Attention! Pour des raisons de sécurité windows a été bloqué is a new ransomware virus application now targeting many computers in France. This type of malware program locks your computer completely and asks for the ransom to be paid on your part in order to unlock it. Users are being accused of watching illegal content over the Internet and performing other criminal actions forbidden by the legislation of France. This warning is supposedly originated by French Police (Gendarmerie Nationale), however, this well-known organization has nothing to do with spreading such scary information. The saddest part about this malware program is that it disables your computer and does not allow you to do anything with it.
Important! If the below-mentioned ransomware removal solution did not help you please consider another similar guide available here.
This virus is similar to Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert virus previously described by us in this blog. It is even obvious that the developers of this scareware are the same people. These are cyber crooks, frauds and criminals that aim to become richer by tricking, fooling and deceiving users. They want to persuade you to indicate certain Ukash voucher code or Paysafecard PIN code in the respective field, and then they promise you that your PC will be restored to normal and fully functional mode. Do not follow their admonitions and do not trust them. Paying for the ransom to unlock your computer is the worst decision that can ever be made. In order to unlock your computer from Attention! Pour des raisons de sécurité windows a été bloqué virus please follow the removal guide provided below. These removal instructions are totally free. If these guidelines were helpful please share this information with other people.
Ransomware removal sequence of steps:
- Restart your system into Safe Mode with Command Prompt. While your PC is booting hit “F8 key” on your keyboard repeatedly. This will lead you to “Windows Advanced Options Menu” as depicted below. Apply your arrow keys to go to Safe Mode with Command Prompt and then hit Enter key. Important! You need to login as the same user you were previously logged in with in the normal Windows mode. Please find more detailed information on rebooting into safe mode in this guide.
- While Windows boots the Windows command prompt will appear as depicted in the screenshot below. In the command prompt you need to type “regedit” (without quotation marks) and hit Enter. The Registry Editor window comes up.
- Find the following registry entry:
- Once Windows OS boots you will not see any desktop icons. Do not panic, this problem will be resolved soon. First of all, use the key combination “Ctrl+Alt+Del” or “Ctrl+Shift+Esc” (recommended) and launch Task Manager. Click File → New Task (Run…)
- This would open Internet Explorer broswer. Now you must download clean explorer.exe file and over-write the existing one which is infected. Please make sure you download the correct file for your version of Windows OS:
- Open up Task Manager once again. For this purpose click File → New Task (Run…) as you made in previous steps.
- Type in regedit and click OK to open Registry Editor.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
In the righthand panel select the registry key named Shell. Right click on this registry key and select Modify.
The default value is Explorer.exe.
Now you must amend the value data to iexplore.exe. Click OK to save your changes and now quit (shut down) the Registry editor.
Now return to “Normal Mode“. In order to reboot your PC, at the command prompt, type “shutdown /r /t 0” (without quotation marks) and hit Enter.
Type in iexplore and hit OK or click Enter keyboard button.
Click on the link to download the file. Select Save. Then go to C:\Windows folder and select available explorer.exe file. Click Save to overwrite the malicious explorer.exe file.
Find the same registry entry referred to in the step 3 of this tutorial.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
In the righthand panel choose the registry entry with the name Shell. Right click on this registry entry and select Modify. Delete iexplore.exe and type in Explorer.exe as it was initially. Click OK to save performed amendments.
Shut down Registry Editor and reboot your PC now. This should reslove your problem. The last but not the least – make sure to scan your PC with reliable and powerful anti-virus software.
Important! If this ransomware removal solution did not help you please consider another similar guide available here.
