Saurav 0 Report post Posted August 17 my system got attacked by ransomware called "roger" and "Lockbit". i was realize very late as i received notification and slow response in system.i have removed ransomware virus by reinstall windows using recovery disk/then scanned the whole system by 'kaspersky total security' and 'spyhunter 5' software.i have tried with all decryptors tool available on kaspersky ransomware tools. Also tried "quick-heal" and "avast" decryptors tool too, but problem was not resolved yet.Request you to please help me out to solve problem and decrypt my whole data.Thank you in advance. Quote Share this post Link to post Share on other sites
Amigo-A 134 Report post Posted August 17 'Roger' is a variant of Dharma Ransomware.LockBit and Dharma can appear together because they are distributed with the same ways. The other day we saw their joint distribution with the same set of exploits. They use a secure file encryption method. It is impossible to calculate the decryption key with modern computing means. 1 Quote Share this post Link to post Share on other sites
Saurav 0 Report post Posted August 18 Any Idea how can i get my files back? Is there any solutions available? or Any chances to solution available in upcoming days? Quote Share this post Link to post Share on other sites
Amigo-A 134 Report post Posted August 18 Dharma is distributed since 2016 and only early versions could be deciphered. LockBit appeared in October 2019, we hope that a decryption method will be found or the keys will be published. Emsisoft has made many decryption tools, all of them are free. If there is such an opportunity, the decryptor will be published on a special page. https://www.emsisoft.com/ransomware-decryption-tools/free-download Quote Share this post Link to post Share on other sites
GT500 824 Report post Posted August 19 It isn't going to be possible to decrypt your files without paying the ransom for some time (as Amigo-A said it's already been years). Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters:https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news:https://www.bleepingcomputer.com/feed/ Quote Share this post Link to post Share on other sites
Deianreality 0 Report post Posted September 3 Help friends, this virus also affected me, I had to format my pc. I tried all the possible tools to decrypt my data and I still have not been able, I have not found anything to help me, this virus is the worst thing that has happened to me. I need to get my files back very urgently. Anyone who knows of any method. Thanks for helping me in the future. The creators of this rasonmware are unaware of the damage they cause to those of us who always work from a pc like us. @Saurav, if you have any way to get your files back I hope you can help me Thanks! Quote Share this post Link to post Share on other sites
GT500 824 Report post Posted September 4 18 hours ago, Deianreality said: Help friends, this virus also affected me, I had to format my pc. I tried all the possible tools to decrypt my data and I still have not been able, I have not found anything to help me, this virus is the worst thing that has happened to me. I need to get my files back very urgently. Anyone who knows of any method. Thanks for helping me in the future. The creators of this rasonmware are unaware of the damage they cause to those of us who always work from a pc like us. @Saurav, if you have any way to get your files back I hope you can help me Thanks! There's no way to decrypt files that have been encrypted by Dharma without paying the ransom. 1 Quote Share this post Link to post Share on other sites
Deianreality 0 Report post Posted September 5 GT500 ¿Do you recommend that I pay the ransom and do you ensure that they give me the encryption key? -.- Quote Share this post Link to post Share on other sites
GT500 824 Report post Posted September 8 On 9/5/2020 at 9:34 AM, Deianreality said: Do you recommend that I pay the ransom... We never recommend giving money to criminals, however we also understand that you need to do what you feel is necessary. On 9/5/2020 at 9:34 AM, Deianreality said: ... do you ensure that they give me the encryption key? I can't ensure or guarantee anything for the criminals who made/distributed this ransomware. In most cases they do seem to send a working decrypter and a working private key, however I can't say that this is always the case, and there will always be some risk involved in paying. Quote Share this post Link to post Share on other sites
Luciano 0 Report post Posted September 11 Já tem disponível um programa para arquivos que foram criptografados pelo ROGER.lockBit? Quote Share this post Link to post Share on other sites
GT500 824 Report post Posted September 12 20 hours ago, Luciano said: Já tem disponível um programa para arquivos que foram criptografados pelo ROGER.lockBit? No, there's no way to decrypt files that have been encrypted by the Dharma ransomware (the one that left .ROGER on the end of file names). I don't think we know for certain about LockBit yet, however it doesn't really matter as your files have been encrypted by both. Tradução fornecida pelo Google: Não, não há como descriptografar arquivos que foram criptografados pelo Dharma ransomware (aquele que deixou .ROGER no final dos nomes dos arquivos). Acho que ainda não sabemos com certeza sobre o LockBit, no entanto, isso realmente não importa, pois seus arquivos foram criptografados por ambos. Quote Share this post Link to post Share on other sites
