YOUR COMPUTER HAS BEEN BLOCKED is a message that accompanies quite a few tech support scams, as well as some ransomware viruses. Those scams can appear on your PC in a lot of ways, the worst of which is due to a Trojan horse. Most of the scams have websites spreading them, which can lock you out of your browser to a point you cannot interact with it. A small number of scams are even more complex and integrate with your system on a higher level. They lock your desktop screen, holding your computer hostage, as ransomware viruses do. Fortunately, those scams do not encrypt files. Every scam uses one or more phone numbers. You should carefully read this article to see how to remove such types of malware.

Threat Summary

Name	YOUR COMPUTER HAS BEEN BLOCKED "Virus"
Type	Tech Support Scam
Short Description	A tech support scam stating that your computer is blocked and in some cases actually doing that. The end goal of these scams is to scare you or somehow force you into calling a phone number.
Symptoms	The message “Your computer has been blocked” appearing as a pop-up box, notification, error or as a whole page locking your browser or PC screen. You will be given a phone number and you will be lied to by crooks that you have a virus.
Distribution Method	Freeware Installers, Suspicious Sites, Redirects, Trojan Horse
Detection Tool	See If Your System Has Been Affected by YOUR COMPUTER HAS BEEN BLOCKED "Virus" Download Malware Removal Tool
User Experience	Join Our Forum to Discuss YOUR COMPUTER HAS BEEN BLOCKED "Virus".

YOUR COMPUTER HAS BEEN BLOCKED – Update July 2017

In July 2017, the scams that use the YOUR COMPUTER HAS BEEN BLOCKED message to scare people have increased. Typically, technical support scams use the message to try and trick you that you have a virus on your computer device. One of the latest trends around is the lie that you have the WannaCry virus, which became popular in the middle of month May, and kept being the theme for a lot of malware since then. New websites representing tech support scams are being created, which spread messages with new telephone numbers for you to call alleged Microsoft technicians, claiming that only they can fix your computer. These website pages are most commonly phishing pages that look like either the front page of the Microsoft official website or Google’s security warning that informs you about malicious domains. Be careful, do not call such numbers for unique support technicians, do not provide personal information and do not believe a browser detecting viruses on your PC unless you check with a security program first.

Update July 2017. Unfortunately, these tech support scams continue to spread in the wild, infecting users via various methods. As you will read later in the article, most tech support scammers rely on companies such as Microsoft to make their attempts more successful. The Microsoft approach definitely works at high rates as users tend to call the provided numbers once they see they should contact Microsoft Tech Support for assistance. Please remember that Microsoft doesn’t own a tech support line. This should be a clear indication of your system being invaded. One of the most recent reports by a victim clearly shows that users are easily tricked by the displayed message claiming their computer has been blocked. Remember that calling unsolicited numbers provided in such dubious ways is never a good idea.

YOUR COMPUTER HAS BEEN BLOCKED – Spread

This tech support scam has many variations. That’s why the YOUR COMPUTER HAS BEEN BLOCKED message can be displayed on your computer due to different spread methods. A common way for it to appear is when you are surfing the Web. When you visit websites which are suspicious and of unknown origin, they can spread the scam via redirect links or advertisements. Clicking on the ads or redirects is not always necessary as any interaction with the site might trigger them. Sometimes, just by leaving a website open can drop malicious files on your computer which load other sites supporting the scam. Phishing websites can make the message of the scam appear, too. It is easy to land on such sites because of a single spelling mistake in a URL.

The worst case scenario that can happen to show you the YOUR COMPUTER HAS BEEN BLOCKED message is if you have a Trojan horse present in your system. The Trojan horse may have installed itself using some of the spread methods mentioned above. In other cases, you may have installed it, without realizing that. You may have thought that you are installing an application which is useful. Many such third-party programs come bundled with other freeware and supposedly useful software. Unfortunately, some can secretly install additive features or even malware. To avoid additional content being put in your PC by such installer setups can be managed if your find Advanced or Custom options in the setup.

YOUR COMPUTER HAS BEEN BLOCKED – Details

YOUR COMPUTER HAS BEEN BLOCKED is a message that can appear on your screen from a tech support scam. The message can appear in a website page, notification, an error or a pop-up message. A phone number is always provided, which is supposed to be a number for contacting support technicians from Microsoft or another reputable company from the security sphere.

In some cases, you can experience your screen or browser being locked or an audio message being played for maximum effect. The file is usually played via the Adobe Flash Player or a similar plugin. The audio message can be applied to lots of such websites, especially if the number is not said in the audio file. The voice of a woman or a man urges you to call the number. You can hear such an example from the audio sample right here:

Many of the websites related to these tech support scams are made to look like the official Microsoft website. See an example of a fake Microsoft site from the below screenshot:

People who work in IT or are tech savvy will all tell you the painful truth, that Microsoft does not have a support call line. Knowing that information and seeing a phone number on a copycat site is a dead giveaway, but not for people who are unaware of that fact. You can easily fall victim to such a scam, especially when you are bombarded with pop-up messages such as YOUR COMPUTER HAS BEEN BLOCKED non-stop. The most common variant of such a scam employs a one-page website with a picture background which is a snapshot of the real Microsoft site as seen in the above image. There are two generic messages written inside the pop-ups:

** YOUR COMPUTER HAS BEEN BLOCKED **

Error # 268D3

Please call us immediately at +1-844-730-8222
Do not ignore this critical alert.
If you close this page, your computer access will be
disabled to prevent further damage to our network.

Your computer has alerted us that it has been infected
with a virus and spyware. The following information is
being stolen…

>Facebook Login
>Credit Card Details
>Email Account Login
>Photos stored on this computer
You must contact us immediately so that our engineers
can walk you through the removal process over the
phone. Please call us within the next 5 minutes to
prevent your computer from being disabled.

Toll Free: +1-844-730-8222

*Your Windows (Microsoft) Computer has been blocked*

Windows System Alert!!

Call Microsoft At 1-888-243-3533
You have been blocked from accessing the Internet.
Private and financial data is at RISK:
– Your credit card details and banking information
– Your e-mail passwords and other account passwords
– Your Facebook ,skype,AIM,ICQ and other chat logs
– Your private & family photos and other sensitive files
– Your webcam could be accessed remotely by stalkers

It is Required that you call the number above and get your PC inspected before you continue using your internet, especially for Shopping or Banking.

The second message varies a bit and actually states Your Windows (Microsoft) Computer has been blocked. That exact same message can be seen in the third type of this scam, this time being loaded as a notification or an error box directly inside your desktop computer:

The error box is loaded without the requirement of an Internet connection, and it is displayed, because of malicious software, files and registry entries related to the scam are inside your computer. A Trojan horse is not excluded to be managing those files to remain persistent on your machine, so whatever action your try to perform on your PC, the message to be stuck there. That can also lock your desktop screen, and you could be unable to interact with your computer device just like ransomware viruses do.

The locking of your screen may or may not happen depending on the files residing on your machine and the type of tech support scam. That brings us to the fourth and final variant (for now) of the YOUR COMPUTER HAS BEEN BLOCKED message. Here, the website pushing the scam will lock your browser, and the word blocked in the message will be turned into locked. The website will look exactly like a legitimate Google Chrome Warning for a phishing site or malicious activity. You can see an example in the picture below:

The full text on the site says the following:

Your computer has been Locked
Your computer with IP address – has been infected by the Virus RDN/YahLover.worm!055BCCAC9FEC — Because System Activation KEY has expired & Your information (for example, passwords, messages, and credit cards) have been stolen. Call the Technical Support number +1-844-556-7757 to protect your files and identity from further damage.
Call Technical Support Immediately at 1-844-556-7757
The following data will be compromised if you continue:
1. Passwords
2. Browser History
3. Credit Card Information
The virus is well known for complete identity and credit card theft. Further action through this computer or any computer in the network will reveal private information and involve serious risks.

With that, the main four variants of the YOUR COMPUTER HAS BEEN BLOCKED technical support scam are exposed.

You can check out one of the most notorious such scams in the articles given down here:

• Computervirusalertsystem.today (1-844-730-8222)
• Error #268D3 (1-855-712-8551)
• Sweep Clean PC Pro (1-888-243-3533)

All phone numbers given in the article are for the purposes of giving real examples, and you shouldn’t dial any of them. If you see another website with phone numbers provided in a similar way, you shouldn’t call them.

The cybercriminals on the other end of the phone line will try to keep you on the line and lie to you. The lies go from how you shouldn’t tamper with your PC except when they instruct you, to how you need to provide personal information. They want your personal data to either sell it on the black market to the highest bidder or to empty your bank account if you provide them with your banking credentials. You can read more about how similar phone scams in India make millions for the people behind them. Besides the money, bigger problems could follow, such as identity theft for instance.

YOUR COMPUTER HAS BEEN BLOCKED – Update August 2017

On the first of August, 2017 a ransomware variant with a similar theme has appeared, which pretends to be sent by the Federal Bureau of Investigation (FBI). That ransomware is called the Scotch Tape Locker Virus and locks your computer device, while stopping all access to your computer. It demands a ransom and tries to use a scare tactic to make you pay up. However, you should not pay as this is probably removable. Similar variants have been seen in the past, and it is expected for more of them to pop up in the future as well.

This is how that ransom note looks like:

YOUR COMPUTER HAS BEEN BLOCKED – Update July 2017

The scams do not stop with the tech support related ones, but elevate even further into ransomware cryptoviruses. This has happened a couple of years before, with ransomware that claims that a government agency like the CIA has locked or blocked your computer system and you have to pay a fee or you will end up in jail. The same story repeats itself now in 2017 with that kind of ransomware returning and a prime example of that is the Matrix ransomware virus. You can check out the article about it for further details or just see its ransom note below and see how the FBI (Federal Bureau of Investigation) is being used to scare users like you into giving money:

We have also created a video that should help you remove YOUR COMPUTER HAS BEEN BLOCKED virus from your system:

More removal instructions are available below.

YOUR COMPUTER HAS BEEN BLOCKED Removal

To remove the YOUR COMPUTER HAS BEEN BLOCKED tech support scam and its related files manually from your PC, follow the step-by-step removal instructions provided below. If the manual removal guide does not get rid of the scam and its redirects completely, you should search for and remove any leftover items with an advanced anti-malware tool. Software like that will keep your system secure in the future.

Manually delete YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Windows and your browser

Note! Substantial notification about the YOUR COMPUTER HAS BEEN BLOCKED "Virus" threat: Manual removal of YOUR COMPUTER HAS BEEN BLOCKED "Virus" requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

1. Remove or Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" in Windows

Remove or Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" in Windows.

Step 1: Remove/Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" in Windows

Here is a method in few easy steps to remove that program. No matter if you are using Windows 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program get left behind, and that can lead to unstable work of your PC, mistakes with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:

Hold the Windows Logo Button and “R” on your keyboard. A Pop-up window will appear (fig.1).

In the field type in “appwiz.cpl” and press ENTER (fig.2).

This will open a window with all the programs installed on the PC.
Select the program that you want to remove, and press “Uninstall” (fig.3).

Follow the instructions above and you will successfully uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus".

2. Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Your Browser and Your Registry Editor

Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Your Browser.

Remove a toolbar from Mozilla FirefoxRemove a toolbar from Google Chrome Remove a toolbar from Internet Explorer Remove a toolbar from Safari Fix registry entries created by YOUR COMPUTER HAS BEEN BLOCKED "Virus" on your PC.

Start Mozilla Firefox Open the menu window

Select the “Add-ons” icon from the menu

Select YOUR COMPUTER HAS BEEN BLOCKED "Virus" and click “Remove”

After YOUR COMPUTER HAS BEEN BLOCKED "Virus" is removed, restart Mozilla Firefox by closing it from the red “X” in the top right corner and start it again.

Start Google Chrome and Open the drop menu

Move the cursor over “Tools” and then from the extended menu choose “Extensions“

From the opened “Extensions” menu locate YOUR COMPUTER HAS BEEN BLOCKED "Virus" and click on the garbage bin icon on the right of it.

After YOUR COMPUTER HAS BEEN BLOCKED "Virus" is removed, restart Google Chrome by closing it from the red “X” in the top right corner and start it again.

Start Internet Explorer:

Click “‘Tools’ to open the drop menu and select ‘Manage Add-ons’

In the ‘Manage Add-ons’ window, make sure that in the first window ‘Add-on Types’, the drop menu ‘Show’ is on ‘All add-ons’

Select YOUR COMPUTER HAS BEEN BLOCKED "Virus" to remove, and then click ‘Disable’. A pop-up window will appear to inform you that you are about to disable the selected toolbar, and some additional toolbars might be disabled as well. Leave all the boxes checked, and click ‘Disable’.

After YOUR COMPUTER HAS BEEN BLOCKED "Virus" has been removed, restart Internet Explorer by closing it from the red ‘X’ in the top right corner and start it again.

Start Safari

Open the drop menu by clicking on the sprocket icon in the top right corner.

From the drop menu select ‘Preferences’
In the new window select ‘Extensions’
Click once on YOUR COMPUTER HAS BEEN BLOCKED "Virus"
Click ‘Uninstall’

A pop-up window will appear asking for confirmation to uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus". Select ‘Uninstall’ again, and the YOUR COMPUTER HAS BEEN BLOCKED "Virus" will be removed.

Some malicious scripts may modify the registry entries of your computer to change different settings. This is why manual clean up of your Windows Registry Database is strongly recommended. Since the tutorial on how to do this is a bit lenghty, we recommend following our instructive article about fixing registry entries.

Automatically remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" by downloading an advanced anti-malware program

1. Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" with SpyHunter Anti-Malware Tool and back up your data

Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" with SpyHunter Anti-Malware Tool

1. Install SpyHunter to scan for and remove YOUR COMPUTER HAS BEEN BLOCKED "Virus".2. Scan with SpyHunter to Detect and Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus". Back up your data to secure it against infections and file encryption by YOUR COMPUTER HAS BEEN BLOCKED "Virus" in the future.

Step 1:Click on the “Download” button to proceed to SpyHunter’s download page.

Download

Malware Removal Tool

It is highly recommended to run a scan before purchasing the full version of the software to make sure that the current version of the malware can be detected by SpyHunter.

Step 2: Guide yourself by the download instructions provided for each browser.
Step 3: After you have installed SpyHunter, wait for it to automatically update.

Step1: After the update process has finished, click on the ‘Scan Computer Now’ button.

Step2: After SpyHunter has finished scanning your PC for any YOUR COMPUTER HAS BEEN BLOCKED "Virus" files, click on the ‘Fix Threats’ button to remove them automatically and permanently.

Step3: Once the intrusions on your PC have been removed, it is highly recommended to restart it.

Back up your data to secure it against attacks in the future

IMPORTANT! Before reading the Windows backup instructions, we highly recommend to back up your data automatically with cloud backup and insure it against any type of data loss on your device, even the most severe. We recommend reading more about and downloading SOS Online Backup .

SOS Online Backup

Optional: Using Alternative Anti-Malware Tools

Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" Using Other Alternative Tools

STOPZilla Anti Malware

1. Download and Install STOPZilla Anti-malware to Scan for And Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus".
Step 1: Download STOPZilla by clicking here.
Step 2: A pop-up window will appear. Click on the ‘Save File’ button. If it does not, click on the Download button and save it afterwards.

Step 3: After you have downloaded the setup, simply open it.
Step 4: The installer should appear. Click on the ‘Next’ button.

Step 5: Check the ‘I accept the agreement’ check circle if not checked if you accept it and click the ‘Next’ button once again.

Step 6: Review and click on the ‘Install’ button.

Step 7: After the installation process has completed click on the ‘Finish’ button.

2. Scan your PC with STOPZilla Anti Malware to remove all YOUR COMPUTER HAS BEEN BLOCKED "Virus" associated files completely.
Step 1: Launch STOPZilla if you haven’t launched it after install.
Step 2: Wait for the software to automatically scan and then click on the ‘Repair Now’ button. If it does not scan automatically, click on the ‘Scan Now’ button.

Step 3: After the removal of all threats and associated objects, you should Restart your PC.

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website