This page aims to help you remove File .RDM Virus Extension AKA Radamant. These File .RDM Virus Extension/Radamant removal instructions work for all versions of Windows.
File .RDM Virus Extension is a computer virus of the most feared and despised variety – Ransomware. In case you are not familiar with this specific type of malware we will be providing some background information and observations, as well as general advice in addition to, of course, how to deal with this threat.
|Symptoms||Your files are inaccessible and with a strange extension after their file name.|
|Distribution Method||There are other types of infection but universally you should always be concerned about a possible Trojan Horse in addition to File .RDM Virus Extension.|
1: Enter Safe Mode.
2: Remove File .RDM Virus Extension from your system.
3: Permanently delete File .RDM Virus Extension from Task Manager’s processes.
4: Uninstall the virus from Regedit and Msconfig.
What you have probably discovered and what has probably turned to disbelief is most of your personal files have been inaccessible and with some strange and unfamiliar extension after their file name. Then there’s the message on your desktop explaining what File .RDM Virus Extension is and what you need to do in order to get things back to normal. Do not trust that message, act swiftly but do not overact to the initial shock that is sure to follow this discovery.
What are you really dealing with?
There are two types of Ransomware threats. One of them is not really encrypting your files but is instead creating a smoke screen of sorts by locking your desktop with pictures, often pornographic in nature or in some other way embarrassing, threatening to falsely expose you if you don’t send money to a certain account or a SMS message to a phone number with premium-rate taxing. This is the better variant of the two.
Unfortunately File .RDM Virus Extension/Radamant is of the other type. The type of ransomware that is indeed encrypting your most accessed files (note that no system files will be affected, only your personal ones), thus making it impossible to open them or alter them safely in any way. The encryption is accomplished with the help of public key cryptography and basically what the criminals would be offering you is the decryption key in exchange for your money.
Are there alternatives to paying the ransom?
We strongly recommend resorting to paying the ransom only as an absolutely last resort effort to recover your files. There are other possible solutions out there and we will be providing you the necessary information to try and execute the most likely to get your files back.
There are at least two major reasons no to resort to paying the ransom. First and foremost, there is no reason to believe whatsoever that these people, who are in fact nothing but cyber criminals, will keep their word and send you a decryption key. It is way more likely that more money will be demanded of you instead.
The other reason is in some way equally important, especially on a global scale. By paying the ransom money you will be essentially supporting an increasingly big and dangerous industry, grossing annually millions of dollars. There is no other solution for this issue than to stop paying the ransom money.
We should warn you – there is no guarantee that you will get your files back. In fact depending on how much time has passed since the initial encryption this might be completely impossible at this point. What we can promise you though is our methods are your best change to recover all or at least some of your encrypted files. Do not trust any warning that attempts at manipulation of the files will result in their deletion. What we will be describing is something completely different and it will in no way endanger further your files.
File .RDM Virus Extension (Radamant Ransomware) Removal
Reboot in Safe Mode (use this guide if you don’t know how to do it).
This is just the first preparation.
The first mandatory thing is to allow you to see Hidden Files and Folders. Each version of Windows does this slightly differently.
- I repeat – it’s extremely important you do this. File .RDM Virus Extension may have hidden some of its files and you need to see them to delete them.
Hold the Start Key and R again – but this time copy + paste the following and click OK:
A .txt file will open – don’t type or change it. If you are hacked and someone has access to your PC, there will be a bunch of other IPs connected to you at the bottom. This is what a hosts file looks like:
If there are a bunch of strange IPs connecting to you below “Localhost” you may be hacked, and it’s best to ask us in the comments for directions.
Right click on each of the malware processes separately and select Open File Location. Also, End the process after you open the folder. Just to make sure we don’t delete any programs you mistakenly took for a malware, copy the folders somewhere, then delete the directories you were sent to. There’s a good chance File .RDM Virus Extension is hiding somewhere in here.
VERY IMPORTANT! DO NOT SKIP!
The next section is extremely important if you are to successfully and completely extirpate File .RDM Virus Extension from your system. At the same time it is extremely important not to get distracted and follow our instructions to the latter. You will need to alter important operating system files, so any error might have a disastrous effect on your whole set-up.
We only encourage our readers to continue with this manual approach if they feel completely confident and at peace with the fact that there might be some inadvertent damage dealt to your device if you screw up. If you are not feeling confident or simply don’t like taking such chances they we urge you to consider downloading and installing a professional scanner and remover.
Right click on each of the virus processes separately and select Open File Location. Also, End the process after you open the folder. Just to make sure we don’t delete any programs you mistakenly took for a virus, copy the folders somewhere, then delete the directories you were sent to.
Take a look at the following things:
Type msconfig in the search field and hit enter: you will be transported to a Pop Up window.
Go in the Startup tab and Uncheck entries that have “Unknown” as Manufacturer.
Type Regedit in the windows search field and press Enter.
Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If you can’t find them this way, look in these directories, and delete/uninstall the registries manually:
- Type regedit in the Windows Search Field. Search for the ransomware (try typing its name) in your registries and delete anything with that name. But be extremely careful – if you delete the wrong thing here, you can damage your system.
- Type %temp% in the Windows Search Field and delete all the files in the folder you are transported to.
Remember to leave us a comment if you run into any trouble!
How to Decrypt files infected with File .RDM Virus Extension
There is only one known way to remove this virus successfully, barring actually giving in the to the demands of the people who created the virus – reversing your files to a time when they were not infected.
There are two options you have for this:
The first is to do a full system restore. This can take care of the file extension for you completely. To do this just type System Restore in the windows search field and choose a restore point. Click Next until done.
Your second option is a program called Recuva
Go to the official site for Recuva and download it from there – the free version has everything you currently need.
When you start the program select the files types you want to recover. You probably want all files.
Next select the location. You probably want Recuva to scan all locations.
Now click on the box to enable Deep Scan. The program will now start working and it may take a really long time to finish – maybe even several hours if your HDD is really big, so be patient and take a break if necessary.
You will now get a long list of files to pick from. Select all relevant files you need and click Recover.
Did we help? Found an alternative solution? Share your feedback with us so we can help other people in need!