Windows Blocked ransomware

Posted: September 15, 2011

Windows Blocked ransomware Description

Windows заблокирован! Ransomware is a Russian ransomware Trojan that locks up your PC into a Windows installation/repair screen and requests that you pay a fee in Ukrainian currency to release Windows from Windows заблокирован! Ransomware's clutches. Paying this fine is unnecessary, since Windows заблокирован! Ransomware isn't capable of making additional attacks on your PC, if you refuse to fund Windows заблокирован! Ransomware's criminal behavior, and Windows заблокирован! Ransomware is neither a legitimate aspect of Windows nor a message from any law-abiding agency. SpywareRemove.com malware researchers recommend the same solution to Windows заблокирован! Ransomware that works for similar types of ransomware Trojans – rebooting into Safe Mode and using a good anti-malware program to delete Windows заблокирован! Ransomware in a system scan.

Windows заблокирован! Ransomware's Initial Hook

Most Windows заблокирован! Ransomware infections are likely to occur after you've been exposed to hostile websites; for Windows заблокирован! Ransomware's purposes, fake pornographic websites are especially convenient hosts. Avoid downloading software updates or interacting with risky advertisements while visiting websites that you don't trust.

After Windows заблокирован! Ransomware sneaks onto your PC (usually in the form of a fake movie player update), Windows заблокирован! Ransomware will lock up your computer and disable all significant actions, including the use of various security programs. Although the screen that Windows заблокирован! Ransomware locks you into is one that looks very similar to a Windows setup screen, Windows заблокирован! Ransomware has no affiliation with Microsoft or any other type of legitimate company.

This screen presents the following message (with a rough translation provided below for convenience):

Windows заблокирован!

Microsoft Security обнаружил нарушения использования сети интернет.
Причина: просмотр нелицензионного гей и детского порно.

Windows is blocked!

Microsoft Security has detected infringement of Internet network usage.
The reason: viewing illegal homosexual and pedophile pornography.

Windows заблокирован! Ransomware follows up this error by instructing you to transfer 200 Hryvnia (a Ukrainian currency) by using the WebMoney money-transferral service. Although Windows заблокирован! Ransomware claims that this will free your computer, there's no reason to follow Windows заблокирован! Ransomware's suggestions, since Windows заблокирован! Ransomware isn't a message from genuine law enforcement and can be unlocked in ways that don't cost you money.

The Magic Key to Unlock Windows заблокирован! Ransomware

Like many other ransomware Trojans, such as Trojan.Ransomlock.H, Trojan.Ransom Fake Federal German Police (BKA) Notice variante, Trojan-Ransom.Win32.Chameleon.mw or Trojan.Ransomgerpo, Windows заблокирован! Ransomware can be removed by judicious application of anti-malware software and suitable PC security tactics. Safe Mode is the recommended environment for deleting any Windows заблокирован! Ransomware infection, since it will avoid triggering the startup entries that allow Windows заблокирован! Ransomware to lock your computer in the first place.

To access Safe Mode on any Windows computer, reboot and tap the F8 key until you see the relevant menu. Several versions of Safe Mode are available, and the 'Safe Mode with Networking' option will allow limited Internet connectivity if you need to install security software or updates.

SpywareRemove.com malware researchers also stress the importance of updating your security software before you use them to delete Windows заблокирован! Ransomware, since similar ransomware Trojans tend to use rootkit capabilities to avoid deletion. Using anything less than a fully up-to-date anti-malware product to remove Windows заблокирован! Ransomware may result in failure.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Windows Blocked ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

Registry Modifications


The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ “Shell” = “[SET OF RANDOM CHARACTERS].exe”

Related Posts

Home Malware Programs Ransomware Windows Blocked ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.