Jump to content
BANGKOK
DPKANKAN

KODG Ransomware virus

Recommended Posts

Ok people. For my sins I do some volounteering here. (Actually, 'personal research' because I cannot even volounteer).
Well, the computer I used got hacked by a Ransomware virus. The KODG virus. Not sure how it got in because I rarely use the internet, but backtracking, trying to do a reset, an unusually timed Windows Update started, about the time the virus hit.
There was no ransom request, just a sleuth of programmes opening and it went berserk.
Having found the name I googled it, found out about it and set about getting rid. Downloaded an anti-malware programme, started it in safe opening mode and it started running. However, it blew up the computer dongle and nothing more. Restarted and straight to safe opening mode.
Local and 2 in Bangkok, Thai computer companies, said they cannot do.
Is there any computer whizzkids out there please who has any knowledge of this and could help.
Thanks

  • Sad 1

Share this post


Link to post
Share on other sites
1 hour ago, DPKANKAN said:

However, it blew up the computer dongle and nothing more. Restarted and straight to safe opening mode.

?? Which dongle did it blowup and what do you mean by 'safe opening mode'? Did the computer go straight to safe mode after restarting by itself?

Share this post


Link to post
Share on other sites
2 hours ago, chrisinth said:

?? Which dongle did it blowup and what do you mean by 'safe opening mode'? Did the computer go straight to safe mode after restarting by itself?

The wifi dongle. Safe opening mode has to be initiated at startup to restrict files opened and is a troubleshooting mode.

Share this post


Link to post
Share on other sites
2 hours ago, Eindhoven said:

 

Do you have files to save/decrypt? 

 

If not, just run a clean install of Windows 10.

 

Not going to ask about back-ups....

 

https://sensorstechforum.com/kodg-virus/

 

It appears the usual decrypters aren't yet up to speed;

https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/

 

 

There are several important files so cannot just clean it. I would have not asked the community just to clean it. Their operating system is windows 7 for which support is being stopped in the new year.

Share this post


Link to post
Share on other sites

Create a bootable memory stick and boot from there.  Your hard drive should appear in a file manager.  Can you access the "important files" from there, even if it's just to copy for use elsewhere?

Share this post


Link to post
Share on other sites

  

34 minutes ago, DPKANKAN said:

There are several important files so cannot just clean it. I would have not asked the community just to clean it. Their operating system is windows 7 for which support is being stopped in the new year.

 

It looks like that is exactly what you asked. 

 

You certainly didn't mention decryption. It could be that the files weren't yet encrypted. Encryption isn't the first action of the malware.

 

Removing the malware(about which you wrote) does not decrypt your files(if they are encrypted).

Share this post


Link to post
Share on other sites
12 hours ago, treetops said:

Create a bootable memory stick and boot from there.  Your hard drive should appear in a file manager.  Can you access the "important files" from there, even if it's just to copy for use elsewhere?

Will look into that thanks. Was wondering whether you could put an ante malware app on something like that to boot it in to the system to decrypt the damaged files.

Edited by DPKANKAN

Share this post


Link to post
Share on other sites
11 hours ago, Eindhoven said:

  

 

It looks like that is exactly what you asked. 

 

You certainly didn't mention decryption. It could be that the files weren't yet encrypted. Encryption isn't the first action of the malware.

 

Removing the malware(about which you wrote) does not decrypt your files(if they are encrypted).

They were encrypted from the start. Hence the .kodg file tag that I noted in my post. That is what I am looking to remove to recover data.

Share this post


Link to post
Share on other sites
2 hours ago, DPKANKAN said:

They were encrypted from the start. Hence the .kodg file tag that I noted in my post. That is what I am looking to remove to recover data.

I don't know if you have already seen this (and I have only quickly perused it) but it may offer some help?

https://howtofix.guide/kodg-ransomware-removal/?cn-reloaded=1

 

Probably worth checking the authenticity of the site as well.

Share this post


Link to post
Share on other sites
6 hours ago, DPKANKAN said:

They were encrypted from the start. Hence the .kodg file tag that I noted in my post. That is what I am looking to remove to recover data.

 

As I told you...removing the malware does not decrypt the data.

Share this post


Link to post
Share on other sites
19 hours ago, Eindhoven said:

 

As I told you...removing the malware does not decrypt the data.

I was aware of that from my first Google of the virus.

Share this post


Link to post
Share on other sites

Swap a

2 hours ago, DPKANKAN said:

I was aware of that from my first Google of the virus.

 

So? What is it that you are trying to do?

 

Have you run Emsisoft Decryptor for STOP Djvu or are you hoping that someone here has written their own de-encrypter?

 

If they used an offline key, then you have a chance to recover. If not, ......

 

Swap your drive for a new solid state drive and start again. Keep the old drive for if someone ever gets a hold of the private key(if one has been utilised).

Share this post


Link to post
Share on other sites

It is shocking to see someone these days without any decent anti-virus / malware protection.  I have run AVAST (the paid professional version) for a decade, and never one problem ... and I am on the internet 24/7.  You may want to begin by installing their free version, running a "Boot Level Scan" and wait to see the results.

 

https://www.avast.com

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...