The Ransom Virus: What It Is and How to Remove It

Wipe this threat from your system

An illustration of ransomware destroying a laptop computer.
Theresa Chiechi / Lifewire

Booted up your computer to find you've been locked away from all your files and a demand for money has been made? You've been infected by a Ransom virus or Ransomware.

Ransom viruses can affect both Windows and Mac based computers. Windows-based machines are more likely to be affected by ransom viruses, but that doesn't mean you're free of the threat on a Mac. 

What Is the Ransom Virus?

The Ransom Virus is a type of malware that infiltrates your computer, preventing you access to your files, and often threatening to erase them all if you don't pay a ransom within a set deadline.

Also known as Ransomware, this virus type is particularly malicious if you don't already have backups of your files stored elsewhere. 

How Do Ransom Viruses Work?

Ransom viruses work by effectively holding your files and data hostage. Since your data is the most valuable part of your computer, the attacker then charges an often considerable sum to unlock the files so you regain access to them.

Some ransomware viruses encrypt the files in a way that mean even if you pay the ransom, they're lost forever. Others allow the creator of the virus the ability to view, copy, and delete your files however they wish to deal with them. 

It's important that you delete the threat quickly, as well as learn how to avoid the threat altogether. 

How Do I Know I Have a Ransom Virus?

Ransom viruses are very difficult to detect. They lurk in the background until they're ready to activate. One of the few methods that work well is to keep an eye on your hard drive activity. 

Do you seem to be losing space and you don't know why? In order to encrypt the files, the ransom virus has to duplicate those files so it takes up substantial space. It's worth keeping an eye on things. 

Another pivotal method is to run regular antivirus software scans or use malware detection tools to spot any potential issues before they get worse. 

How Did I Get the Ransom Virus?

Ransom viruses come from multiple sources. One of the most common methods is via unsolicited emails that contain attachments containing the virus, or links to malicious websites.

You can also be infected by the virus by clicking on suspicious ads or popup banners and receiving files that way. Any form of illicit behavior online can open you up to being infected with Ransom viruses.

How Do I Get Rid of the Ransom Virus?

The most effective way to get rid of a Ransom virus is to use antivirus software, as well as a malware removal app. Both can detect such threats before they cause any damage. 

Antivirus software can take several hours to complete the process, depending on the speed of your computer, but it also offers you the best methods in which to remove the malicious files. 

It's also worth installing a malware removal tool that helps detect malware like Ransomware viruses and delete it before it causes any problems.

Like antivirus software, malware scanning can take many hours depending on the size of your computer's hard drive, as well as its speed. 

Before the Ransom virus has fully encrypted and blocked off your files, you can also use System Restore to return to an earlier point on your computer before you picked up the Ransom virus. Be sure to pick a time period where you know you definitely didn't already have the virus on your computer. 

In certain cases, if you're infected by a Ransom virus, you can lose all your files so it's important to have backups of your computer at all times. 

How Can I Avoid Getting the Ransom Virus Again?

There are a few key ways in which you can lower your chances of being re-infected with a Ransomware malware virus (or receiving any other virus). There are also specific tips that relate directly to this type of virus.

  • Update your antivirus software and malware protection. Keep your antivirus software and malware protection up to date. New virus definitions are released regularly and these keep your PC informed on what to look for with new virus and malware-based threats. 
  • Stick to well-known websites. Ransom viruses can also infect your computer through the suspicious websites you might browse. Clicking on the 'wrong' link can lead to you downloading a form of Ransomware. Be careful on websites such as torrenting sites. 
  • Don't click on banner ads. When a pop-up banner appears when browsing a website, don't click on it. Often, it's safest to go to a different website than stay on a site that inundates you with pop-up adverts.