Loki Virus Removal

This page aims to help you remove the Loki virus. These Loki virus removal instructions work for all versions of Windows.

If your PC has gotten in contact with Loki then you are in for a big surprise. Usually ransomware viruses directly demand for your money for your encrypted files, they don’t steal passwords, credit card information, accounts etc. The main problem with Loki is that although you might be able to uninstall it, your files will not be reverted to normal. The hackers will try to force you to pay a certain amount of money in BitCoins to get your files restored. Decide if you want to pay or try alternative solutions, we have provided a general guide to help you with that.

Loki – steps after initial infection

How does the Loki virus exactly affect your device is probably one of the main questions that comes to your mind right now, right? We will provide you with the answer! To begin will, the ransomware will target all of your stored files as soon as it gets installed on your PC. It doesn’t matter if you have them saved on your hard-drive, , flash drives оr other removable media – they will be affected by the virus. Usually, ransomware targets mainly files containing data that may be useful to you personally and there is a back-thought with that because Hackers aim to get your money, remember? What are you going to pay most for? — Your personal files! Ransomware would make your computer unusable, as not to deprive you of the ability to pay the ransom

Another important thing you should remember is that the malware likes to stay hidden while encrypting your files, so you won’t know that its there at all. This may take few hours, to days or even weeks. One major sign for all computer viruses, in general, is that your device will experience significant slowness in performance and it will only get worse. The encryption process of Loki takes lots of memory and CPU.

Once the encryption has completed the malware will reveal itself in a ‘good mood’ and it will insist that you submit a ransom payment in the form of BitCoin. It tends to give you a deadline to submit the payment to simply put pressure on you and stress you out. DON’T BUY INTO THIS!!!! This is just a way for Hackers to get your money and there is no 100% guarantee that you will get what you paid for. In fact, this is not likely to happen! Hackers don’t issue refunds or give you a receipt for the financial transaction.

Why do Hackers want you to pay with BitCoin?

Simple: BitCoin is an online currency that has been purchased with cash and could be turned into cash again, but while its in the form of BitCoin it’s untraceable and no branch of authority can find how much hackers have actually made via BitCoin.

How did Loki infect my computer?

One famous way for your computer to get infected with this particular type of malware is through another virus — Trojan horse — the worst one of all. The trick here is that Trojan horse is very hard to be found because it’s tricky. if you’ve seen the movie Troy you will remember that the wooden horse seemed completely innocent and safe until the Greeks came out of it and captured the city of Troy. Well, the computer virus works the exact same way — quite at first and very vulnerable a moment later. The Trojan horse has the function to install new viruses all on its own. The best way to protect yourself from it is to download specialized software to your PC BEFORE you get the virus.

There are some fake programs out there that guarantee your safety from the bad effects of the Loki virus. REMEMBER: NOT EVERY SOFTWARE ADVERTISED IS REAL!!! In fact, all ransomware viruses that can be decrypted have that information listed for free.

When you are going over the removal guide, keep in mind, that the file recovery method suggested won’t endanger the encrypted files, so you can choose to pay if files are very important to you and nothing else has worked to help you until now.


Name Loki
Type Ransomware
Danger Level High — one of the worst viruses you can get.
Symptoms  When your computer has been infected with ransomware the first and most obvious sign of it is slowness in performance of your device. By the time the ransom demand is shown it will reveal itself.
Distribution Method Ransomware could get distributed through attachments or other malware that you already have on your PC.
Detection Tool Malware are notoriously difficult to track down, since they actively try to deceive you. Use SpyHunter – a professional parasite scanner to make sure you find all files related to the infection.


Remove Loki

Readers are interested in:

Loki Virus Removal

Reboot in Safe Mode (use this guide if you don’t know how to do it).

This is the first preparation.

Loki Virus Removal

The first thing you must do is Reveal All Hidden Files and Folders.

  • Do not skip this. Loki may have hidden some of its files.

Hold the Start Key and R – copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

Loki Virus Removal

If there are suspicious IPs below “Localhost” – write to us in the comments.


Type msconfig in the search field and hit enter. A window will pop-up:

Loki Virus Removal

Go in Startup —> Uncheck entries that have “Unknown” as Manufacturer.

Loki Virus Removal

Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are a virus. Google them or ask us in the comments.


Right click on each of the virus processes separately and select Open File LocationEnd the process after you open the folder, then delete the directories you were sent to.

Loki Virus Removal

Loki Virus Removal

Type Regedit in the windows search field and press EnterOnce inside, press CTRL and F together and type the virus’s Name. 

Search for the ransomware  in your registries and delete the entries. Be extremely careful –  you can damage your system if you make a big mistake.

Type each of the following in the Windows Search Field:

  1. %AppData%
  2. %LocalAppData%
  3. %ProgramData%
  4. %WinDir%
  5. %Temp%

Delete everything in Temp. The rest just check our for anything recently added. Remember to leave us a comment if you run into any trouble!

Loki Virus Removal 

How to Decrypt files infected with Loki

There is only one known way to remove the virus’ encryption that MAY work (no guarantees) – reversing your files to a previous state. There are two options you have for this:

The first is using a system backup. Search for Backup and Restore in the windows search field —–> “Select another backup to restore files from”

Loki Virus Removal

If you have no backups, your option is Recuva

Go to the official site for Recuva and download its free version. When you start the program, select the file types you want to recover. You probably want all files. Next select the location. You probably want Recuva to scan all locations.

Click on the box to enable Deep Scan. The program will now start working and it may take a really long time to finish, so be patient and take a break if necessary.

You will now get a big list of files to pick from. Select all relevant files you need and click Recover.

Did we help? Share your feedback with us so we can help other people in need!


About the author


Violet George

Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

Leave a Comment