1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

My computer is locked

Discussion in 'General Chat' started by coconut, Aug 16, 2013.

  1. #1
    My computer has a virus and it has been locked. Heeelp please..

    It says something like:

    "NSA Internet Surveilance Program PRISM
    Your computer has been locked due to suspicion of illegal content downloading and distribution.
    In order to resolve the situation in an above-mentioned way you should pay a fine of $300"

    What do I do now?? :oops:
     
    coconut, Aug 16, 2013 IP
  2. digitalpoint

    digitalpoint Overlord of no one Staff

    Messages:
    38,334
    Likes Received:
    2,613
    Best Answers:
    462
    Trophy Points:
    710
    Digital Goods:
    29
    #2
    digitalpoint, Aug 16, 2013 IP
    Arick unirow likes this.
  3. pilot35

    pilot35 Active Member

    Messages:
    388
    Likes Received:
    11
    Best Answers:
    0
    Trophy Points:
    85
    #3
    Lol. How did you get that ransomware in your computer?
     
    pilot35, Aug 17, 2013 IP
  4. BRITTANEY86

    BRITTANEY86 Banned

    Messages:
    190
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    23
    #4
    Buy another computer,$300 is too much
     
    BRITTANEY86, Aug 17, 2013 IP
  5. qwikad.com

    qwikad.com Illustrious Member Affiliate Manager

    Messages:
    7,201
    Likes Received:
    1,673
    Best Answers:
    29
    Trophy Points:
    475
    #5
    If he starts his computer in Safe Mode (by pressing F8 button) he'll be able to use system restore. Sometimes, trying to get rid of a virus in your current setting is a waste of time. First, restore your computer to the earlier time, then clean it up with some anti-virus software (like Avira, which is free to install).
     
    qwikad.com, Aug 17, 2013 IP
  6. kip

    kip Notable Member

    Messages:
    1,513
    Likes Received:
    70
    Best Answers:
    0
    Trophy Points:
    205
    #6
    Boot in to safemode with networking, download combofix, and run it.. click ok to any popups, and after restarts should be good, but i would run malwarebytes, and a few antivirus to be sure.
     
    kip, Aug 17, 2013 IP
  7. Twister85

    Twister85 Active Member

    Messages:
    23
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    66
    Digital Goods:
    1
    #7
    Reinstall the OS via formatting the drive offline with safe mode or CD boot.
     
    Twister85, Aug 17, 2013 IP
  8. coconut

    coconut Peon

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #8
    gee, guys thank you for the answers. :)
    I don't think that this kind of virus is a reason to format my PC.. It just seems too drastic. I believe in the power of antivirus programs :-D
    Nope.. :D

    I did as you both said, except for combofix. After following the removal guide I found http://www.americanpendulum.com/2013/08/15/prism-virus-removal-guide/
    but like you both said I downloaded http://www.malwarebytes.org/ and also http://www.avast.com/en-us/index after starting my computer in Safe Mode.

    Thank you all once again, it looks clean for now, lets hope it really is :)
     
    coconut, Aug 19, 2013 IP
  9. rajin

    rajin Well-Known Member

    Messages:
    242
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    108
    #9
    its a fake and illegal scam and because of it a funny situation happened and a man was arrested
    start pc in safe mode and try malwarebyte or kaspersky . also check these 2 articles for future safety

    http://blog.yoocare.com/nsa-virus-scam-removal/
    http://guides.yoosecurity.com/remove-nsa-internet-surveillance-program-virus-to-unlock-computer/
     
    rajin, Aug 19, 2013 IP
  10. Arick unirow

    Arick unirow Acclaimed Member

    Messages:
    719
    Likes Received:
    298
    Best Answers:
    30
    Trophy Points:
    500
    #10
    I hope you read the second post. I see @digitalpoint already help you with solution but you may didn't check the link given in the post. The link given by Digitalpoint above will told you how to remove the virus effectively.
    It works by creating boot-able disk which you can use to boot the computer and 'inject' the system. After the computer was being restarted, the virus will work as usual but the injected system will 'repel' the virus by loading a program that will hunt all viruses. After everything completely finished, your computer would be fine. Don't forget to fix all the setting and check any 'resources' on the system.

    If you didn't see the link in the second post, Here are several things to take a note:
    1. Don't format your disk.
      While formatting disk is the easiest way to destroy viruses, you will also lose the data and setting. Formatting disk is the last option which should not being used. If you ask me, I really hate doing this. Why? It is easier to fix it rather than to destroy the whole 'assets'. It is like destroying the whole house just to kill the mouse. If you want to format the disk, I suggest to re-partition the disk. Some viruses are smart enough to hide in partition. :)
      Formatting the disk or re-installing the OS are two bad things for me.
      Data and setting are very precious for me. Re-formatting and Re-installing are two things which I really hate. It is easier to battle the virus rather than 'give up' by destroying the system.
    2. Using system restore is good but I believe system restore is the first thing that will be infected by the virus. In this case, there is no access to the computer because the system has been take over by the virus. So system restore will not work.
    3. Using safe Mode. Safe mode is not accessible when this virus attacked and take over the whole system.
    4. Just follow the link in the second post. The link will help anyone to remove the virus with an easier way than other.
    5. This virus could be removed only by booting through removable medium. Scan the whole system and destroy the host viruses.
    6. Ransomware is not very dangerous virus. However the virus cause very bad thing because it disable the system by blocking 'user access'. The virus was classified as 'easy to be removed virus' which only inject the system.
    I didn't like to use Anti Virus and did everything manually. I love to mess up with the system. There is good reason why I have triple boot with different type of OS (2 Win and 1 Linux).

    For OP, it is better to install Virtual Machine if you often download 'resources' from internet. By doing so you will save headache from fixing computer and may able to trace-route/debug the virus.
    I have opened the link and it seems the information is very accurate.
     
    Last edited: Aug 19, 2013
    Arick unirow, Aug 19, 2013 IP
  11. devilx

    devilx Active Member

    Messages:
    266
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    88
    #11
    yes this is work , if you do it step by step will fix your computer
     
    devilx, Aug 20, 2013 IP
  12. Arick unirow

    Arick unirow Acclaimed Member

    Messages:
    719
    Likes Received:
    298
    Best Answers:
    30
    Trophy Points:
    500
    #12
    First, you were correct if system restore may able to fix corrupted and damaged system. However, when you dealing with Ransom-ware type viruses, here are few things to take note:
    1. System restore and any types of file system backup were infected. Restoring the system is bad idea.
    2. It is impossible to select 'Safe Mode' when this virus already take over the system. This type of viruses (not the first type but the aggressive types, the first type didn't block 'safe mode' or 'recovery console') will block access through any mode. As long as the system is booted through infected system, it would be impossible to enter the OS.
    3. This viruses was loaded through 'resources' that is loaded before the OS. It is almost impossible to remove it using current OS.
    I don't know why but it seems no one read the link which is available in second post. The link already give an easier and better way to remove the viruses. Even beginner could remove it with 'less effort' using the free tool provided in that link.
     
    Arick unirow, Aug 20, 2013 IP
  13. mark ginn

    mark ginn Active Member

    Messages:
    141
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    53
    #13
    i remember fixing a virus similar to this it was called ukash iirc, you have to locate the files first.
    disconnect your internet since this is how the virus is displaying everytime you connect or it attempts to use the internet
    launch in safe mode, ctrl/alt/del and close any program associated with that particular virus (google the name)
    run scans etc...
    you then have to remove registry files in ms reg to clear this thing up completely or it will keep coming back

    hope this helps, this is a tough one in my previous experiences

    E: also system restore will do nothing FYI
    EE: sorry forgot to mention you will probably need to go into your explorer setting and change it, i'll try and find the website to guide you through it
     
    mark ginn, Apr 22, 2014 IP
  14. Popova_Anna

    Popova_Anna Peon

    Messages:
    8
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    1
    #14
    Download the file Dr.Web CureIt.And to download on a flash card.To start the computer in the safe mode.It is possible to start the file even if you have an antivirus.And to scan them the computer. Huge plus of the program, vty that it doesn't delete a fayly treats.
     
    Popova_Anna, Mar 22, 2015 IP
  15. agung fajriadi

    agung fajriadi Well-Known Member

    Messages:
    119
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    130
    #15
    buy another one and make sure that you purschasing right antivirus. hehe

    No, I dont think you do not have to buy a new one. enough to use safe mode, fix your problem there. sometimes there are strange things in the program manager. or anything else you can reformat your hard drive.
     
    agung fajriadi, Mar 29, 2015 IP
  16. Popova_Anna

    Popova_Anna Peon

    Messages:
    8
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    1
    #16
    If loading of the computer is blocked and on the screen there was a window with an inscription "WINDOWS Locked" you fell a victim of family of harmful programs Trojan.Winlock. Win32.Blocker,At installation on the computer these malwares register in automatic loading, in a register key.[Software\Microsoft\Windows NT\CurrentVersion\Winlogon], it is simple to remove with the help AVZ, AVPTool, Dr.Web CureIt!
     
    Popova_Anna, Apr 1, 2015 IP