If you see _HOWDO_text.html on your computer’s desktop, you are probably infected with serious cyber infection. This file belongs to one of the files that today's most dangerous ransomware -- ODIN virus and appears on the computer once the virus is done encrypting data. Taking a few steps back, we should talk a bit about what the ransomware virus is, in the first place. In the most general terms, it is a malicious application which breaks into computers with the help of Trojans, exploit kits or spam. The software is designed to scan the system and external storage drives that might be plugged into the computer for various file extensions, and when these extensions are detected, it encrypts them with a sophisticated cipher. Virus creators use the locked files to blackmail their owners and demand them to pay considerable amounts of money to get these files back. These demands and further data recovery instructions are listed in the documents that the virus creates on the infected computer’s desktop and every folder with malware-affected files. For this reason, these documents have been dubbed ransom notes.
Apart from _HOWDO_text.html, Odin virus usually drops two more files -- _5_HOWDO_text.html and _HOWDO_text.bmp. In these documents the criminals provide their victims with a short run-through of what happened to their computers and give recommendations on how they can fix it. The victims are demanded to transfer hundreds of dollars to an anonymous BitCoin account. They are also provided with an identification number and an email for the supposed support service. Though these ransom notes are not infectious themselves (ODIN executable is responsible for the data encryption) they signify serious problems. Though you should remove _HOWDO_text.html from your PC, you should make sure you eliminate it along with the virus itself. Otherwise, even this seemingly innocent file can help the virus regenerate and infect your future files. To make sure your system is completely clear, please run reputable antivirus utility, such as Reimage to scan your system.
_HOWDO_text.html is automatically generated after the ODIN virus infects and encrypts the computer. This file does not travel on its own. For it to appear on your computer, you have to be infected with ODIN ransomware. As we have mentioned, you may accidentally download this virus on your computer along with Trojan-infested software or files; the virus may also come attached to spam emails and camouflage itself as a legitimate Word, PDF file or a Dropbox link. You should by no means download unknown software or files. Even if you obtain some application from a source you trust, you should scan it with an antivirus utility just in case. You can never be too careful.
If you already see _HOWDO_text.html on your computer do not panic. Disconnect your device from the network immediately and run it in Safe Mode. When you reboot your computer, scan it with an antivirus utility without delay. In case the scan does not initiate, this might mean that you will need to decontaminate the infection manually. Follow the instructions provided in our recently published ODIN removal guide. After you unblock your antivirus, don't forget to scan your computer again.
Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.