• Content Count

  • Joined

  • Last visited

Everything posted by Didi

  1. This is true and very sad.
  2. @GT500 Thanks for you comment. I've gotten in touch with Tesorion via email but haven't heard from them since and I really need their help to get my files back. @Amigo-A Oh gosh! That's awful! I wish something could be done to elimate ransomware from the web.
  3. @GT500 Thank you so much for your help with both issues. OK, I'l get in touch with people form all sites to see if they have any solutions. I also look forward to hearing what the ransomware analysts have to say.
  4. I just tried decrypting a file again and the decryptor failed (shown in the screenshot)
  5. @GT500 and @Amigo-A, I ran the commands but they made no difference. I still get an error message when I access Windows Defender Firewall (shown in the screenshot). Also, I've been unable to decrypt my files using the Tesorion decryptor (v2.0.7228.29806). Everything starts off fine when I upload the ransom note but once I upload a file, it always fails to be decrypted. Is there way I could get help with getting my files back?
  6. @GT500 and @Amigo-A, thank you for the insights. I'll report back as soon as I do as instructed.
  7. @GT500 Sorry for my late reply. I've attached the FRST and Addition logs. Thank you again for your help! FRST.txt Addition.txt
  8. That's amazing!!! I'm so excited! Thank you for letting me know. I've emailed them. I tried both methods for Windows Firewall and nothing worked. This is what Powershell reported when I ran the command: An error occurred while attempting to contact the Windows Defender Firewall service. Make sure that the service is running and try your request again. Are there any other methods you could please suggest?
  9. OMG!!! REALLY?! WOW! Thank you so much!!! I'll check them out now!!!!
  10. Thank you so much for these! I'll try them and get back to you!
  11. Hello @GT500 , I apologise for the very late reply. I did as instructed and I've attached the log here. Windows Defender hasn't changed: Fixlog.txt
  12. I've been unable to enable Windows Defender. The attack disabled it and shows an error when I click on Use recommended settings:
  13. FRST Addition log: Addition.txt
  14. OK, here are is the log for the Emisoft Emergency kit: Emsisoft Emergency Kit 2019.6.0.9501 stable [en-us] OS: Windows 10 (Version 10.0, Build 18362, 64-bit Edition) Forensics log Date Component Action Details 09/09/2019 01:06:09 Scanner Scan finished Scanned 95288 objects and found nothing. 09/09/2019 00:55:00 User Update Downloaded and installed 226 files (96030 kb) (17 min. 4 sec.). 09/09/2019 00:39:12 User IBHADE\ibhad Scan started Malware Scan 09/09/2019 00:37:57 Core Notification "Recommended Reading:To pay or not to pay ransomware: A cost-benefit analysis of paying the ransom". Log for FRST: FRST.txt
  15. Hello @Amigo-A, I ran a scan with FRST and the Emisoft Emergency Kit and there was no problem. I've attached a screenshot of the Emisoft Emergency Kit's scan of my system.
  16. As I thought, the IT department was unsuccessful so I’ll be getting my laptop back soon. I’ll be running a scan with FRST and the Emisoft Emergency Kit once I receive my laptop and I will post my logs/findings ASAP.
  17. Hello @Amigo-A, Thank you for your swift reply; I really appreciate it. I was about to try all that you’ve mentioned but I had the opportunity to hand over my laptop and my external hard drive to the IT department in my workplace. I’ll wait and see what they say and give all that you’ve mentioned a go. Although I’m disheartened to hear that something may happen in the long run or not at all, I’m somewhat hopeful about @Demonslay335 finding a solution.
  18. @Amigo-A, Thank you again for your reply. OK, I'll delete SpyHunter and will download FRST. Please bear with me.
  19. Hello @Amigo-A, Thank you for getting in touch. I see. OK, here are 3 encrypted files and the ransom note is called NEMTY-DECRYPT.txt IMG_2439.JPG._NEMTY_VOv3Zme_ IMG_2440.JPG._NEMTY_VOv3Zme_ NEMTY-DECRYPT.txt
  20. Hello Kevin, I appreciate your very swift reply; thank you so much. I apologise for my not so quick reply; I've been reading up on this ransomware and what options I have. Thank you for the information provided. You're right, this is what you get when you download pirated programs. I uploaded the necessary files on the site and I've attached a picture of the results page. It seems that GandCrab v4.0 / v5.0 may help but I'm skeptical seeing as you've said that "outright cracking secure encryption is currently not possible". Annoyingly, I found that RDP (Remote Desktop Protocol) was enabled/allowed so I quickly unchecked the "allow" box. I'm currently running SpyHunter4 on my laptop which picked up the cryptowall ransomware (screenshot is attached). Is there any advice you could please offer me?
  21. Hello, On Tuesday 27th August, I was downloading some iMazing torrents in order to transfer photos from iPhone to my laptop (Windows 10). After some time, I saw that all my files (except for music files), on my laptop and my external hard drive, had gone blank and had this extra extension attached: _NEMTY_VOv3Zme_ . I also got a ransom message as well that said that I would have to pay a cryptocurrency fee which is equal to $1000. I downloaded some ransomware programs to get rid of the malware and searched for the malware in my registry. It seems that I’ve been able to remove the ransomware but my files have been encrypted and it seems that the ransomware has affected my Windows Defender, as it refuses to go on. I ask if anyone can please help me find out how to decrypt my files and let me know if they have any information. I’d be so so grateful.