new ransomware and all data are encrypted and named "filename.[[email protected]].theva" and in every folder is #_README_#.inf file with some info from the ransomware creators. I did not find anything on google except two logs from some malicious scan logs. I can send encrypted and decrypted files. Also I attach logs but I think there will be no notice about any ransomware. Malwarebytes didnt find anything, nor bitdefender . The ransomware uninstalled ESET antivirus somehow. Edit: I found it should be some BTCware and now I am trying decrypting tool, wi