ransomware dharma bgtx

iamaidiot
iamaidiot used Ask the Experts™
on
Hello
does anyone know if there is a decryptor for ransomware extension ending in bgtx.. it is a variation of dharma encryption.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
No.  Restore from your backup.

Run a thorough scan with your Anti Virus first.
btanExec Consultant
Distinguished Expert 2018

Commented:
Can try Idransomware and Nomoreransom to see if any decryptor but noted this variant is rather new. Nonetheless the expert is right, start data recovery and rebuild your machine. You may copy a set of those encrypted files in case a decryptor become available - but I wouldn't depend on it.

https://id-ransomware.malwarehunterteam.com

https://www.nomoreransom.org/en/decryption-tools.html

Author

Commented:
What happened was someone mapped the backup shared drive on the hyperv and those got encrypted as well. thank you for the links
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

btanExec Consultant
Distinguished Expert 2018

Commented:
The Ransomware spread through mapped network drive as well. Looks like no other data backup then left with no choice. Advise not to pay ransom as there is still no guarantee. Anyway, consider checking the portable external storage media too..
Your best bet is to restore from backup.

Get more suggestions here: https://community.spiceworks.com/topic/2164181-how-to-decrypt-files-with-the-extension-encrypted
Found a company to decrypt data..lesson learned need more offsite backup

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial