What is the message YOUR COMPUTER HAS BEEN BLOCKED? How can you stop seeing it?
YOUR COMPUTER HAS BEEN BLOCKED is a message that accompanies quite a few tech support scams, as well as some ransomware viruses. Those scams can appear on your PC in a lot of ways, the worst of which is due to a Trojan horse. Most of the scams have websites spreading them, which can lock you out of your browser to a point you cannot interact with it. A small number of scams are even more complex and integrate with your system on a higher level. They lock your desktop screen, holding your computer hostage, as ransomware viruses do. Fortunately, those scams do not encrypt files. Every scam uses one or more phone numbers. You should carefully read this article to see how to remove such types of malware.
Threat Summary
| Name | YOUR COMPUTER HAS BEEN BLOCKED "Virus" |
| Type | Tech Support Scam |
| Short Description | A tech support scam stating that your computer is blocked and in some cases actually doing that. The end goal of these scams is to scare you or somehow force you into calling a phone number. |
| Symptoms | The message “Your computer has been blocked” appearing as a pop-up box, notification, error or as a whole page locking your browser or PC screen. You will be given a phone number and you will be lied to by crooks that you have a virus. |
| Distribution Method | Freeware Installers, Suspicious Sites, Redirects, Trojan Horse |
| Detection Tool |
See If Your System Has Been Affected by malware
Download
Malware Removal Tool
|
| User Experience | Join Our Forum to Discuss YOUR COMPUTER HAS BEEN BLOCKED "Virus". |
Computer Locked Virus – Update August 2019
The newest variant of the Computer Locked Virus message is showcased below. Here, the website pushing the Computer Locked Virus scam will lock your browser, and the message Computer Locked Virus will appear on the page. The website will look exactly like a legitimate Google Chrome Warning for a phishing site or malicious activity. You can see an example of the Computer Locked Virus message in the picture down here:
The full text on the site says the following:
Your computer has been Locked (or Computer Locked! Virus)
Your computer with IP address – has been infected by the Virus RDN/YahLover.worm!055BCCAC9FEC — Because System Activation KEY has expired & Your information (for example, passwords, messages, and credit cards) have been stolen. Call the Technical Support number +1-844-556-7757 to protect your files and identity from further damage.
Call Technical Support Immediately at 1-844-556-7757
The following data will be compromised if you continue:
1. Passwords
2. Browser History
3. Credit Card Information
The virus is well known for complete identity and credit card theft. Further action through this computer or any computer in the network will reveal private information and involve serious risks.
YOUR COMPUTER HAS BEEN BLOCKED – Spread
This tech support scam has many variations. That’s why the YOUR COMPUTER HAS BEEN BLOCKED message can be displayed on your computer due to different spread methods. A common way for it to appear is when you are surfing the Web. When you visit websites which are suspicious and of unknown origin, they can spread the scam via redirect links or advertisements. Clicking on the ads or redirects is not always necessary as any interaction with the site might trigger them. Sometimes, just by leaving a website open can drop malicious files on your computer which load other sites supporting the scam. Phishing websites can make the message of the scam appear, too. It is easy to land on such sites because of a single spelling mistake in a URL.
The worst case scenario that can happen to show you the YOUR COMPUTER HAS BEEN BLOCKED message is if you have a Trojan horse present in your system. The Trojan horse may have installed itself using some of the spread methods mentioned above. In other cases, you may have installed it, without realizing that. You may have thought that you are installing an application which is useful. Many such third-party programs come bundled with other freeware and supposedly useful software. Unfortunately, some can secretly install additive features or even malware. To avoid additional content being put in your PC by such installer setups can be managed if your find Advanced or Custom options in the setup.
This Computer Is Blocked File – Details
This Computer Is Blocked File is what can appear on your screen from a tech support scam. The message can appear in a website page, notification, an error or a pop-up message. A phone number is always provided, which is supposed to be a number for contacting support technicians from Microsoft or another reputable company from the security sphere.
In the case of This Computer Is Blocked File, you can experience your screen or browser being locked or an audio message being played for maximum effect. The file is usually played via the Adobe Flash Player or a similar plugin. The audio message can be applied to lots of such websites, especially if the number is not said in the audio file. With This Computer Is Blocked File, the voice of a woman or a man urges you to call the number. You can hear such an example from the audio sample right here:
Many of the websites related to these tech support scams are made to look like the official Microsoft website. See an example of a fake Microsoft site from the screenshot below:
People who work in IT or are tech savvy will all tell you the painful truth, that Microsoft does not have a support call line. Knowing that information and seeing a phone number on a copycat site is a dead giveaway, but not for people who are unaware of that fact. You can easily fall victim to such a scam, especially when you are bombarded with pop-up messages such as YOUR COMPUTER HAS BEEN BLOCKED non-stop. The most common variant of such a scam employs a one-page website with a picture background which is a snapshot of the real Microsoft site as seen in the above image. You can read its message:
*Your Windows (Microsoft) Computer has been blocked*
Windows System Alert!!
Call Microsoft At 1-888-243-3533
You have been blocked from accessing the Internet.
Private and financial data is at RISK:
– Your credit card details and banking information
– Your e-mail passwords and other account passwords
– Your Facebook ,skype,AIM,ICQ and other chat logs
– Your private & family photos and other sensitive files
– Your webcam could be accessed remotely by stalkersIt is Required that you call the number above and get your PC inspected before you continue using your internet, especially for Shopping or Banking.
The second message varies a bit and actually states Your Windows (Microsoft) Computer has been blocked. That exact same message can be seen in the third type of this scam, this time being loaded as a notification or an error box directly inside your desktop computer:
The error box is loaded without the requirement of an Internet connection, and it is displayed, because of malicious software, files and registry entries related to the scam are inside your computer. A Trojan horse is not excluded to be managing those files to remain persistent on your machine, so whatever action your try to perform on your PC, the message to be stuck there. That can also lock your desktop screen, and you could be unable to interact with your computer device just like ransomware viruses do.
Critical Alert from Microsoft Your Computer Has Alerted Us – Details
The most common variant of such a scam employs a one-page website with a picture background which is a snapshot of the real Microsoft site as seen in the above image. There are generic messages written inside the pop-ups:
** YOUR COMPUTER HAS BEEN BLOCKED **
Error # 268D3
Please call us immediately at +1-844-730-8222
Do not ignore this critical alert.
If you close this page, your computer access will be
disabled to prevent further damage to our network.Your computer has alerted us that it has been infected
with a virus and spyware. The following information is
being stolen…>Facebook Login
>Credit Card Details
>Email Account Login
>Photos stored on this computer
You must contact us immediately so that our engineers
can walk you through the removal process over the
phone. Please call us within the next 5 minutes to
prevent your computer from being disabled.Toll Free: +1-844-730-8222
The locking of your screen may or may not happen depending on the files residing on your machine and the type of tech support scam.
With that, the main four variants of the YOUR COMPUTER HAS BEEN BLOCKED technical support scam are exposed.
You can check out one of the most notorious such scams in the articles given down here:
- [wplinkpreview url=”https://sensorstechforum.com/remove-1-844-730-8222-computervirusalertsystem-today/”] Computervirusalertsystem.today (1-844-730-8222)
- [wplinkpreview url=”https://sensorstechforum.com/remove-error-268d3-1-855-712-8551-tech-support-scam/”] Error #268D3 (1-855-712-8551)
- [wplinkpreview url=”https://sensorstechforum.com/remove-sweep-clean-pc-pro-1-888-243-3533-fake-tech-support/”] Sweep Clean PC Pro (1-888-243-3533)
All phone numbers given in the article are for the purposes of giving real examples, and you shouldn’t dial any of them. If you see another website with phone numbers provided in a similar way, you shouldn’t call them.
The cybercriminals on the other end of the phone line will try to keep you on the line and lie to you. The lies go from how you shouldn’t tamper with your PC except when they instruct you, to how you need to provide personal information. They want your personal data to either sell it on the black market to the highest bidder or to empty your bank account if you provide them with your banking credentials. You can read more about how [wplinkpreview url=”https://sensorstechforum.com/beware-irs-call-indian-call-centers-made-millions-phone-scams/”] similar phone scams originating from Indian call centers make millions for the people behind them. Besides the money, bigger problems could follow, such as identity theft for instance.
YOUR COMPUTER HAS BEEN BLOCKED — Update December 2018
A recent hybrid attack campaign carrying the YOUR COMPUTER HAS BEEN BLOCKED threat has been identified. The attacks are done by spawning pop-ups on malicious sites that the users get redirected to. Common tactics include the creation of phishing pages or ones with domain names that may appear as legitimate login pages. This is the case with the newest release of the attack campaign that poses as a page belonging to Microsoft Official Support. It will spawn pop-up messages with the intent to trick the users into falling for the fake tech support scam.
The following phone numbers has been found to be associated with it: : +1-855-534-8622 and 888-340-8444.
YOUR COMPUTER HAS BEEN BLOCKED – Update February 2018
There are new landing pages with redirects, pushing the scam, stating that YOUR COMPUTER HAS BEEN BLOCKED. Along with that lie, you will see more redirects that show pop-ups with the text “Error 268D3-XC00037”. What is more, you can see other, similar scams on these redirect pages. The address 1aend.cf/call-microsoft-at-855-381-5333/ or something of the sort is one of the domains pushing the latest variation of the scam. As you can guess, the following telephone number is used by the scammers:
- 1-855-381-5333
The scam hasn’t changed tremendously, but you will be redirected more than once and your browser will get locked.
YOUR COMPUTER HAS BEEN BLOCKED – Update September 2017
This September, a tech support scam has been discovered, stating that your computer is blocked due to the infamous Zeus virus. It is believed that the scam is a variation of the “YOUR COMPUTER HAS BEEN BLOCKED” scam as it also uses some of its messages to try and trick users. The exact message is [wplinkpreview url=”https://sensorstechforum.com/remove-zeus-virus-detected-scam/”] ZEUS VIRUS DETECTED and the scam has a few different variants, and each of them has many domains which only have the URL and phone number altered.
Windows Error Unlock Your Desktop (Update August 2017)
A newer variant of the Windows Error Unlock Your Desktop has re-appeared or rather there are new people who experience having this ransomware on their computer systems. August 2019 marks the return of the ransomware – which is almost exactly two years after its initial appearance took place.
On the first of August, 2017 a ransomware variant with a similar theme has appeared, which pretends to be sent by the Federal Bureau of Investigation (FBI). That ransomware is called the [wplinkpreview url=”https://sensorstechforum.com/scotch-tape-locker-ransomware-removal-restore-files/”] Scotch Tape Locker Ransomware and locks your computer device, while stopping all access to your computer. It demands a ransom and tries to use a scare tactic to make you pay up. However, you should not pay as this is probably removable. Similar variants have been seen in the past, and it is expected for more of them to pop up in the future as well. You can see how the ransom note looks on the right of this paragraph.
YOUR COMPUTER HAS BEEN BLOCKED – Update July 2017
In July 2017, the scams that use the YOUR COMPUTER HAS BEEN BLOCKED message to scare people have increased. Typically, technical support scams use the message to try and trick you that you have a virus on your computer device. One of the latest trends around is the lie that you have the WannaCry virus, which became popular in the middle of month May, and kept being the theme for a lot of malware since then. New websites representing tech support scams are being created, which spread messages with new telephone numbers for you to call alleged Microsoft technicians, claiming that only they can fix your computer. These website pages are most commonly phishing pages that look like either the front page of the Microsoft official website or Google’s security warning that informs you about malicious domains. Be careful, do not call such numbers for unique support technicians, do not provide personal information and do not believe a browser detecting viruses on your PC unless you check with a security program first.
Update July 2017. Unfortunately, these tech support scams continue to spread in the wild, infecting users via various methods. As you will read later in the article, most tech support scammers rely on companies such as Microsoft to make their attempts more successful. The Microsoft approach definitely works at high rates as users tend to call the provided numbers once they see they should contact Microsoft Tech Support for assistance. Please remember that Microsoft doesn’t own a tech support line. This should be a clear indication of your system being invaded. One of the most recent reports by a victim clearly shows that users are easily tricked by the displayed message claiming their computer has been blocked. Remember that calling unsolicited numbers provided in such dubious ways is never a good idea.
YOUR COMPUTER HAS BEEN BLOCKED – Update June 2017
The scams do not stop with the tech support related ones, but elevate even further into ransomware cryptoviruses. This has happened a couple of years before, with ransomware that claims that a government agency like the CIA has locked or blocked your computer system and you have to pay a fee or you will end up in jail. The same story repeats itself now in 2017 with that kind of ransomware returning and a prime example of that is the [wplinkpreview url=”https://sensorstechforum.com/remove-matrix-ransomware-restore-files/”] Matrix ransomware virus. You can check out the article about it for further details or just see its ransom note on the right and see how the FBI (Federal Bureau of Investigation) is being used to scare users like you into giving money.
We have also created a video that should help you remove YOUR COMPUTER HAS BEEN BLOCKED virus from your system:
More removal instructions are available below.
YOUR COMPUTER HAS BEEN BLOCKED Removal
To remove the YOUR COMPUTER HAS BEEN BLOCKED tech support scam and its related files manually from your PC, follow the step-by-step removal instructions provided below. If the manual removal guide does not get rid of the scam and its redirects completely, you should search for and remove any leftover items with an advanced anti-malware tool. Software like that will keep your system secure in the future.
Tsetso Mihailov
Tsetso Mihailov is a tech-geek and loves everything that is tech-related, while observing the latest news surrounding technologies. He has worked in IT before, as a system administrator and a computer repair technician. Dealing with malware since his teens, he is determined to spread word about the latest threats revolving around computer security.
Follow Me:
Attention! SensorsTechForum strongly recommends that all malware victims should look for assistance only by reputable sources. Many guides out there claim to offer free recovery and decryption for files encrypted by ransomware viruses. Be advised that some of them may only be after your money.
As a site that has been dedicated to providing free removal instructions for ransomware and malware since 2014, SensorsTechForum’s recommendation is to only pay attention to trustworthy sources.
How to recognize trustworthy sources:
- Always check "About Us" web page.
- Profile of the content creator.
- Make sure that real people are behind the site and not fake names and profiles.
- Verify Facebook, LinkedIn and Twitter personal profiles.
About the YOUR COMPUTER HAS BEEN BLOCKED "Virus" Research
The content we publish on SensorsTechForum.com, this YOUR COMPUTER HAS BEEN BLOCKED "Virus" how-to removal guide included, is the outcome of extensive research, hard work and our team’s devotion to help you remove the specific malware and restore your encrypted files.
How did we conduct the research on this ransomware?
Our research is based on an independent investigation. We are in contact with independent security researchers, and as such, we receive daily updates on the latest malware and ransomware definitions.
Furthermore, the research behind the YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware threat is backed with VirusTotal and the NoMoreRansom project.
To better understand the ransomware threat, please refer to the following articles which provide knowledgeable details.
References
1. How to Recognize Spam Emails with Ransomware
2. How Does Ransomware Encryption Work?
3. How to Decrypt Ransomware Files
4. Ransomware Getting Greedier and Bigger, Attacks Increase by 40%
5. 1 in 5 Americans Victim of Ransomware
- Guide 1: How to Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Windows.
- Guide 2: Get rid of YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Mac OS X.
How to Remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove YOUR COMPUTER HAS BEEN BLOCKED "Virus"
1. Hold Windows Key + R.
2. The "Run" Window will appear. In it, type "msconfig" and click OK.
3. Go to the "Boot" tab. There select "Safe Boot" and then click "Apply" and "OK".
4. When prompted, click on "Restart" to go into Safe Mode.
5. You can recognise Safe Mode by the words written on the corners of your screen.
Step 2: Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:
1. Hold the Windows Logo Button and "R" on your keyboard. A Pop-up window will appear.
2. In the field type in "appwiz.cpl" and press ENTER.
3. This will open a window with all the programs installed on the PC. Select the program that you want to remove, and press "Uninstall"
Follow the instructions above and you will successfully uninstall most programs.
Step 3: Clean any registries, created by YOUR COMPUTER HAS BEEN BLOCKED "Virus" on your computer.
The usually targeted registries of Windows machines are the following:
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
You can access them by opening the Windows registry editor and deleting any values, created by YOUR COMPUTER HAS BEEN BLOCKED "Virus" there. This can happen by following the steps underneath:
1. Open the Run Window again, type "regedit" and click OK.
2. When you open it, you can freely navigate to the Run and RunOnce keys, whose locations are shown above.
3. You can remove the value of the virus by right-clicking on it and removing it.
Tip: To find a virus-created value, you can right-click on it and click "Modify" to see which file it is set to run. If this is the virus file location, remove the value.
Before starting "Step 4", please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.
Step 4: Scan for YOUR COMPUTER HAS BEEN BLOCKED "Virus" with SpyHunter Anti-Malware Tool
1. Click on the "Download" button to proceed to SpyHunter's download page.
2. After you have installed SpyHunter, wait for it to update automatically.
3. After the update process has finished, click on the 'Malware/PC Scan' tab. A new window will appear. Click on 'Start Scan'.
4. After SpyHunter has finished scanning your PC for any files of the associated threat and found them, you can try to get them removed automatically and permanently by clicking on the 'Next' button.
Video Guide for Automatic and Fast Removal
Step 5 (Optional): Try to Restore Files Encrypted by YOUR COMPUTER HAS BEEN BLOCKED "Virus".
Ransomware infections and YOUR COMPUTER HAS BEEN BLOCKED "Virus" aim to encrypt your files using an encryption algorithm which may be very difficult to decrypt. This is why we have suggested a data recovery method that may help you go around direct decryption and try to restore your files. Bear in mind that this method may not be 100% effective but may also help you a little or a lot in different situations.
1. Download the recommended Data Recovery software by clicking on the link underneath:
Simply click on the link and on the website menus on the top, choose Data Recovery - Data Recovery Wizard for Windows or Mac (depending on your OS), and then download and run the tool.
Step 6: How to Restore Files Encrypted by Ransomware (Video Guide)
Get rid of YOUR COMPUTER HAS BEEN BLOCKED "Virus" from Mac OS X.
Step 1: Uninstall YOUR COMPUTER HAS BEEN BLOCKED "Virus" and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
2. Find Activity Monitor and double-click it:
3. In the Activity Monitor look for any suspicious processes, belonging or related to YOUR COMPUTER HAS BEEN BLOCKED "Virus":
4. Click on the "Go" button again, but this time select Applications. Another way is with the ⇧+⌘+A buttons.
5. In the Applications menu, look for any suspicious app or an app with a name, similar or identical to YOUR COMPUTER HAS BEEN BLOCKED "Virus". If you find it, right-click on the app and select “Move to Trash
”.
6. Select Accounts, after which click on the Login Items preference.
Your Mac will then show you a list of items that start automatically when you log in. Look for any suspicious apps identical or similar to YOUR COMPUTER HAS BEEN BLOCKED "Virus". Check the app you want to stop from running automatically and then select on the Minus (“-“) icon to hide it.
7. Remove any left-over files that might be related to this threat manually by following the sub-steps below:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove YOUR COMPUTER HAS BEEN BLOCKED "Virus" via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
1: Click on "Go" and Then "Go to Folder" as shown underneath:
2: Type in "/Library/LauchAgents/" and click Ok:
3: Delete all of the virus files that have similar or the same name as YOUR COMPUTER HAS BEEN BLOCKED "Virus". If you believe there is no such file, do not delete anything.
You can repeat the same procedure with the following other Library directories:
→ ~/Library/LaunchAgents
/Library/LaunchDaemons
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 3 (Optional): Try to Restore Files Encrypted by YOUR COMPUTER HAS BEEN BLOCKED "Virus".
Ransomware infections and YOUR COMPUTER HAS BEEN BLOCKED "Virus" aim to encrypt your files using an encryption algorithm which may be very difficult to decrypt. This is why we have suggested a data recovery method that may help you go around direct decryption and try to restore your files. Bear in mind that this method may not be 100% effective but may also help you a little or a lot in different situations.
1. Download the recommended Data Recovery software by clicking on the link underneath:
Simply click on the link and on the website menus on top, choose Data Recovery - Data Recovery Wizard for Windows or Mac (depending on your OS), and then download and run the tool.
YOUR COMPUTER HAS BEEN BLOCKED "Virus" FAQ
What is YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware and how does it work?
YOUR COMPUTER HAS BEEN BLOCKED "Virus" is a ransomware infection - the malicious software that enters your computer silently and blocks either access to the computer itself or encrypt your files.
Many ransomware viruses use sophisticated encryption algorithm how to make your files inaccessible. The goal of ransomware infections is to demand that you pay a ransom payment to get access to your files back.
How does YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware infect my computer?
Via several ways.YOUR COMPUTER HAS BEEN BLOCKED "Virus" Ransomware infects computers by being sent via phishing e-mails, containing virus attachment.
This attachment is usually masked as an important document, like an invoice, bank document or even a plane ticket and it looks very convincing to users.
After you download and execute this attachment, a drive-by download occurs and your computer is infected with the ransomware virus.
Another way, you may become a victim of YOUR COMPUTER HAS BEEN BLOCKED "Virus" is if you download a fake installer, crack or patch from a low reputation website or if you click on a virus link. Many users report getting a ransomware infection by downloading torrents.
How to open .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files?
You can't. At this point the .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files are encrypted. You can only open them once they are decrypted.
Decryptor did not decrypt my data. What now?
Do not panic and backup the files. If a decryptor did not decrypt your .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files successfully, then do not despair, because this virus is still new.
One way to restore files, encrypted by YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware is to use a decryptor for it. But since it's a new virus, advised that the decryption keys for it may not be out yet and available to the public. We will update this article and keep you posted as soon as this decryptor is released.
How Do I restore ".YOUR COMPUTER HAS BEEN BLOCKED "Virus"" files (Other Methods)?
Yes, sometimes files can be restored. We have suggested several file recovery methods that could work if you want to restore .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files.
These methods are in no way 100% guarantee that you will be able to get your files back. But if you have a backup, your chances of success are much greater.
How do I get rid of YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware virus?
The safest way and the most efficient one for the removal of this ransomware infection is the use a professional anti malware software. It will scan for and locate YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware and then remove it without causing any additional harm to your important .YOUR COMPUTER HAS BEEN BLOCKED "Virus" files.
Also, keep in mind that viruses like YOUR COMPUTER HAS BEEN BLOCKED "Virus" ransomware also install Trojans and keyloggers that can steal your passwords and accounts. Scanning your computer with an anti-malware software will make sure that all of these virus components are removed and your computer is protected in the future.
What to Do If nothing works?
There is still a lot you can do. If none of the above methods seem to work for you, then try these methods:
- Try to find a safe computer from where you can can login on your own line accounts like One Drive, iDrive, Google Drive and so on.
- Try to contact your friends, relatives and other people so that they can check if they have some of your important photos or documents just in case you sent them.
- Also, check if some of the files that were encrypted it can be re-downloaded from the web.
- Another clever way to get back some of your files is to find another old computer, a flash drive or even a CD or a DVD where you may have saved your older documents. You might be surprised what will turn up.
- You can also go to your email account to check if you can send any attachments to other people. Usually what is sent the email is saved on your account and you can re-download it. But most importantly, make sure that this is done from a safe computer and make sure to remove the virus first.
More tips you can find on our forums, where you can also asks any questions about your ransomware problem.
How to Report Ransomware to Authorities?
In case your computer got infected with a ransomware infection, you can report it to the local Police departments. It can help authorities worldwide track and determine the perpetrators behind the virus that has infected your computer. Below, we have prepared a list with government websites, where you can file a report in case you are a victim of a cybercrime:
Cyber-security authorities, responsible for handling ransomware attack reports in different regions all over the world:
- Germany - Offizielles Portal der deutschen Polizei
- United States - IC3 Internet Crime Complaint Centre
- United Kingdom - Action Fraud Police
- France - Ministère de l'Intérieur
- Italy - Polizia Di Stato
- Spain - Policía Nacional
- Netherlands - Politie
- Poland - Policja
- Portugal - Polícia Judiciária
- Greece - Cyber Crime Unit (Hellenic Police)
- India - Mumbai Police - CyberCrime Investigation Cell
- Australia - Australian High Tech Crime Center
Reports may be responded to in different timeframes, depending on your local authorities.
El Sabado 17-Febrero-18 a las 17:00 horas me bloquea el Ordenador una pantalla de ¿Microsoft? y una locución femenina en bucle diciendo que tengo VIRUS, que no toque ni apague el Ordenador porque se borraran datos y llame al teléfono 900861783. Lo hago y un ¿inglés Jack Walker? hablando mal Español me dice que es ¿Servicio Técnico de Microsoft?, que lo pueden solucionar por una de las 2 opciones de 2 o 5 años de mantenimiento de 192 o 325 €. Acepto la 2ª opción (que conlleva limpieza a fondo mensual) y durante 2 horas están limpiando mi Ordenador a distancia (con el software GoTo Opener de LogMein, Avast, AdBlock, Adguard AdBocker, Popup Blocker, etc.). Terminado este tiempo me llaman, comprobamos que está limpio el Ordenador y les hago la Transferencia a la Cta. IBAN ES5104870202839007013223, del BANCO MARE NOSTRUM (ex- Caja Murcia), del ESPARRAGAL-MURCIA (entre Lorca y Puerto Lumbreras), Beneficiario: Tomás Moreno Gil (¡¡¡ NO ES MICROSFOT !!!).
Después de esto e imaginando que he sido ESTAFADO, busco por Internet y veo ésta página que me lo confirma.
Hoy Lunes 19-Feb-2018, a primera hora he ido a mi Oficina bancaria y he podido ANULAR LA TRANSFERENCIA.
Después he ido al Cuartel de la Guardia Civil de Santiago de la Ribera-Murcia y he puesto una DENUNCIA POR ESTAFA.
Ahora estoy ANULANDO Tarjetas VISA, MASTERCARD, Claves de Acceso a cuentas Bancarias, eBay, Amazón, Webs diversas, etc. para intentar evitar otros posibles fraudes (porque estuvieron 2 horas “manejando mi ordenador”).
Disculpad lo extenso del relato, pero me parece importante que se sepa públicamente.
Pues a mi eso me paso ayer. En una pagina me salio el mensaje de que tenia un virus y no cerrara la pagina y llamara a un numero de teléfono que no se si seria ese pero si empezaba por 900. Yo pensé que podría ser una estafa llamas a un numero de teléfono y de hay supuse que me pedirían poder “hurgar” en mi pc y de más, pero yo como no podía cerrar la pagina apague el ordenador a las bravas. Cuando lo volví a encender le pase el antivirus, tengo el Avast gratuito y no detecto ningún virus, después lo volví a pasar en modo completo y tampoco detecto nada. De momento no se me ha borrado nada. Aunque la verdad estoy algo asustado de que todavía se borren… Yo la verdad no leí muy bien el mensaje solo leí lo de llamar numero de teléfono y borrar datos y poco mas y si el mensaje era de microsof y la pagina tenia el htps. Y hoy buscando información encuentro que no soy el único al que le ha pasado.
Me ha pasado lo mismo hoy Miércoles 21 de Febrero 2018. Llamé a ese 900. Me contestó un hombre con acento extranjero y me dijo que ese virus era muy potente y me borraría todos los datos y que lo tenía desde hace mucho tiempo en el sistema de mi pc., pero hoy se habría activado. Antes que siguiera le expliqué que hace dos días había comprado un nuevo Windows y había formateado el disco duro y empecé todo de cero. Me dice que era igual, que el virus estaba en el portatil. Le expliqué
que soy técnico en ordenadores e informática, que no era una experta porque había estudiado con los ordenadores de antes. Me preguntó si tenía tienda, o taller. Al decirle que solo reparaba a nivel familiar, me preguntó la edad. Le dije 70 años, pero que yo sabía del tema. Le dije que tenía el antivirus de McAfee original y que no entendía que no funcionaba. Me dice que el virus era tan potente que los antivirus no podían detectarlo y me ofrece venderme un antivirus de Microsoft y entrar en el portatil para repararlo él., pero en vista de nuestra conversación ya desistió y me dijo que cerrara la página desde el administrador de tareas. Explico esto para sumarme a las denuncias que estoy leyendo. Y para terminar, intentaré llamar a Microsoft, porque no entiendo como permite estos estafadores que usan la página de microsoft.
Me gustaría saber como pretendes que ésto sea útil si no especificas las medidas para erradicar dichos errores. LA información ya la sabemos, lo que la gente desconoce son los PROCEDIMIENTOS para erradicar sus efectos.
Y es precisamente lo que no mencionas.
Esta publicación es INÚTIL sin esa información. No sirve para NADA.
A mi me acaba de pasar y gracias s leer estos comentarios no deje que la cosa siguiese adelante. Lo que no se es si tienen alguna contraseña mía o si pueden volver a entrar nada más que abra el portátil. Me dicen que tienen que desinstalar lo que pusieron que es el abasto Premium y que van a mandar a un técnico a mi casa. Y para finalizar me dicen que si se tantas cosas que porque los dejo entrar. Gracias otra vez por los comentarios
Glad we were of help!
Estaba buscando un sitio web para ver una película y me sale un cartel que habían bloqueado la computadora por un virus y me da el teléfono 18555506455 Soporte Técnico me salió un hombre hablando inglés y me dijo que forzara la salida de Safari y otras indicaciones hasta que me dice te puedo limpiar la computadora por 100 dólares le dije no y me colgó apague la laptop y no la he encendido porque no sé cómo quitar el cartel que me sale
Don’t pay Technical Support and don’t call the number. It is a scam. Try booting the computer in safe mode, to see if you still get the screen. If not – remove the malware with a security tool.
se abre una página con el telefono 900 861 783 y queda todo bloqueado. Apago el ordenador y vuelta a empezar. Se trata de un virus que no se como quitar. ¿Comose quita?
Try to open the Windows Task Manager with Ctrl+Alt+Del (assuming you are with a Windows Operating system) and search for a process that takes more memory and shut it off. Also try booting into safe mmode to see the result – more instructions are found above in the removal instructions section.
I also get a popup like this, ‘YOUR COMPUTER HAS BLOCKED’ They said you visited a website ,porngraphy ,zoophila, rape , if you want to unlock your computer then you must pay 150 kuwaiti”s diner by i-tunes gift card or if you unblock your computer from an unofficial technician then your case will be moved on ‘Kuwait police’YOU HAVE ONLY 12 HOURS TIME FOR PAY THE FEE………what is the meaning of this sentence. ..please reply me…I’m so afraid of this..
Don’t worry – that should be only an empty threat as you may have realized by now. This is a variety of the Scotch Tape Locker Ransomware sensorstechforum.com/scotch-tape-locker-ransomware-removal-restore-files/. You can remove the ransomware without your files getting deleted.
I also got a popup like this, ‘YOUR COMPUTER HAS BLOCKED’ They said you visited a website ,porngraphy ,zoophila, rape , if you want to unlock your computer then you must pay 150 kuwaiti”s diner by i-tunes gift card or if you unblock your computer from an unofficial technician then your case will be moved on ‘Kuwait police’YOU HAVE ONLY 12 HOURS TIME FOR PAY THE FEE………what is the meaning of this sentence. ..please reply me…I’m so afraid of this..
Hola Emilio
Mi nombre es Maria Teresa y también me ha pasado lo mismo, exactamente igual.
Gracias a tu comentario en esta página, sigo los mismos pasos en cuanto a anular la transferencia y denunciar a las autoridades.
La presente es para preguntarte:
1,_ Sí hiciste una revisión del ordenador.
2._ Después de la fechoría, has tenido algún intento, por parte de ellos, de entrar en tu correo, cuentas, etc.
Desde el 31 de julio, llevo sin abrir el ordenador por miedo a que se repita.
Gracias por tu atención y un saludo.
Buenas.
A mi tambien me acaban de salvar estos comentarios.
Colgué al hombre casi inmediatamente y cerré todo lo que habiamos hecho. Ahora estoy preocupado porque, aunque no llegué a darle mi nombre ni nada, estuvimos compartiendo pantalla un rato haciendo cosas raras. Ahora he vuelto a encender el ordenador y está todo bien, pero estoy preocupado. Solo he cerrado todo y apagado y vuelto a encender el portatil. Parece suficiente, pero no sé. Que piensan?
Gracias!
mi pc es una asus pero al entrar a pagina de internet me manda una pagina con un bip bip como alarma y solo ahi se queda que llame a una pagina de soporte, supongo que es todo lo que he leido como puedo quitarlo si no tengo instalado antivirus y no me deja conectarme a internet porque solo me pone esa pagina