Jump to content

Help, my PC is infected! - decryptor needed


Recommended Posts

Hello - it seems i was infected with a variant of DARHMA  (.cesar).

I had run first malwarebytes. See attached log. Then followed your instructions. See attached logs.

Can you help to de-crypt my files? I attach one of the encrypted files.

Thanks

 

scan_170818-232125.txt

malwarebytes.txt

FRST.txt

Articole_cu_stoc_negativ.txt.id-7E8DED17.[[email protected]].cesar

Addition.txt

Link to comment
Share on other sites

Older decrypters for Dharma were based on master decryption keys that were released on the BleepingComputer forums. There's been a spike in the last few days of new reports of Dharma infections that rename files with the .cesar extension, and with this new waves on infections I would expect that existing decryption tools would not be able to decrypt files.

It might take some time for analysis, however I expect that this new variant of Dharma is not going to be decryptable.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...