What is the message YOUR COMPUTER HAS BEEN BLOCKED? How can you stop seeing it?
YOUR COMPUTER HAS BEEN BLOCKED is a message that accompanies quite a few tech support scams, as well as some ransomware viruses. Those scams can appear on your PC in a lot of ways, the worst of which is due to a Trojan horse. Most of the scams have websites spreading them, which can lock you out of your browser to a point you cannot interact with it. A small number of scams are even more complex and integrate with your system on a higher level. They lock your desktop screen, holding your computer hostage, as ransomware viruses do. Fortunately, those scams do not encrypt files. Every scam uses one or more phone numbers. You should carefully read this article to see how to remove such types of malware.
|Name||YOUR COMPUTER HAS BEEN BLOCKED "Virus"|
|Type||Tech Support Scam|
|Short Description||A tech support scam stating that your computer is blocked and in some cases actually doing that. The end goal of these scams is to scare you or somehow force you into calling a phone number.|
|Symptoms||The message “Your computer has been blocked” appearing as a pop-up box, notification, error or as a whole page locking your browser or PC screen. You will be given a phone number and you will be lied to by crooks that you have a virus.|
|Distribution Method||Freeware Installers, Suspicious Sites, Redirects, Trojan Horse|
|Detection Tool|| See If Your System Has Been Affected by malware |
Malware Removal Tool
|User Experience||Join Our Forum to Discuss YOUR COMPUTER HAS BEEN BLOCKED "Virus".|
Computer Locked Virus – Update August 2019
The newest variant of the Computer Locked Virus message is showcased below. Here, the website pushing the Computer Locked Virus scam will lock your browser, and the message Computer Locked Virus will appear on the page. The website will look exactly like a legitimate Google Chrome Warning for a phishing site or malicious activity. You can see an example of the Computer Locked Virus message in the picture down here:
The full text on the site says the following:
Your computer has been Locked (or Computer Locked! Virus)
Your computer with IP address – has been infected by the Virus RDN/YahLover.worm!055BCCAC9FEC — Because System Activation KEY has expired & Your information (for example, passwords, messages, and credit cards) have been stolen. Call the Technical Support number +1-844-556-7757 to protect your files and identity from further damage.
Call Technical Support Immediately at 1-844-556-7757
The following data will be compromised if you continue:
2. Browser History
3. Credit Card Information
The virus is well known for complete identity and credit card theft. Further action through this computer or any computer in the network will reveal private information and involve serious risks.
YOUR COMPUTER HAS BEEN BLOCKED – Spread
This tech support scam has many variations. That’s why the YOUR COMPUTER HAS BEEN BLOCKED message can be displayed on your computer due to different spread methods. A common way for it to appear is when you are surfing the Web. When you visit websites which are suspicious and of unknown origin, they can spread the scam via redirect links or advertisements. Clicking on the ads or redirects is not always necessary as any interaction with the site might trigger them. Sometimes, just by leaving a website open can drop malicious files on your computer which load other sites supporting the scam. Phishing websites can make the message of the scam appear, too. It is easy to land on such sites because of a single spelling mistake in a URL.
The worst case scenario that can happen to show you the YOUR COMPUTER HAS BEEN BLOCKED message is if you have a Trojan horse present in your system. The Trojan horse may have installed itself using some of the spread methods mentioned above. In other cases, you may have installed it, without realizing that. You may have thought that you are installing an application which is useful. Many such third-party programs come bundled with other freeware and supposedly useful software. Unfortunately, some can secretly install additive features or even malware. To avoid additional content being put in your PC by such installer setups can be managed if your find Advanced or Custom options in the setup.
This Computer Is Blocked File – Details
This Computer Is Blocked File is what can appear on your screen from a tech support scam. The message can appear in a website page, notification, an error or a pop-up message. A phone number is always provided, which is supposed to be a number for contacting support technicians from Microsoft or another reputable company from the security sphere.
In the case of This Computer Is Blocked File, you can experience your screen or browser being locked or an audio message being played for maximum effect. The file is usually played via the Adobe Flash Player or a similar plugin. The audio message can be applied to lots of such websites, especially if the number is not said in the audio file. With This Computer Is Blocked File, the voice of a woman or a man urges you to call the number. You can hear such an example from the audio sample right here:
Many of the websites related to these tech support scams are made to look like the official Microsoft website. See an example of a fake Microsoft site from the screenshot below:
People who work in IT or are tech savvy will all tell you the painful truth, that Microsoft does not have a support call line. Knowing that information and seeing a phone number on a copycat site is a dead giveaway, but not for people who are unaware of that fact. You can easily fall victim to such a scam, especially when you are bombarded with pop-up messages such as YOUR COMPUTER HAS BEEN BLOCKED non-stop. The most common variant of such a scam employs a one-page website with a picture background which is a snapshot of the real Microsoft site as seen in the above image. You can read its message:
*Your Windows (Microsoft) Computer has been blocked*
Windows System Alert!!
Call Microsoft At 1-888-243-3533
You have been blocked from accessing the Internet.
Private and financial data is at RISK:
– Your credit card details and banking information
– Your e-mail passwords and other account passwords
– Your Facebook ,skype,AIM,ICQ and other chat logs
– Your private & family photos and other sensitive files
– Your webcam could be accessed remotely by stalkers
It is Required that you call the number above and get your PC inspected before you continue using your internet, especially for Shopping or Banking.
The second message varies a bit and actually states Your Windows (Microsoft) Computer has been blocked. That exact same message can be seen in the third type of this scam, this time being loaded as a notification or an error box directly inside your desktop computer:
The error box is loaded without the requirement of an Internet connection, and it is displayed, because of malicious software, files and registry entries related to the scam are inside your computer. A Trojan horse is not excluded to be managing those files to remain persistent on your machine, so whatever action your try to perform on your PC, the message to be stuck there. That can also lock your desktop screen, and you could be unable to interact with your computer device just like ransomware viruses do.
Critical Alert from Microsoft Your Computer Has Alerted Us – Details
The most common variant of such a scam employs a one-page website with a picture background which is a snapshot of the real Microsoft site as seen in the above image. There are generic messages written inside the pop-ups:
** YOUR COMPUTER HAS BEEN BLOCKED **
Error # 268D3
Please call us immediately at +1-844-730-8222
Do not ignore this critical alert.
If you close this page, your computer access will be
disabled to prevent further damage to our network.
Your computer has alerted us that it has been infected
with a virus and spyware. The following information is
>Credit Card Details
>Email Account Login
>Photos stored on this computer
You must contact us immediately so that our engineers
can walk you through the removal process over the
phone. Please call us within the next 5 minutes to
prevent your computer from being disabled.
Toll Free: +1-844-730-8222
The locking of your screen may or may not happen depending on the files residing on your machine and the type of tech support scam.
With that, the main four variants of the YOUR COMPUTER HAS BEEN BLOCKED technical support scam are exposed.
You can check out one of the most notorious such scams in the articles given down here:
- Computervirusalertsystem.today (1-844-730-8222)
- Error #268D3 (1-855-712-8551)
- Sweep Clean PC Pro (1-888-243-3533)
All phone numbers given in the article are for the purposes of giving real examples, and you shouldn’t dial any of them. If you see another website with phone numbers provided in a similar way, you shouldn’t call them.
The cybercriminals on the other end of the phone line will try to keep you on the line and lie to you. The lies go from how you shouldn’t tamper with your PC except when they instruct you, to how you need to provide personal information. They want your personal data to either sell it on the black market to the highest bidder or to empty your bank account if you provide them with your banking credentials. You can read more about howsimilar phone scams originating from Indian call centers make millions for the people behind them. Besides the money, bigger problems could follow, such as identity theft for instance.
YOUR COMPUTER HAS BEEN BLOCKED — Update December 2018
A recent hybrid attack campaign carrying the YOUR COMPUTER HAS BEEN BLOCKED threat has been identified. The attacks are done by spawning pop-ups on malicious sites that the users get redirected to. Common tactics include the creation of phishing pages or ones with domain names that may appear as legitimate login pages. This is the case with the newest release of the attack campaign that poses as a page belonging to Microsoft Official Support. It will spawn pop-up messages with the intent to trick the users into falling for the fake tech support scam.
The following phone numbers has been found to be associated with it: : +1-855-534-8622 and 888-340-8444.
YOUR COMPUTER HAS BEEN BLOCKED – Update February 2018
There are new landing pages with redirects, pushing the scam, stating that YOUR COMPUTER HAS BEEN BLOCKED. Along with that lie, you will see more redirects that show pop-ups with the text “Error 268D3-XC00037”. What is more, you can see other, similar scams on these redirect pages. The address 1aend.cf/call-microsoft-at-855-381-5333/ or something of the sort is one of the domains pushing the latest variation of the scam. As you can guess, the following telephone number is used by the scammers:
The scam hasn’t changed tremendously, but you will be redirected more than once and your browser will get locked.
YOUR COMPUTER HAS BEEN BLOCKED – Update September 2017
This September, a tech support scam has been discovered, stating that your computer is blocked due to the infamous Zeus virus. It is believed that the scam is a variation of the “YOUR COMPUTER HAS BEEN BLOCKED” scam as it also uses some of its messages to try and trick users. The exact message isZEUS VIRUS DETECTED and the scam has a few different variants, and each of them has many domains which only have the URL and phone number altered.
Windows Error Unlock Your Desktop (Update August 2017)
A newer variant of the Windows Error Unlock Your Desktop has re-appeared or rather there are new people who experience having this ransomware on their computer systems. August 2019 marks the return of the ransomware – which is almost exactly two years after its initial appearance took place.
On the first of August, 2017 a ransomware variant with a similar theme has appeared, which pretends to be sent by the Federal Bureau of Investigation (FBI). That ransomware is called theScotch Tape Locker Ransomware and locks your computer device, while stopping all access to your computer. It demands a ransom and tries to use a scare tactic to make you pay up. However, you should not pay as this is probably removable. Similar variants have been seen in the past, and it is expected for more of them to pop up in the future as well. You can see how the ransom note looks on the right of this paragraph.
YOUR COMPUTER HAS BEEN BLOCKED – Update July 2017
In July 2017, the scams that use the YOUR COMPUTER HAS BEEN BLOCKED message to scare people have increased. Typically, technical support scams use the message to try and trick you that you have a virus on your computer device. One of the latest trends around is the lie that you have the WannaCry virus, which became popular in the middle of month May, and kept being the theme for a lot of malware since then. New websites representing tech support scams are being created, which spread messages with new telephone numbers for you to call alleged Microsoft technicians, claiming that only they can fix your computer. These website pages are most commonly phishing pages that look like either the front page of the Microsoft official website or Google’s security warning that informs you about malicious domains. Be careful, do not call such numbers for unique support technicians, do not provide personal information and do not believe a browser detecting viruses on your PC unless you check with a security program first.
Update July 2017. Unfortunately, these tech support scams continue to spread in the wild, infecting users via various methods. As you will read later in the article, most tech support scammers rely on companies such as Microsoft to make their attempts more successful. The Microsoft approach definitely works at high rates as users tend to call the provided numbers once they see they should contact Microsoft Tech Support for assistance. Please remember that Microsoft doesn’t own a tech support line. This should be a clear indication of your system being invaded. One of the most recent reports by a victim clearly shows that users are easily tricked by the displayed message claiming their computer has been blocked. Remember that calling unsolicited numbers provided in such dubious ways is never a good idea.
YOUR COMPUTER HAS BEEN BLOCKED – Update June 2017
The scams do not stop with the tech support related ones, but elevate even further into ransomware cryptoviruses. This has happened a couple of years before, with ransomware that claims that a government agency like the CIA has locked or blocked your computer system and you have to pay a fee or you will end up in jail. The same story repeats itself now in 2017 with that kind of ransomware returning and a prime example of that is theMatrix ransomware virus. You can check out the article about it for further details or just see its ransom note on the right and see how the FBI (Federal Bureau of Investigation) is being used to scare users like you into giving money.
We have also created a video that should help you remove YOUR COMPUTER HAS BEEN BLOCKED virus from your system:
More removal instructions are available below.
YOUR COMPUTER HAS BEEN BLOCKED Removal
To remove the YOUR COMPUTER HAS BEEN BLOCKED tech support scam and its related files manually from your PC, follow the step-by-step removal instructions provided below. If the manual removal guide does not get rid of the scam and its redirects completely, you should search for and remove any leftover items with an advanced anti-malware tool. Software like that will keep your system secure in the future.
Attention! SensorsTechForum strongly recommends that all malware victims should look for assistance only by reputable sources. Many guides out there claim to offer free recovery and decryption for files encrypted by ransomware viruses. Be advised that some of them may only be after your money.
As a site that has been dedicated to providing free removal instructions for ransomware and malware since 2014, SensorsTechForum’s recommendation is to only pay attention to trustworthy sources.
How to recognize trustworthy sources:
- Always check "About Us" web page.
- Profile of the content creator.
- Make sure that real people are behind the site and not fake names and profiles.
- Verify Facebook, LinkedIn and Twitter personal profiles.
- Guide 1: How to Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Windows.
- Guide 2: Get rid of YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Mac OS X.
How to Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove YOUR COMPUTER HAS BEEN BLOCKED "Virus"
Step 2: Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it.
Step 3: Clean any registries, created by YOUR COMPUTER HAS BEEN BLOCKED "Virus" on your computer.
The usually targeted registries of Windows machines are the following:
You can access them by opening the Windows registry editor and deleting any values, created by YOUR COMPUTER HAS BEEN BLOCKED "Virus" there. This can happen by following the steps underneath:
Step 4: Scan for YOUR COMPUTER HAS BEEN BLOCKED "Virus" with SpyHunter Anti-Malware Tool
Step 5 (Optional): Try to Restore Files Encrypted by YOUR COMPUTER HAS BEEN BLOCKED "Virus".
Ransomware infections and YOUR COMPUTER HAS BEEN BLOCKED "Virus" aim to encrypt your files using an encryption algorithm which may be very difficult to decrypt. This is why we have suggested a data recovery method that may help you go around direct decryption and try to restore your files. Bear in mind that this method may not be 100% effective but may also help you a little or a lot in different situations.
Simply click on the link and on the website menus on top, choose Data Recovery - Data Recovery Wizard for Windows or Mac (depending on your OS), and then download and run the tool.
Get rid of YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Mac OS X.
Step 1: Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
You can repeat the same procedure with the following other Library directories:
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Scan for and remove malware from your Mac
When you are facing problems on your Mac as a result of unwanted scripts, programs and malware, the recommended way of eliminating the threat is by using an anti-malware program. Combo Cleaner offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Step 3 (Optional): Try to Restore Files Encrypted by YOUR COMPUTER HAS BEEN BLOCKED "Virus" on your Mac.
Ransomware for Mac YOUR COMPUTER HAS BEEN BLOCKED "Virus" aims to encode all your files using an encryption algorithm which may be very difficult to decode, unless you pay money.
This is why we have suggested a data recovery method that may help you go around direct decryption and try to restore your files, but only in some cases. Bear in mind that this method may not be 100% effective but may also help you a little or a lot in different situations.
YOUR COMPUTER HAS BEEN BLOCKED "Virus" FAQ
What is YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware and how does it work?
YOUR COMPUTER HAS BEEN BLOCKED "Virus" is a ransomware infection - the malicious software that enters your computer silently and blocks either access to the computer itself or encrypt your files.
Many ransomware viruses use sophisticated encryption algorithm how to make your files inaccessible. The goal of ransomware infections is to demand that you pay a ransom payment to get access to your files back.
How does YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware infect my computer?
Via several ways.YOUR COMPUTER HAS BEEN BLOCKED "Virus" Ransomware infects computers by being sent via phishing e-mails, containing virus attachment.
This attachment is usually masked as an important document, like an invoice, bank document or even a plane ticket and it looks very convincing to users.
After you download and execute this attachment, a drive-by download occurs and your computer is infected with the ransomware virus.
Another way, you may become a victim of YOUR COMPUTER HAS BEEN BLOCKED "Virus" is if you download a fake installer, crack or patch from a low reputation website or if you click on a virus link. Many users report getting a ransomware infection by downloading torrents.
How to open .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files?
You can't. At this point the .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files are encrypted. You can only open them once they are decrypted.
Decryptor did not decrypt my data. What now?
Do not panic and backup the files. If a decryptor did not decrypt your .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files successfully, then do not despair, because this virus is still new.
One way to restore files, encrypted by YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware is to use a decryptor for it. But since it's a new virus, advised that the decryption keys for it may not be out yet and available to the public. We will update this article and keep you posted as soon as this decryptor is released.
How Do I restore ".YOUR COMPUTER HAS BEEN BLOCKED "Virus"" files (Other Methods)?
Yes, sometimes files can be restored. We have suggested several file recovery methods that could work if you want to restore .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files.
These methods are in no way 100% guarantee that you will be able to get your files back. But if you have a backup, your chances of success are much greater.
How do I get rid of YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware virus?
The safest way and the most efficient one for the removal of this ransomware infection is the use a professional anti malware software. It will scan for and locate YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware and then remove it without causing any additional harm to your important .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files.
Also, keep in mind that viruses like YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware also install Trojans and keyloggers that can steal your passwords and accounts. Scanning your computer with an anti-malware software will make sure that all of these virus components are removed and your computer is protected in the future.
What to Do If nothing works?
There is still a lot you can do. If none of the above methods seem to work for you, then try these methods:
- Try to find a safe computer from where you can can login on your own line accounts like One Drive, iDrive, Google Drive and so on.
- Try to contact your friends, relatives and other people so that they can check if they have some of your important photos or documents just in case you sent them.
- Also, check if some of the files that were encrypted it can be re-downloaded from the web.
- Another clever way to get back some of your files is to find another old computer, a flash drive or even a CD or a DVD where you may have saved your older documents. You might be surprised what will turn up.
- You can also go to your email account to check if you can send any attachments to other people. Usually what is sent the email is saved on your account and you can re-download it. But most importantly, make sure that this is done from a safe computer and make sure to remove the virus first.
More tips you can find on our forums, where you can also asks any questions about your ransomware problem.