Ransomware is a type of computer virus that blocks access to a computer and asks the user to pay money first before they can use the computer again, or it may encrypt your files and demand payment to decrypt them—hence its name. This kind of virus is a serious threat since it totally restricts any kind of entry to a computer, rendering common antivirus programs useless. When your computer gets infected with these kinds of malwares, the first thing you should know is that you shouldn’t pay the “ransom,” then you must get rid of it.

Part 1
Part 1 of 3:

Installing an Antivirus to a Bootable Media

  1. 1
    Download a bootable antivirus. Bootable antiviruses are anti-malware applications that can be installed and run on an external storage like a flash drive or a CD.
    • Assuming that the ransomware has already blocked your access to your own computer, you may need to download and install the bootable antivirus on a different PC.
    • Windows Defender Offline is a popular option on Windows for many reasons: it is by the same manufacturer of the operating system, it comes preinstalled on all Windows 8/8.1/10 devices, and is easy to run.
  2. 2
    Install the antivirus to a bootable media. Connect the external media where you want to install the antivirus and click the downloaded file, the antivirus will start installing itself on your preferred external media.
    • Depending on the application you downloaded, you can install the bootable antivirus on a CD or a flash drive, but it’s advisable that you use the latter for easier access because not all PCs have disc drive (like netbooks).
    • Download the antivirus onto a computer that does not have the virus.
    Advertisement
  3. 3
    Disconnect the media from the computer. Once the antivirus has been successfully installed, safely unplug the flash drive from the USB port or remove the CD from the disc drive.
  4. Advertisement
Part 2
Part 2 of 3:

Booting the Infected PC into Safe Mode

  1. 1
    Turn off your computer. Since you can’t shut off your computer normally, press and hold the power button up until the CPU shuts down.
  2. 2
    Access the Advance Boot Options. Press the Power button once again to turn on your computer and as soon as the CPU lights up, press the F8 button on your keyboard and keep doing so until the “Advance Boot Option” appears on your screen.
  3. 3
    Boot into Safe mode. Use the arrow keys on your keyboard to scroll down and select “Safe Mode with Networking” from the list of boot options. Press the Enter key on the keyboard and your computer will restart.
    • What Safe mode does is that it allows your computer to run using only the most basic and necessary program without using third-party applications, including the viruses. This way, any malware that may exist in your PC will stay inactive and can be easily removed.
  4. Advertisement
Part 3
Part 3 of 3:

Getting Rid of the Ransomware

  1. 1
    Connect your external media. Plug in the flash drive into the USB port or place the CD in the disc drive that contains the bootable antivirus application.
  2. 2
    Scan for viruses. Once the external storage has been detected, open My Computer and run the antivirus inside the bootable media. The application should begin scanning for any viruses or ransomware that may be in your computer system.
  3. 3
    Delete the viruses. Once the antivirus application finishes scanning, click the “Delete” button of the antivirus to permanently remove the malware from your computer.
  4. 4
    Restart your computer. Click the “Start/Orb” button on the bottom left corner of the screen and select the “Restart” button to reboot the computer.
    • If you can now access your computer again normally (without going into safe mode), it means that the ransomware has been successfully deleted.
  5. Advertisement

Community Q&A

  • Question
    What antivirus would you recommend?
    Denneisk
    Denneisk
    Top Answerer
    Although this is mostly a matter of opinion, BitDefender was highly rated by "PC Mag," and seems to be increasingly popular.
  • Question
    How do I decrypt infected files if I am using Windows XP?
    Aasim
    Aasim
    Top Answerer
    Unfortunately, with encrypting ransomware, there is no way to get your files back without backup and restore or paying the ransomware.
  • Question
    My laptop is infected with a ransomware that encrypted the files in .TFUDET extension. My laptop loads Windows normally, but none of the encrypted files can be opened. How can the files be decrypted?
    Aasim
    Aasim
    Top Answerer
    Unfortunately, if your files are encrypted, the only way to recover is through backup and restore. You can pay the ransom if you want, but there is no guarantee that you will get your files back. Be aware that it is now considered illegal in some jurisdictions to pay ransomware ransoms.
Advertisement

About This Article

Tested by:
wikiHow Technology Team
wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, 10 people, some anonymous, worked to edit and improve it over time. This article has been viewed 71,813 times.
How helpful is this?
Co-authors: 10
Updated: January 31, 2023
Views: 71,813
Categories: Computer Viruses
Advertisement