.Igdm Virus


.Igdm is malicious software used for money extortion that security experts classify as ransomware. What .Igdm typically does is it “kidnaps” files from the infected computer by placing encryption on them. After that, it demands a ransom from the owner of the files.


The .Igdm Virus will leave a _readme.txt file behind containing this message.

infections like .Igdm, .Weui, .Nobu and basically hold those files locked until a certain amount of money is paid to the hackers’ account. The ultimate goal of the ransomware is to leave the victims no choice but to transfer the demanded ransom in order to regain access to their information. The files which the virus locks are typically of great value and are commonly used. These could be documents, databases, archives, videos, audios, images and other digital data that is stored on the infected computer. A specially generated ransom note usually informs the victim that the only way they can get their data back is by making the necessary ransom payment. The crooks who control the ransomware in most cases promise that, once they receive the payment, they will send the victims a secret decryption key that can reverse the encryption that has been applied to the files. Sadly, there is no guarantee that they will keep their word and anyone who believes them risks losing their money in vain.

The .Igdm virus

The .Igdm virus is ransomware that can block a variety of digital data by encrypting it with a sophisticated algorithm. If your machine has been infected by the .Igdm virus, you will be denied access to some commonly used files and will be asked to pay a ransom for their decryption key.

Users who have backups of their data and those who can afford to lose the encrypted files without any regrets aren’t likely to be heavily affected by the ransomware’s attack. All they need to do is remove the infection and copy their information back onto the clean computer. The ones that will suffer the most are those who don’t have copies of their files but really need them. Sadly, these people don’t have many options to choose from because nothing they can do will guarantee the complete recovery of the encrypted files. For one, no one can force the anonymous hackers to send them a decryption key, even if they strictly fulfill all the ransom demands. And for another, there is no assurance that if they obtain the key it will manage to successfully reverse the encryption and make the files readable again.

The .Igdm file decryption

The .Igdm file decryption is a data-recovery method that requires a decryption key to be activated. Obtaining the .Igdm file decryption key, however, is not guaranteed since the hackers who keep it may vanish anytime without sending it to the victims.


That is why it is typically inadvisable to send any money to the hackers because it may lead to needless money loss. A much smarter course of action is to seek professional assistance or free file-recovery solutions and tools that can help you remove the ransomware from your computer. That’s why we suggest you point your attention towards the removal guide below and its instructions.


Name .Igdm
Type Ransomware
Data Recovery Tool Not Available
Detection Tool

anti-malware offerOFFER *Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. SpyHunter's EULA,  Privacy Policy, and more details about Free Remover.

Remove .Igdm Virus

The first important thing you must do before you even begin the removal process of .Igdm is to enable Safe Mode on your PC. This will hopefully prevent further encryption of your data and will also block any other malware processes that could make the removal of the virus more difficult. If you need assistance with entering Safe More on your PC, follow the link we’ve provided above and it will send you to a guide where we’ve explained how to access Safe Mode on different versions of Windows.



For the first actual step of the removal process, you must go to the Task Manager app by pressing the Ctrl + Shift + Esc keys. Once the Task Manager appears on your screen, select Processes and look through the processes that are listed in an attempt to find anything that could be linked to .Igdm. You will probably not see a process carrying the name of .Igdm but this doesn’t mean that there isn’t a process in the Task Manager that is related to the Ransomware virus. Possible indicators that a given process may be from the malware are if said process is consuming lots of system resources without being related to a program you have on your computer. Processes with strange and odd-looking names could also be potential suspects. However, if you think that you have found a process that may be coming from .Igdm, it is better to first open your browser and look up the process’ name – it is not uncommon for users to mistake legitimate and important system processes for ones linked to a malware infection. After you confirm that the processes suspected by you is not one that’s coming from your Windows OS, proceed to right-click on it and to select the Open File Location option.


All the files that are in the location folder must be tested for malware – for that, you can use our own antivirus or anti-malware tool and/or you can try out our free online scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    If while you are scanning the files any of them gets flagged as malicious, you must go to the suspicious process from the Task Manager, right-click on it again, and then select the End Process Tree option. After that, delete the whole folder where its files are contained. If you cannot delete the folder because you are not allowed to delete some of the files that are in it, remove the other files from that folder. You will return to this folder the files that cannot be deleted at a later time when you will hopefully be allowed to remove them.


    Go to the System Configuration app by searching for its name in the Start Menu and opening the first result. Next, go to the Startup tab of System Configuration and see if there are any startup items listed there that you don’t recognize and/or that you think may be linked to .Igdm and uncheck them (remove the tick from the checkbox in front of them). Also, do the same with any entries that have Unknown listed under Manufacturer.


    To finalize this step, click on Apply and then on OK to save the changes and close System Configuration.


    Copy the next line, open the Start Menu, and paste it in its search field: notepad %windir%/system32/Drivers/etc/hosts. Next, press Enter and when a file named Hosts opens, look towards the bottom of the text, where it says “Localhost“. If there are any lines written below this, copy all of them and send them to us through the comments section below this article. It is possible that those lines are from the Ransomware but we cannot be sure until we have a look at them.

    hosts_opt (1)

    Once we look at the lines you’ve sent us, we will tell you if they are linked to the virus. If it turns out that they are indeed related to .Igdm, delete those lines from the Hosts file and then press Ctrl + S or go to the Edit menu of the file and click on Save to save the changes.


    The next thing you must do is find items linked to .Igdm inside your PC’s Registry and delete them. However, since there are many sensitive and important system settings and data stored in the Registry, you must be very careful with what you are deleting. If you come across an item you aren’t sure whether you should delete, it’s highly advisable to first tell us about it through the comments. Only once we confirm that you must remove the item(s) in question should you delete it(them). Otherwise, you may end up deleting something that is important to the regular functioning of your computer leading to all sorts of unpredictable and unforeseen consequences.

    Now, to get to the Registry Editor, simply type regedit in the Start Menu, open regedit.exe, and provide your Admin authorization to allow the Registry Editor to make changes to the computer. Once the Registry Editor is open, select the Edit menu and click on Find. In the Find search box, type the name of the .Igdm virus, select Find Next and, if any item with the name of the virus gets found, select that item and press Del from the keyboard to delete it. Click on Find Next again to look for other items with that name and delete everything that gets found until there are no more search results for .Igdm.

    The final thing you must do in the Registry Editor is go to these locations:

    • HKEY_CURRENT_USER > Software
    • HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersion > Run
    • HKEY_CURRENT_USER > Software > Microsoft > Internet Explorer > Main

    Once you navigate to them, look for folders stored in them that have unusually long and seemingly randomly-generated names. For instance, if you see a folder with a very long name that mostly consists of random letters and/or numbers, you should delete it. However, as we said earlier, if you are uncertain about whether any particular folder must be removed, it is always preferable to ask us first before you proceed with the deletion.


    Open the Start Menu again and copy-paste these next lines, one by one, pressing Enter after each to open the file location that they represent.

    1. %AppData%
    2. %LocalAppData%
    3. %ProgramData%
    4. %WinDir%
    5. %Temp%

    In each of these folders, sort the files stored in them by date and then delete all files from the most recent one to the one created just before the Ransomware infection occurred. The only folder in which you must delete everything is the Temp folders so when you are in it, simply press Ctrl + A, then press the Del key, and confirm the deletion.


    How to Decrypt .Igdm files

    The guide from above is aimed at helping you remove the Ransomware which is important for the future security and safety of your PC and files and is also the first important step towards potentially restoring your data. However, removing the virus, in and of itself, will not set your files free. There are several methods that you can try to restore your data after you delete the virus and the ones we deem most effective have been compiled in this separate How to Decrypt Ransomware Files guide that you can visit and use. Of course, the ransom-payment always remains an option but it is something we strongly advise against – it is a variant you should resort to only if there’s really nothing else you can do and you really need to restore the locked files.

    Final Notes

    If completing the current guide didn’t remove the threat from your computer, we strongly recommend that you try out the professional anti-malware tool that has been linked on this page – it is a powerful tool capable of removing all sorts of threats. Also, remember that you can use our online malware scanner for free to test your data for malware and you can also contact us by writing us a comment if you need further assistance with anything related to the removal of .Igdm.


    About the author


    Lidia Howler

    Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

    Leave a Comment

    Buy SpyHunter now and remove any malware immediately

    Remove Now

    $7 / Month          $4.69 / Month*

    33% off expires in


    *Regional prices may vary.