If you have backups, the best strategy is like what they employed in the movie Aliens -- nuke it from orbit. That is, format the drive and reinstall Windows, and restore the data from backups.

No backups? Ask yourself, how much you need those files. You might have to pay the ransom.

You can try to remove the virus, but even if successful, it will not unencrypt those files.

Here's a link with info on how to remove the virus ...

https://malwaretips.com/blogs/remove-osiris-virus/

There is no info there about recovering your data. It's been encrypted in a manner with which even the NSA would have trouble.

You have my sympathies. Ever since my own personal apocalypse -- the great data disaster of 1996 -- I have maintained many backups.

Last edited Thu Dec 8, 2016, 04:33 PM - Edit history (1)

Hello! I have the same problem with Osiris ransomware on my Laptop. I've tried to remove it manualy using Dr.Web, AVG, Recuva but nothing helped. So I've used google and found this guide: http://manual-removal.com/osiris/

It is very simmilar earthshine's link and it promotes SpyHunter tool and claims that it will help me to remove Osiris infection. So I want to ask you if it is true?

Osiris is a file extension and file type appended to files encrypted by a specific variant of Locky ransomware. Extermination of this ransomware can be efficiently accomplished with reliable security software. It is suggested to avoid paying ransomware authors to decrypt your files. Instead, third-party programs Shadow Explorer, PhotoRec, or Recuva could be used to potentially recover files encrypted by this virus.
This ransomware has not been cracked yet, but here is a guide on how to restore to a previous windows restore point for it.
http://guides.uufix.com/how-to-remove-osiris-ransomware-and-recover-encrypted-files/