Badblock ransomware damages Windows so it won’t boot anymore



We’ve just posted the following news: Badblock ransomware damages Windows so it won’t boot anymore[newsimage][/newsimage]

Security researchers from Sensor Tech have found a new ransomware variant that damages Windows installations on purpose in such a way that the OS will no longer start.

            Read the full article here: [](

            Please note that the reactions from the complete site will be synched below.


News not also told…

thanks to Emisoft’s security researcher Fabian Wosar. He has made a free tool that is able to decrypt files encrypted by Badblock.


As for that encrypted ntoskrnl.exe file, if you know a person who has the [I]exact[/I] same version of Windows as you (preferably with the same updates as you), you can simply copy the file from said person on to a flash drive. You should then be able to use a bootable disc (there are plenty of them: Ubuntu, Hiren’s BootCD, your own Windows (re)installation media… take your pick), and replace the encrypted file with an unencrypted file.

You might also want to run a malware scan before booting. Did I mention there are plenty of anti-malware rescue discs just waiting to be downloaded? In my experience, that’s the best way to clean up those nasty root kits.