All of my saved files have been ciphered so that my computer does not recognize them (I think). Please provide assistance that will enable me to put my documents back into a language that my computer can read. Thank-you for your assistance.
Message: Files are encrypted with RSA-2048c and AES-128 ciphers …
- Thread starter Jenlfen
- Start date
- Mar 8, 2013
- 22,627
Hello,
You're infected with ODIN Ransomware. At this moment not enough information is revealed about it and most likely there is not free decryption tool.
You're infected with ODIN Ransomware. At this moment not enough information is revealed about it and most likely there is not free decryption tool.
Thank-you for getting back to me. What/who do you recommend that I use to purchase the decryption tool. I would only like to work with someone who is ethical, responsible, and reliable. From what we have read online, not all individuals/sites who offer help for these kinds of difficulties fit that description, even if they sound that way, and we do not know whose who.
- Mar 8, 2013
- 22,627
Like I said, there is no enough information right now, so the only thing you can do is paying the ransom (what I do not recommend). There is not free decrypt tool for this variant.
- Mar 8, 2013
- 22,627
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Make sure that Addition.txt option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Thank-you so much for your consideration. During the course of this day, I have followed the instructions of options 1 and 2 of the MalwareTips article, "How to Remove .ODIN malware (_HOWDO_text Files Encrypted) September 27, 2016 By Stelian Pilici / Filed Under: Ransomware, in that I downloaded and scanned the "Shadow Explorer" as well as "Piriform Recuva". I have not completed working with the Recuva in selecting files to restore them. I am a little hesitant to move forward with that at this point, yet. For now, I am still doing my homework. I really do appreciate your willingness to take time out of your busy schedule, consider my problem, and provide knowledgeable guidance.
- Mar 8, 2013
- 22,627
You can try shadow explorer but this malware is deleting all shadow copies of your files, so I don't know if that would be possible to do.
Let's remove some malicious files:
Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable.
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Please attach it to your reply.
Let's remove some malicious files:
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finishes FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.
Thank-you for the time that you have taken to help me so far, and for your patience with someone who really knows very little of the technical aspects of operating a computer.
It has taken a little while for me to respond to your most recent instructions since I needed to fit figuring out how to correct mistakes that I had made when downloading the Farbar Recovery Scan Tool into my busy schedule. Once the trouble shooting was done, I was able to follow your instructions properly. Those steps have all been taken.
In the process, I scanned my computer again just before working with the Farbar Fix Tool. I have attached all the documents again, and included the fixlist.txt.
Below are the attached files:
It has taken a little while for me to respond to your most recent instructions since I needed to fit figuring out how to correct mistakes that I had made when downloading the Farbar Recovery Scan Tool into my busy schedule. Once the trouble shooting was done, I was able to follow your instructions properly. Those steps have all been taken.
In the process, I scanned my computer again just before working with the Farbar Fix Tool. I have attached all the documents again, and included the fixlist.txt.
Below are the attached files:
- Mar 8, 2013
- 22,627
Okay, let's make some additional checks:
Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable.
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Please attach it to your reply.
Please download Zemana AntiMalware and save it to your Desktop.
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finishes FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.
Please download Zemana AntiMalware and save it to your Desktop.
- Install the program and once the installation is complete it will start automatically.
- Without changing any options, press Scan to begin.
- After the short scan is finished, if threats are detected press Next to remove them.
Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.
- Open Zemana AntiMalware again.
- Click on
icon and double click the latest report.
- Now click File > Save As and choose your Desktop before pressing Save.
- The only left thing is to attach saved report in your next message.
Once again, I thank-you for your assistance. I have done my best to follow your instructions, and hopefully am able to send you the information that you are looking for in the attached files. Thank-you for your patience with me.
- Mar 8, 2013
- 22,627
