How to Get Rid of Ransomware

Ransomware is a type of computer virus that blocks access to a computer and asks the user to pay money first before they can use the computer again, or it may encrypt your files and demand payment to decrypt them—hence its name. This kind of virus is a serious threat since it totally restricts any kind of entry to a computer, rendering common antivirus programs useless. When your computer gets infected with these kinds of malwares, the first thing you should know is that you shouldn’t pay the “ransom,” then you must get rid of it.

Part 1
Part 1 of 3:

Installing an Antivirus to a Bootable Media

  1. Image titled Get Rid of Ransomware Step 1
    1
    Download a bootable antivirus. Bootable antiviruses are anti-malware applications that can be installed and run on an external storage like a flash drive or a CD.
    • Assuming that the ransomware has already blocked your access to your own computer, you may need to download and install the bootable antivirus on a different PC.
    • Windows Defender Offline is a popular option on Windows for many reasons: it is by the same manufacturer of the operating system, it comes preinstalled on all Windows 8/8.1/10 devices, and is easy to run.
  2. Image titled Get Rid of Ransomware Step 2
    2
    Install the antivirus to a bootable media. Connect the external media where you want to install the antivirus and click the downloaded file, the antivirus will start installing itself on your preferred external media.
    • Depending on the application you downloaded, you can install the bootable antivirus on a CD or a flash drive, but it’s advisable that you use the latter for easier access because not all PCs have disc drive (like netbooks).
    • Download the antivirus onto a computer that does not have the virus.
    Advertisement
  3. Image titled Get Rid of Ransomware Step 3
    3
    Disconnect the media from the computer. Once the antivirus has been successfully installed, safely unplug the flash drive from the USB port or remove the CD from the disc drive.
    4. Advertisement
Part 2
Part 2 of 3:

Booting the Infected PC into Safe Mode

  1. Image titled Get Rid of Ransomware Step 4
    1
    Turn off your computer. Since you can’t shut off your computer normally, press and hold the power button up until the CPU shuts down.
  2. Image titled Get Rid of Ransomware Step 5
    2
    Access the Advance Boot Options. Press the Power button once again to turn on your computer and as soon as the CPU lights up, press the F8 button on your keyboard and keep doing so until the “Advance Boot Option” appears on your screen.
  3. Image titled Get Rid of Ransomware Step 6
    3
    Boot into Safe mode. Use the arrow keys on your keyboard to scroll down and select “Safe Mode with Networking” from the list of boot options. Press the Enter key on the keyboard and your computer will restart.
    • What Safe mode does is that it allows your computer to run using only the most basic and necessary program without using third-party applications, including the viruses. This way, any malware that may exist in your PC will stay inactive and can be easily removed.
    4. Advertisement
Part 3
Part 3 of 3:

Getting Rid of the Ransomware

  1. Image titled Get Rid of Ransomware Step 7
    1
    Connect your external media. Plug in the flash drive into the USB port or place the CD in the disc drive that contains the bootable antivirus application.
  2. Image titled Get Rid of Ransomware Step 8
    2
    Scan for viruses. Once the external storage has been detected, open My Computer and run the antivirus inside the bootable media. The application should begin scanning for any viruses or ransomware that may be in your computer system.
  3. Image titled Get Rid of Ransomware Step 9
    3
    Delete the viruses. Once the antivirus application finishes scanning, click the “Delete” button of the antivirus to permanently remove the malware from your computer.
  4. Image titled Get Rid of Ransomware Step 10
    4
    Restart your computer. Click the “Start/Orb” button on the bottom left corner of the screen and select the “Restart” button to reboot the computer.
    • If you can now access your computer again normally (without going into safe mode), it means that the ransomware has been successfully deleted.
    5. Advertisement

Community Q&A

  • Question
    What antivirus would you recommend?
    Denneisk
    Denneisk
    Top Answerer
    Although this is mostly a matter of opinion, BitDefender was highly rated by "PC Mag," and seems to be increasingly popular.
  • Question
    How do I decrypt infected files if I am using Windows XP?
    Aasim
    Aasim
    Top Answerer
    Unfortunately, with encrypting ransomware, there is no way to get your files back without backup and restore or paying the ransomware.
  • Question
    My laptop is infected with a ransomware that encrypted the files in .TFUDET extension. My laptop loads Windows normally, but none of the encrypted files can be opened. How can the files be decrypted?
    Aasim
    Aasim
    Top Answerer
    Unfortunately, if your files are encrypted, the only way to recover is through backup and restore. You can pay the ransom if you want, but there is no guarantee that you will get your files back. Be aware that it is now considered illegal in some jurisdictions to pay ransomware ransoms.
Advertisement

You Might Also Like

Detect Ransomware on iPhone or iPad
How to
Detect Ransomware on iPhone or iPad
Prevent HackingStay Safe From Hackers: Protecting Your Accounts & Devices
Prevent Your Cell Phone from Being Hacked
How to
Prevent Your Cell Phone from Being Hacked
Create a Virus
How to
Create a Virus
Get a Computer Virus
How to
Get a Computer Virus
Detect and Remove Keyloggers
How to
Detect and Remove Keyloggers
Locate Viruses Using the Attrib Command
How to
Locate Viruses Using the Attrib Command
Does Factory Reset Remove VirusDoes a Factory Reset Remove Viruses? What You Need to Know
Tell if Your Computer Is Infected by a Trojan Horse
How to
Tell if Your Computer Is Infected by a Trojan Horse
Get Rid of Trojan Horses
How to
Get Rid of Trojan Horses
Remove Malware
How to
Remove Malware
Know if You Have Spyware on Your Computer
How to
Know if You Have Spyware on Your Computer
Remove a Worm Virus
How to
Remove a Worm Virus
Detect Malware
How to
Detect Malware
Advertisement

References

  1. https://www.ic3.gov/Media/Y2016/PSA160915

About This Article

Tested by:
wikiHow Technology Team
wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, 10 people, some anonymous, worked to edit and improve it over time. This article has been viewed 71,813 times.
How helpful is this?
Co-authors: 10
Updated: January 31, 2023
Views: 71,813
Categories: Computer Viruses
Advertisement