Remove Spamhaus ransomware

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

The cyber world is under the attack of a new ransomware these days, which is called Spamhaus. This is a fake Spamhaus warning, in fact. What is a real Spamhaus then? According to the information available, Spamhaus tracks the Internet’s spam senders and spam services, provides dependable realtime anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide. Spamhaus organization (called the Spamhaus Project Ltd.). is located in Geneva, Switzerland. Definitely, this organization is necessary in the online world today in order to stop spam from being distributed and to punish those responsible for such actions. It is surely regretful thing to know that hackers use the name of this decent Swiss organization for reaching their many evil goals and plots. So, they’ve invented a special desktop locker that completely disables your screen and puts a scary warning in front of you, which says this:

Spamhaus ransomware

Spamhaus online agent v. 2.0.8
The Spamhaus project
Working to Protect Networks Wordwide
You have 48 hours left to enter your payment.
You have lost control over your computer. Your system and all your files has been blocked and encrypted because you were spreading the Malware (viruses, Trojans, worms). You are breaking numerous International and USA laws.

As you see, the condemnation contained here is quite severe, yet it is a fake alert, not being associated with Spamhaus at all. And, surely, you must not pay any fine, because this is not a real fine. This is the ransom. The money in this case goes directly into the pockets of the crooks, the authors of the Spamhaus ransomware. The locker will instruct you to pay certain funds through MoneyPak PIN code. But you should never act as instructed by the crooks. Don’t trust any statement you see at this locker. In order to remove this scam from your computer you will most probably need to restore your computer using the system recovery disk, or you may follow the guidelines below. Good luck!

Ransomware unlocking procedure

Note! This tutorial is effective for all GreenDot MoneyPak, Ukash and Paysafecard ransomwares.

  1. Restart your computer and press F8 while it is restarting.
  2. Choose safe mode with networking.
  3. safe mode with networking

  4. Press Start menu and select Run, or press [Win]+R on keyboard.
  5. Run command

  6. Type msconfig
  7. msconfig

  8. Disable startup items rundll32 turning on any application from Application Data.
  9. Restart your system once again.
  10. Scan your system with GridinSoft Trojan Killer to identify file and delete it.

Some versions of these viruses disable all safe modes, but give a short gap that you can use to run anti-malware programs. Then do following:

  1. Reboot normally.
  2. Click Start and choose Run.
  3. Enter the text specified in the quotation below. If malware is loaded, just press Alt+Tab once and keep entering the string blindly then press Enter.

  5. Press Alt+tab and then R (letter) a couple of times. The process of ransomware virus should be killed after you succeed to download, install our recommended software and scan your PC with it.

Download GridinSoft Trojan Killer for thorough system checkup

(Visited 350 times, 1 visits today)

Related posts:

Leave a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.