Windows заблокирова falls into the subcategory of ransomware, a Trojan-type infection that is set to lock your computer’s screen and block applications from running. This is not done without a reason. This ransomware demands that you pay a ransom to get the control of your computer back. This ransomware is rather unique as it does not follow the trend of current ransomware that encrypts personal files rendering them useless. Luckily, Windows заблокирова does not do that, and you can remove it from your PC using the instruction found at the end of this description. Still, if you want to find out more about it, then we invite you to continue reading.
As you can probably tell from its name, this ransomware was created by Russian-speaking cybercriminals that tailored it for the Russian-speaking world. Hence, all text in this ransomware is written in the Cyrillic alphabet. So, apparently, they are not interested in infecting users based in the US, Western Europe or any other place in the world for that matter. So these cyber criminals limit themselves significantly.
Unfortunately, we do not know how this infection is disseminated, but we assume that it may be included along with pirated software or games because piracy websites are still quite popular in Eastern Europe. However, we cannot rule out the possibility of it being featured on adult websites that contain fake download buttons. Since Windows заблокирова has been discovered only recently, there is not much information about its distribution methods. So the only way you can avoid getting it is by avoiding suspicious Russian language websites, or better yet, getting an anti-malware tool that would prevent this ransomware from entering your computer.
As mentioned in the beginning, this ransomware does not encrypt personal files, so you can defeat this infection without severe consequences such as having your files irreversibly damaged. Windows заблокирова is a different kind of ransomware, though we would like to point out that it is not very high-tech. However, it will prevent you from using your computer altogether because if it infects it, then it will launch a full screen window (essentially a lock screen) that will deny you access to the Task bar, and folders and files situated on the desktop. In addition to locking the screen it will also block certain applications from running, so if you have an anti-virus application, then there is a possibility that it will block it from running.
If you want to get back control of your computer, then obviously you have to get rid of this infection. While testing this malware, we found that it drops its files in either %TEMP% or %USERPROFILE%\Downloads. The problem is, however, that its files are named randomly, and there is no way to know for sure which files are legitimate and which are part of this ransomware. Therefore, you have to use common sense to distinguish malicious files from good ones. Look at the file names and file extension. If they are out of the ordinary (contain odd symbols, have many uppercase and lower case letters or the name is just a collection of random letters), inspect and delete them after booting up your PC in Safe Mode.
If you have problems detecting or identifying the files, then we suggest using SpyHunter, a powerful anti-malware tool. Our tests show that this application is capable of detecting and eliminating Windows заблокирова. However, to run it you will have to boot Windows in Safe Mode with Networking to bypass the lock screen.
So there are ways to eliminate this ransomware, and hence no need to pay the ransom. Please follow the instructions on how to boot your PC in Safe Mode with Networking and delete Windows заблокирова manually. Alternatively, you can use SpyHunter as it is more than capable of detecting this ransomware.
Windows 8 & 8.1
Windows 7 & Vista