ODCODC Ransomware

ODCODC Ransomware is a ransomware infection that will secretly slither onto computers and then will encrypt files users keep on their systems with the strong encryption algorithm RSA-2048. In the RSA cryptosystem, the encryption key is known for cyber criminals only, and it will be really hard to gain access to files again. You will notice quickly if the serious computer threat ODCODC Ransomware enters systems because a) it will be impossible to open important files, b) there will be the readthis.txt file on Desktop, and c) the filename extensions of files you keep on your computer will be changed. If you are now sure that this ransomware infection has found a way to your computer, we suggest that you immediately go for its removal. You probably suspect that it will not be an easy task. In case you do not know anything about ransomware, you need to know that these infections are extremely dangerous, and they are not like ordinary software – it is impossible to remove them from Control Panel. Specialists at pcthreat.com suspect that the majority of users do not know how to erase a ransomware infection, so they are going to help them with the ODCODC Ransomware removal.

Users notice those encrypted files immediately because they cannot be opened and they have the email C-email-abennaki@india.com (in some cases C-email-abennaki@aol.com-) at the beginning. At the end, they have the .odcodc filename extension. The original extension does not disappear anywhere too, so all locked files contain an email address, an original extension, and a new extension assigned by ODCODC Ransomware, for example, -email-abennaki@india.com-picture.jpg.odcodc and -email-abennaki@india.com-myfavoritesong.mp3.odcodc. Also, users will find new files readthis.txt in different directories and Desktop. These files will inform users what they need to do to unlock files. If you open any of them, you will immediately notice that you are informed that you have to contact cyber criminals that hide behind this threat by the given email abennaki@aol.com or abennaki@india.com (it depends on the version of the ransomware infection). If you write an email, we are sure that you will be told how to pay a ransom for unlocking files. It is very likely that cyber criminals will even decrypt several files for you free of charge in order to show that they can really do that. As nobody knows whether files will be unlocked after transferring money, we suggest keeping your money to yourself. Of course, this also means that you will have to find another way to decrypt files, for instance, you can recover them from a backup (e.g. USB flash drive or external hard drive) you created before. Also, specialists working at pcthreat.com have managed to find out that this threat does not delete Shadow Volume copies of files, which means that it might be a way to unlock files free of charge.

Unfortunately, ransomware infections are extremely prevalent these days, so you might encounter another ransomware again if you do not be careful enough. It is highly advisable not to open spam email attachments because you might allow a ransomware infection to sneak onto your computer. For example, ODCODC Ransomware pretends to be a harmless Word document file, which explains why people open it without any fear. What is more, it is known that people might allow this threat to enter their systems if they download free applications from unreliable websites too. Finally, it might be quite dangerous to click on links placed on third-party websites as well. If you want to be sure that you are safe 24/7/365, install security software on your computer and activate it. Do not forget to be cautious on the web all the time too.

Researchers at pcthreat.com have found that ODCODC Ransomware usually deletes all the files and removes registry entries after it finishes encrypting files and displays a dialog box with the message “Кодирование успешно завершено!"; however, we still suggest checking whether these files and registry keys that belong to this ransomware infection are really gone. If not, remove them using instructions you can find placed below this article. You can, of course, also use an automatic malware remover SpyHunter. This automatic tool will find and delete all the components that belong to ODCODC Ransomware, and it will take care of other computer infections that might be installed on a user’s computer in the blink of an eye.

Remove ODCODC Ransomware

1. Open the Windows Explorer.
2. Enter %APPDATA% into the address bar and tap Enter.
3. Find and delete cript.bat and cript.exe files.
4. Launch RUN and enter regedit.exe.
5. Move to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
6. Remove the following Values: Crr1 and Crr2.
7. Empty the Recycle bin.