My computer has a virus and it has been locked. Heeelp please.. It says something like: "NSA Internet Surveilance Program PRISM Your computer has been locked due to suspicion of illegal content downloading and distribution. In order to resolve the situation in an above-mentioned way you should pay a fine of $300" What do I do now??
It's fake... http://www.bleepingcomputer.com/virus-removal/remove-your-computer-has-been-locked-ransomware
If he starts his computer in Safe Mode (by pressing F8 button) he'll be able to use system restore. Sometimes, trying to get rid of a virus in your current setting is a waste of time. First, restore your computer to the earlier time, then clean it up with some anti-virus software (like Avira, which is free to install).
Boot in to safemode with networking, download combofix, and run it.. click ok to any popups, and after restarts should be good, but i would run malwarebytes, and a few antivirus to be sure.
gee, guys thank you for the answers. I don't think that this kind of virus is a reason to format my PC.. It just seems too drastic. I believe in the power of antivirus programs :-D Nope.. I did as you both said, except for combofix. After following the removal guide I found http://www.americanpendulum.com/2013/08/15/prism-virus-removal-guide/ but like you both said I downloaded http://www.malwarebytes.org/ and also http://www.avast.com/en-us/index after starting my computer in Safe Mode. Thank you all once again, it looks clean for now, lets hope it really is
its a fake and illegal scam and because of it a funny situation happened and a man was arrested start pc in safe mode and try malwarebyte or kaspersky . also check these 2 articles for future safety http://blog.yoocare.com/nsa-virus-scam-removal/ http://guides.yoosecurity.com/remove-nsa-internet-surveillance-program-virus-to-unlock-computer/
I hope you read the second post. I see @digitalpoint already help you with solution but you may didn't check the link given in the post. The link given by Digitalpoint above will told you how to remove the virus effectively. It works by creating boot-able disk which you can use to boot the computer and 'inject' the system. After the computer was being restarted, the virus will work as usual but the injected system will 'repel' the virus by loading a program that will hunt all viruses. After everything completely finished, your computer would be fine. Don't forget to fix all the setting and check any 'resources' on the system. If you didn't see the link in the second post, Here are several things to take a note: Don't format your disk. While formatting disk is the easiest way to destroy viruses, you will also lose the data and setting. Formatting disk is the last option which should not being used. If you ask me, I really hate doing this. Why? It is easier to fix it rather than to destroy the whole 'assets'. It is like destroying the whole house just to kill the mouse. If you want to format the disk, I suggest to re-partition the disk. Some viruses are smart enough to hide in partition. Formatting the disk or re-installing the OS are two bad things for me. Data and setting are very precious for me. Re-formatting and Re-installing are two things which I really hate. It is easier to battle the virus rather than 'give up' by destroying the system. Using system restore is good but I believe system restore is the first thing that will be infected by the virus. In this case, there is no access to the computer because the system has been take over by the virus. So system restore will not work. Using safe Mode. Safe mode is not accessible when this virus attacked and take over the whole system. Just follow the link in the second post. The link will help anyone to remove the virus with an easier way than other. This virus could be removed only by booting through removable medium. Scan the whole system and destroy the host viruses. Ransomware is not very dangerous virus. However the virus cause very bad thing because it disable the system by blocking 'user access'. The virus was classified as 'easy to be removed virus' which only inject the system. I didn't like to use Anti Virus and did everything manually. I love to mess up with the system. There is good reason why I have triple boot with different type of OS (2 Win and 1 Linux). For OP, it is better to install Virtual Machine if you often download 'resources' from internet. By doing so you will save headache from fixing computer and may able to trace-route/debug the virus. I have opened the link and it seems the information is very accurate.
First, you were correct if system restore may able to fix corrupted and damaged system. However, when you dealing with Ransom-ware type viruses, here are few things to take note: System restore and any types of file system backup were infected. Restoring the system is bad idea. It is impossible to select 'Safe Mode' when this virus already take over the system. This type of viruses (not the first type but the aggressive types, the first type didn't block 'safe mode' or 'recovery console') will block access through any mode. As long as the system is booted through infected system, it would be impossible to enter the OS. This viruses was loaded through 'resources' that is loaded before the OS. It is almost impossible to remove it using current OS. I don't know why but it seems no one read the link which is available in second post. The link already give an easier and better way to remove the viruses. Even beginner could remove it with 'less effort' using the free tool provided in that link.
i remember fixing a virus similar to this it was called ukash iirc, you have to locate the files first. disconnect your internet since this is how the virus is displaying everytime you connect or it attempts to use the internet launch in safe mode, ctrl/alt/del and close any program associated with that particular virus (google the name) run scans etc... you then have to remove registry files in ms reg to clear this thing up completely or it will keep coming back hope this helps, this is a tough one in my previous experiences E: also system restore will do nothing FYI EE: sorry forgot to mention you will probably need to go into your explorer setting and change it, i'll try and find the website to guide you through it
Download the file Dr.Web CureIt.And to download on a flash card.To start the computer in the safe mode.It is possible to start the file even if you have an antivirus.And to scan them the computer. Huge plus of the program, vty that it doesn't delete a fayly treats.
buy another one and make sure that you purschasing right antivirus. hehe No, I dont think you do not have to buy a new one. enough to use safe mode, fix your problem there. sometimes there are strange things in the program manager. or anything else you can reformat your hard drive.
If loading of the computer is blocked and on the screen there was a window with an inscription "WINDOWS Locked" you fell a victim of family of harmful programs Trojan.Winlock. Win32.Blocker,At installation on the computer these malwares register in automatic loading, in a register key.[Software\Microsoft\Windows NT\CurrentVersion\Winlogon], it is simple to remove with the help AVZ, AVPTool, Dr.Web CureIt!