Didi

Member
  • Content Count

    21
  • Joined

  • Last visited

Posts posted by Didi


  1. @GT500 and @Amigo-A, I ran the commands but they made no difference. I still get an error message when I access Windows Defender Firewall (shown in the screenshot).

    Also, I've been unable to decrypt my files using the Tesorion decryptor (v2.0.7228.29806). Everything starts off fine when I upload the ransom note but once I upload a file, it always fails to be decrypted. Is there way I could get help with getting my files back?

    image.png
    Download Image


  2. That's amazing!!! I'm so excited! Thank you for letting me know. I've emailed them.

    I tried both methods for Windows Firewall and nothing worked.

    This is what Powershell reported when I ran the command: An error occurred while attempting to contact the  Windows Defender Firewall service. Make sure that the service is running and try your request again.

    Are there any other methods you could please suggest?


  3. OK, here are is the log for the Emisoft Emergency kit:

    Emsisoft Emergency Kit 2019.6.0.9501 stable [en-us]
    OS: Windows 10 (Version 10.0, Build 18362, 64-bit Edition)

    Forensics log

        Date    Component    Action    Details    
    09/09/2019 01:06:09    Scanner    Scan finished    Scanned 95288 objects and found nothing.        
    09/09/2019 00:55:00    User    Update    Downloaded and installed 226 files (96030 kb) (17 min. 4 sec.).        
    09/09/2019 00:39:12    User IBHADE\ibhad    Scan started    Malware Scan        
    09/09/2019 00:37:57    Core    Notification    "Recommended Reading:To pay or not to pay ransomware: A cost-benefit analysis of paying the ransom".        
     

    Log for FRST:

    FRST.txt


  4. Hello @Amigo-A,

    Thank you for your swift reply; I really appreciate it. I was about to try all that you’ve mentioned but I had the opportunity to hand over my laptop and my external hard drive to the IT department in my workplace. I’ll wait and see what they say and give all that you’ve mentioned a go.

    Although I’m disheartened to hear that something may happen in the long run or not at all, I’m somewhat hopeful about @Demonslay335 finding a solution. 


  5. Hello Kevin,

    I appreciate your very swift reply; thank you so much. I apologise for my not so quick reply; I've been reading up on this ransomware and what options I have.

    Thank you for the information provided. You're right, this is what you get when you download pirated programs. I uploaded the necessary files on the site and I've attached a picture of the results page. It seems that GandCrab v4.0 / v5.0 may help but I'm skeptical seeing as you've said that "outright cracking secure encryption is currently not possible".

    Annoyingly, I found that  RDP (Remote Desktop Protocol) was enabled/allowed so I quickly unchecked the "allow" box. I'm currently running SpyHunter4 on my laptop which picked up the cryptowall ransomware (screenshot is attached).

    Is there any advice you could please offer me?

    ID Ransomware.png
    Download Image

    CryptoWall Ransomware - SpyHunter 4.png
    Download Image


  6. Hello,

    On Tuesday 27th August, I was downloading some iMazing torrents in order to transfer photos from iPhone to my laptop (Windows 10). After some time, I saw that all my files (except for music files),  on my laptop and my external hard drive, had gone blank and had this extra extension attached: _NEMTY_VOv3Zme_ . I also got a ransom message as well that said that I would have to pay a cryptocurrency fee which is equal to $1000.

    I downloaded some ransomware programs to get rid of the malware and searched for the malware in my registry. It seems that I’ve been able to remove the ransomware but my files have been encrypted and it seems that the ransomware has affected my Windows Defender, as it refuses to go on.

    I ask if anyone can please help me find out how to decrypt my files and let me know if they have any information. I’d be so so grateful.