‘All Activities of This Computer Have Been Recorded’ Ransomware

Posted: July 15, 2013

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	2/10
Infected PCs:	43

First Seen:	July 15, 2013
OS(es) Affected:	Windows

The 'All Activities of this Computer Have Been Recorded' Ransomware is a fake FBI Trojan that uses a fraudulent legal warning that claims to be locking your computer as a legal action on behalf of the relevant authorities. While the 'All Activities of this Computer Have Been Recorded' Ransomware does, in fact, block you from using some other programs and will try to keep your system locked down until payment is made – if not even longer than that – the 'All Activities of this Computer Have Been Recorded' Ransomware is not a legal program and doesn't attempt to issue real legal warnings to criminals. While SpywareRemove.com malware researchers warn that the 'All Activities of this Computer Have Been Recorded' Ransomware may need some additional security steps before removing the 'All Activities of this Computer Have Been Recorded' Ransomware can be achieved safely, the 'All Activities of this Computer Have Been Recorded' Ransomware never should be paid, and all incidents of the 'All Activities of this Computer Have Been Recorded' Ransomware attacks should be treated as malware infections.

The 'All Activities of this Computer Have Been Recorded' Ransomware: a Spying Eye Focused on Your Money

The 'All Activities of this Computer Have Been Recorded' Ransomware is designed to look like an online utility controlled by the US Federal Bureau of Investigation, claiming that your computer has been locked due to typical issues such as viewing illegal pornography, violating copyright laws or being compromised by a third party. In addition to blocking other programs that are critical to your PC's proper maintenance (such as the Windows Task Manager), 'All Activities of this Computer Have Been Recorded' Ransomware also may make other attacks, such as lowering your security settings, hijacking your browser or concealing your desktop shortcuts. The 'All Activities of this Computer Have Been Recorded' Ransomware also claims to encrypt the files on your PC to make them unusable, although SpywareRemove.com malware experts haven't confirmed this and note that most FBI ransomware Trojans like the 'All Activities of this Computer Have Been Recorded' Ransomware usually do not back up this threat.

With all of these bluffs in place, the 'All Activities of this Computer Have Been Recorded' Ransomware's ultimatum is that you must pay a sum to unlock your computer, preserve your privacy and keep the files on your computer safe. However, this isn't a lawful request, and the obvious telltale sign of the 'All Activities of this Computer Have Been Recorded' Ransomware's demanded payment through MoneyPak is a rather large clue to the fact that the 'All Activities of this Computer Have Been Recorded' Ransomware simply is designed to scam you. SpywareRemove.com malware researchers don't recommend paying the 'All Activities of this Computer Have Been Recorded' Ransomware's ransom since there are easier – and less expensive – ways than that to unlock your computer and restore any damaged files.

The Only Computer Activity You Should Be Concerned with When It Comes to the 'All Activities of this Computer Have Been Recorded' Ransomware

Since the 'All Activities of this Computer Have Been Recorded' Ransomware will attempt to restrict your access to useful and necessary applications for disinfecting your PC, SpywareRemove.com malware experts recommend loading a spare USB device or similar hard drive that can be used to boot your PC from an uninfected OS. Although the 'All Activities of this Computer Have Been Recorded' Ransomware launches with Windows, a successful remote system boot will let you disable the 'All Activities of this Computer Have Been Recorded' Ransomware and proceed with the disinfection process. This also can thwart similar FBI ransomware Trojans such as the FBI 'Your Browser Has Been Blocked' Ransomware, the 'FBI Waarschuwing! Uw Computer is Vergrendeld' Virus, the FBI Green Dot Moneypak Virus, the FBI Online Agent has blocked your computer for security reason' Ransomware, the FBI Cybercrime Division Virus, the FBI PayPal Virus and the FBI Ultimate Game Card Virus.

With your PC accessible without any program-blocking attacks or other issues interfering, you should delete the 'All Activities of this Computer Have Been Recorded' Ransomware with appropriate anti-malware tools. Because the 'All Activities of this Computer Have Been Recorded' Ransomware does not distribute itself, you should be aware of the possibility of other PC threats being installed on your computer with individualized payloads separate from the 'All Activities of this Computer Have Been Recorded' Ransomware's pop-up and system lockdown. SpywareRemove.com malware experts usually observe fake FBI Trojans like the 'All Activities of this Computer Have Been Recorded' Ransomware being installed by exploit kits (the Blackhole Exploit Kit, Sweet EK, etc) or by Trojan downloaders (such as Zlob).

Technical Details

Additional Information

The following URL's were detected:

monerohush.com

The following messages's were detected:

#	Message
1	THE FBI FEDERAL BUREAU OF INVESTIGATION CYBER DEPARTMENT All activities of this computer have been recorded All your files are encrypted. Don't try to unlock your computer! Your browser has been blocked due at least one of the reasons specified below. You have been subjected to violation of Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted contents, thus infringing Article 1, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America. Article 1, Section 8, Cause 8of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years. You have been viewing or distributing prohibited Pornographic content (Child Porno photos and etc were found on your computer). Thus violating article 202 of the Criminal Code of United States of America, Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years. Illegal access has been initiated from your PC with ought your knowledge or consent, your PC may be infected by malware, thus you are violating the law on Neglectful Use of Personal Computer. Articles 210 of the Criminal Code provides for a fine up to $100,000 and/or deprivation of liberty for four to nine years. Pursuant to the amendment of Criminal Code of United States of America of May 28, 2011, this law infringement (if it is not repeated - first time) may be considered as conditional in case you pay the fine of the States. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300. Payable through GreenDot MoneyPak (you have to purchase MoneyPak card. load it with $300 and enter the code). You can buy the code at any shop or gas station. MoneyPak is available at the stores nationwide. When you pay the fine, your browser will be unblocked in 3 to 12 hours after the money is put into the States's account. Please note: Fine may only be paid within 12 hours. As soon as 12 hours elapse, the possibility to pay the fine expires. All PC data will be detained and criminal procedures will be initiated against you if the fine is not paid.

Message

THE FBI FEDERAL BUREAU OF INVESTIGATION CYBER DEPARTMENT
All activities of this computer have been recorded
All your files are encrypted. Don't try to unlock your computer!
Your browser has been blocked due at least one of the reasons specified below.
You have been subjected to violation of Copyright and Related Rights Law (Video, Music, Software) and illegally using or distributing copyrighted contents, thus infringing Article 1, Section 8, Clause 8, also known as the Copyright of the Criminal Code of United States of America. Article 1, Section 8, Cause 8of the Criminal Code provides for a fine of two to five hundred minimal wages or a deprivation of liberty for two to eight years.
You have been viewing or distributing prohibited Pornographic content (Child Porno photos and etc were found on your computer). Thus violating article 202 of the Criminal Code of United States of America, Article 202 of the Criminal Code provides for a deprivation of liberty for four to twelve years.
Illegal access has been initiated from your PC with ought your knowledge or consent, your PC may be infected by malware, thus you are violating the law on Neglectful Use of Personal Computer. Articles 210 of the Criminal Code provides for a fine up to $100,000 and/or deprivation of liberty for four to nine years. Pursuant to the amendment of Criminal Code of United States of America of May 28, 2011, this law infringement (if it is not repeated - first time) may be considered as conditional in case you pay the fine of the States. To unlock your computer and to avoid other legal consequences, you are obligated to pay a release fee of $300. Payable through GreenDot MoneyPak (you have to purchase MoneyPak card. load it with $300 and enter the code). You can buy the code at any shop or gas station. MoneyPak is available at the stores nationwide.
When you pay the fine, your browser will be unblocked in 3 to 12 hours after the money is put into the States's account. Please note: Fine may only be paid within 12 hours. As soon as 12 hours elapse, the possibility to pay the fine expires. All PC data will be detained and criminal procedures will be initiated against you if the fine is not paid.