How To Remove .RDM extension ransomware (Radamant Ransomware Kit)

Is your system get infected by .RDM extension ransomware? Is your files extension automatically get changed by .RDM? Are you unable to access any of your system files and folders? Looking for any easy method to unlock your files and remove this nasty ransomware virus? Go through this guide to easily get rid of this nasty .RDM extension ransomware virus.

.RDM extension ransomware

Actually .RDM extension ransomware is the file extension of Radamant Ransomware Kit. It is a harmful ransomware virus that can get inside your computer silently and encrypt your data using the AES-256 encryption algorithm. It will demand a ransom amount of 0.5 Bitcoins, or $230.88 USD (approximately), to unlock your files. This nasty threat will lock all your system files and data. It will change the extension of your file with .RDM extension. It is very hard to say how this nasty Ransomware get spread but it normally get installed as a .temp file through %Temp% folder. This kind of installation techniques shows that Radamant Ransomware Kit or .RDM extension ransomware get installed on your system via exploit kit. After finishing the encryption of your files, it will display a web site that provides the information how to pay the ransom.

Once installed on your machine, Radamant Ransomware or .RDM extension ransomware will create its copy to C:\Windows\directx.exe. After that it will also create some autorun registry keys to get automatically started on your system every time when you login to your Windows. There after it will also scan all your system hard drives for files that match certain extensions. Currently it is able to infect a huge range of file extensions. When Radamant Ransomware find any targeted file, it will automatically generate a unique AES encryption key and lock your file. This encryption key will further get encrypted via a Master key and get embedded into the encrypted file. After that .RDM extension will get added to the infected file. If your system get infected by this nasty ransomware then you must not pay the ransom because it will not unlock your files. The best way to get rid of this infection is to completely remove Radamant Ransomware or .RDM extension ransomware from your computer.


Free Scan your Windows PC to detect .RDM extension ransomware

What To Do If Your PC Get Infected By .RDM extension ransomware

The ransomware infection has been mainly designed with the purpose to scare users and trick their money. It take your files on hostage and demand ransom to return your important data. But now the question is what you can do when your system got infected by .RDM extension ransomware virus? Here are some option that you can use to get rid of this nasty infection.

Don’t Panic – Well the first thing is Don’t panic and then completely check out your system for any working files. If you got any working files then copy it to USB drive.

Pay Ransom – Other option is you can pay the ransom and wait to get your files back. (really a bad option)

Use Backup – Clean you entire system files, remove the infection completely from your PC and restore your files with any backup.

Remove Infection – You can also delete .RDM extension ransomware virus using malware removal tool and remove all the infected files. You can later recover all your data by using any data recovery tool. (In case you don’t have backup of your files.) – Recommended Method.

Reinstall Windows – The last option is reinstall your Windows OS. It will completely remove all your data as well as infection. You will get a completely new infection free PC.

How To Remove .RDM extension ransomware Virus From Your PC

Step 1Boot your computer in Safe mode.

Step 2 – Remove the infected registry entry files.

  • Click Windows Flag and R button together.


  • Type “regedit” and click OK button


  • Find and delete following entries.



HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain “Default_Page_URL”

HKEY_LOCAL_Machine\Software\Classes\[.RDM extension ransomware]

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\[.RDM extension ransomware]

Step 3 – Remove From msconfig

  • Click Windows + R buttons simultaneously.


  • Type msconfig and press Enter


  • Go to Startup tab and uncheck all entries from unknown manufacturer.


Step 4 – Restart your computer normally.

Check your computer now. If the virus has gone then you can start using your computer. If the infection still remains then head to the next step.

Step 5 – System Restore

  • Insert Windows installation disk to CD drive and restart your PC.
  • While system startup, keep pressing F8 or F12 key to get boot options.
  • Now select the boot from CD drive option to start your computer.
  • Then after you will get the System Recovery Option on your screen.
  • Select the System Restore option from the list.
  • Choose a nearest system restore point when your PC was not infected.
  • Now follow the option on your screen to Restore your computer.

If the above manual methods didn’t removed .RDM extension ransomware virus then you have only option to remove infection using a malware removal tool. It is last and the only option that can easily and safely remove this nasty threat from your computer.


Having some alarming questions in your mind? Get your doubt cleared from our experienced tech support experts. Just go to the Ask Your Question section, fill in the details and your question. Our expert team will give you detailed reply about your query.