PRISM virus (Ransomware)
The PRISM virus is a term used to describe dangerous malware categorized as ransomware that restricts access to an infected computer system using a full screen window that fraudulently claims to contain a message from the government of the United States of America or departments of U.S. government including the National Security Agency (NSA), Federal Bureau of Investigation FBI, and others. The PRISM virus causes the screen to lock and displays a message that states the computer has been locked due to suspicion of illegal content downloading and distribution.
The messages displayed on the fraudulent page that claims to be from a government department should be ignored as they are false. This computer virus is not associated with the government of the United States or any government department from any country. A common message displayed by this dangerous cryptovirus is detailed below:
NSA INTERNET SURVEILLANCE PROGRAM PRISM COMPUTER CRIME PROSECUTION SECTION YOUR COMPUTER HAS BEEN LOCKED! Your computer has been locked due to suspicion of illegal content downloading and distributing The illegal content (414 Mb of photo and video files) was automatically classified as child pornographic materials. The downloading and distribution of illegal content, in whole or in in part, violate the following U.S. Federal Laws (botcrawl.com): 18 U.S.C. 2251 Sexual exploitation of children (Production of child pornography) 18 U.S.C. 2252 Certain actives relating to material involving the sexual exploitation of minors (Possession, distribution and receipt of child pornography) 18 U.S.C. 2252A Certain activities relating to material constituting or containing child pornography Any individual who violates, or attempts to violate, or conspires to violate mentioned laws shall be sentenced to mandatory term of imprisonment from 6 month to 10 years and shall be fined up to $250,000
The PRISM virus further details that in order to unlock your computer system a penalty fine of $100, $200, $300, or more must be paid in an allotted amount of time by use of online credit services such as Green Dot MoneyPak. DO NOT PAY THE FINE. Even if you chose to pay the fine chances are the lock-screen will reappear if it is removed at all. Furthermore paying the fine may initiate undetected malware to remain on the system in order to collect sensitive user information used in cyber crimes relating to credit theft, extortion, and identity theft. In some cases ransomware may record webcam video and microphone audio.
Hows does the PRISM virus infect a computer?
PRISM malware and similar ransomware including the FBI virus and NSA virus is primarily contracted via exploit kits and trojan horses located on compromised and hacked websites, email spam attachments, torrents, and malicious advertisements.
How to remove the PRISM virus
- Removal software (Automatic removal) – Detect and remove PRISM ransomware
- System Restore – Restore PC to date and time before PRISM ransomware infection
1. PRISM virus removal software
1. Install the free or paid version of Malwarebytes Anti-Malware software.
Malwarebytes Anti-Malware Editor’s Choice
Latest versions: Malwarebytes Anti-Malware PRO, Malwarebytes Anti-Malware Free
Release date: 2013
2. Once Malwarebytes is installed, open the Anti-Malware program. If you are using the free version of Malwarebytes you will be prompted to update the database, please do so.
3. On the first tab labeled “Scanner” select the Perform full scan option and click the Scan button to perform a full system scan (pictured below).
4. Malwarebytes will automatically detect the PRISM virus and third-party malware on your computer. Once the scan is complete, Malwarebytes will prompt a message stating malicious objects were detected. Select (check) the malicious objects in the list and click the Remove Selected button to completely remove the fake PRISM malware from your computer (The image below shows a file that is NOT selected for removal – ‘Make sure the box is checked in’).
2. System Restore
A System Restore is an easy solution to restore an infected computer to a date and time before it became infected with the PRISM computer virus. To learn more please select a link below:
PRISM virus removal tips:
If the PRISM virus is difficult to remove there are several steps you can use to troubleshoot the removal process:
Ransomware often infects 1 user account on Windows systems at a time. Here are some tips to remove ransomware by using different user accounts.
- Log into an account not affected by malware (with administrative rights) and perform a scan with reputable software to detect and remove malware.
- You can also delete the infected account.
- Other options include creating a new user account to remove malware if only 1 Window’s user account is present on the computer system.
Some variants of ransomware use flash and symptoms of the infection can be halted by denying flash via Macromedia’s real-time options. To learn more and deny flash please visit: http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html
Troubleshoot internet/network issues
Safe Mode With Networking can be used to access the Internet for updates, drivers, removal software, or other files if internet and network connectivity is compromised.