The warning that is presented as one supposedly originating from IRMA (Information Resources Management Association) is a brand new ransomware virus program that has been elaborated by the pack of online crooks who want to earn money with unfair methods. The scary alert also associates itself with BSA (Business Software Alliance). Both of these organizations – Information Resources Management Association and Business Software Alliance – are well-known and reputable agencies that are meant to protect intellectual property rights (copyrights) of software, audio and video authors. This warning that you see on your screen now isn’t associated with these two decent companies, even though many users today thing like that. This is why in their search queries on how to get rid of this scareware they tend to indicate “IRMA virus” or “BSA virus”. Being scammed by this fraudulent locker isn’t a pleasant experience, of course. The solution needs to be found in order to unlock the infected machine. In the guidelines below we will try to stipulate our methods of unlocking the PC from this malicious desktop hijacker.
Here is the full quotation from the text of IRMA (BSA) ransomware. See how tricky it is in its attempts to scare users. Do not trust any word you see in the quotation below.
Creator of Knowledge
Information Resources Management Association
Advancing the Concepts and Practices of Information Resources Management in Modern Organization
Business Software Alliance
All activity on this computer has been recorded. If you use a webcam, all activity was saved for identification.
Your personal computer has been noticed in viewing, storing and using of forbidden and pirate software, audio and video content.
Now your PC is locked by Business Software Alliance trade group and Information Resouces Management Association.
This project was created to struggle for purity of the Internet. You are visiting, viewing and using forbidden content, sponsoring the ownsers of this content (forbidden and pirate). You are putting yourself and yoru computer at risk by using this content. Real creators of this content, who are concerned about your securiyt, are loosing billions of dollars.
Warning! Do not use pirate (forbidden) content.
How the pirate (forbidden) content can be dangerous? There are hidden procedures for tracing and transmission your personal data running with this content. Your personal data can be used for fraudulent purposes. Using, watching, saving pirate (forbidden) content you are violating at least one act of the law of our country. In the worst case, you may break up to four acts of pirate content law.
If you don’t pay the fee, all data about using or pirate (forbidden) content, your personal IP address, webcam data (if you use it) will be sent to the self-government, where your case will be considered on an individual basis and appropriate measures will be taken.
How to protect yourself and don’t lock your computer again?
You have to use licensed only software, store only licensed and legal files and programs on your computer. You shouldn’t use any software for downloading audio, video and other types of pirate and forbidden content on your computer. You should avoid any registrations and publications at sites, containing pirate and forbidden content. Your computer shouldn’t be used for transmission or forbidden data.
How to unlock your computer?
You should buy PaySafeCard or Ukash voucher denominated of 200 dollars.
The number of code needs to be entered in the field below. After entering, check correctness of the code number and press “OK” button. Your computer will be unlocked in 1-72 hours.
Read attentively! After paying the fee!
After paying the free, this application will unlock your PC for 7 days (168 hours), and will be activated again after this term. You have this time to remove pirate (forbidden) content.
After paying the free you can get the free consultation at firstname.lastname@example.org, send a fax to +1-253-512-8497 or get a support on the phone calling +1-202-872-5501.
It seems like this IRMA (BSA) ransomware is of international character too. There are at least two versions of it where hackers instruct users to donate funds in their favor by means of indication or Ukash/Paysafecard vouchers codes or GreenDot MoneyPak codes. The first payment systems (Ukash and Paysafecard) are especially popular in European countries, whereas GreenDot MoneyPak system is mostly spread in the USA and Canada. Obviously, hackers have invented a new malicious tool that is predestined to collect financially beneficial information from tricked users in various countries of the world. We hope that you will never be caught by this hook. Read the instructions provided below to find out how exactly to unlock your system from this nasty malware sample.
IRMA (BSA) ransomware unlocking procedure
Note! This tutorial is effective for all GreenDot MoneyPak, Ukash and Paysafecard ransomwares.
- Restart your computer and press F8 while it is restarting.
- Choose safe mode with networking.
- Press Start menu and select Run, or press [Win]+R on keyboard.
- Type msconfig
- Disable startup items rundll32 turning on any application from Application Data.
- Restart your system once again.
- Scan your system with GridinSoft Trojan Killer to identify file and delete it.
Some versions of these viruses disable all safe modes, but give a short gap that you can use to run anti-malware programs. Then do following:
- Reboot normally.
- Click Start and choose Run.
- Enter the text specified in the quotation below. If malware is loaded, just press Alt+Tab once and keep entering the string blindly then press Enter.
- Press Alt+tab and then R (letter) a couple of times. The process of ransomware virus should be killed after you succeed to download, install our recommended software and scan your PC with it.
Download GridinSoft Trojan Killer for thorough system checkup
Find more information about the ransomware prevention here.