Remove Fake BSOD Ransomware and Restore Your PC - How to, Technology and PC Security Forum |

Remove Fake BSOD Ransomware and Restore Your PC

A ransomware is reported to lock the user’s web browser, demanding money in return for the fix. The ransomware pretends to be an official BSOD error caused by Windows failure. It also includes a phone number to contact the cyber-criminals. All users who have been infected are strongly advised NOT to pay any ransom “fees” offered by the fake Microsoft representatives and to install special software that will remove this virus.

NameJS/FakeBsod.A Ransomware
Short DescriptionThe virus uses malicious JavaScript code to restrict access to the buttons of the web browser of the user.
SymptomsThe user may witness a Fake BSOD scareware message imitating the official Microsoft one and claiming his computer has malware along with a phone number attached.
Distribution MethodVia PUPs, installed by visiting a suspicious third-party site or malicious attachments.
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by JS/FakeBsod.A Ransomware
User ExperienceJoin our forum to follow the discussion about JS/FakeBsod.A Ransomware.
Data Recovery ToolWindows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.


Fake BSOD Ransomware – How Did I Get Infected

This ransomware has been reported by Microsoft malware researchers to infect users using a malicious JavaScript. Such script may come onto your web browser via several different techniques:

  • It may be inserted automatically via a PUP (Potentially Unwanted Program) that displays ads and redirects to sites containing it.
  • Via spam e-mails that may contain malicious web links or attachments.
  • Through spam messages in online forums or social networks.

Once the java script is activated it may create an exploit, connect to a remote host send information about the computer about to be infected and download the appropriate payload of the virus.

Fake BSOD Ransomware – How Does It Work?

Once activated, the payload of the ransomware may create registry entries in the registry key of your web browser to activate its payload. If you are running Google Chrome, the location would be the following, for example:


After activating its payload, the next time you run your web browser, the ransomware may prevent you from executing any control commands such as closing it or typing a website as well as using shortcuts and bookmarks. This is done by using the malicious JavaScript to intercept the commands.

Furthermore, the virus also uses a scareware message, such as the following:

BSOD : Error 333 Registry Failure of operating system – Host :
Please contact Microsoft technicians At Toll-Free: {Phone Number}
To Immediately Rectify issue to prevent Data Loss.”

This scareware message is used to trick inexperienced users to pay for the “fixing” of the issue. However, the only issue on the computer may be the malware causing the Fake BSOD. Its phone number is featured to use social engineering tactics and extract information such as credit card details or personal info from users.

Remove Fake BSOD Screen and Restore Your Browser

To get rid of this ransomware unfortunately, you need to reinstall your web browser, clean up your Registries and scan your computer with an advanced anti-malware software. Scanning it will make sure any concealed files of the malware are discovered. The typical locations for those may be:


For effective results, you may want to follow the step by step instructions outlined below:

1. Boot Your PC In Safe Mode to isolate and remove JS/FakeBsod.A Ransomware
2. Remove JS/FakeBsod.A Ransomware with SpyHunter Anti-Malware Tool
3. Uninstall your web browser to get it rid of JS/FakeBsod.A Ransomware from it.
Optional: Using Alternative Anti-Malware Tools
NOTE! Substantial notification about the JS/FakeBsod.A Ransomware threat: Manual removal of JS/FakeBsod.A Ransomware requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share