Fake FBI Anti-Piracy Warning
The Fake FBI Anti-Piracy Warning is a pop-up warning that claims to have blocked your computer as a consequence of your illegal file-downloading crimes, although Trojans that display Fake FBI Anti-Piracy Warnings aren't capable of detecting this or any other type of copyright infringement. To unlock your PC, the Fake FBI Anti-Piracy Warning claims that you'll need to pay a legal fee, but the Fake FBI Anti-Piracy Warning isn't affiliated with the FBI and never should be paid as a solution to its attacks. SpywareRemove.com malware analysts haven't found any reasons to do anything other than treat Fake FBI Anti-Piracy Warning as malicious and illegal software, and, as such, you should feel free to remove Fake FBI Anti-Piracy Warning with anti-malware programs whenever it's required.
Why Your Downloading Habits Aren't the Fake FBI Anti-Piracy Warning's Prime Interest
The Fake FBI Anti-Piracy Warning is an updated variant of similar pop-ups from related ransomware Trojans that SpywareRemove.com malware researchers have taken particular note of in the past year. Examples of similar PC threats include the FBI Green Dot Moneypak Virus, FBI Moneypak Ransomware, 'FBI Online Agent has blocked your computer for security reason' Ransomware, the FBI Ultimate Game Card Virus and 'FBI Your PC is blocked' Ransomware. Just like the Fake FBI Anti-Piracy Warning, none of the above Trojans are aligned with the FBI, but they will include aesthetic details in their pop-ups that make them look as though they're sent by the FBI as a result of your supposedly illegal computer activities.
Besides accusing you of downloading copyright-protected media, Fake FBI Anti-Piracy Warning also captures your webcam footage and displays it in a sub-window (implying that the FBI is monitoring you visually). Along with threats that you could be arrested for more than three years for a failure to comply with its demands, the Fake FBI Anti-Piracy Warning asks you to pay a MoneyPak fee, which supposedly will unlock your computer, in addition to serving as legal compensation for your transgressions. SpywareRemove.com malware experts recommend against paying the Fake FBI Anti-Piracy Warning's fine, just as they recommend against rewarding any other ransomware Trojan – which usually isn't designed to unlock your PC even if you do pay the illegal fee.
Peeling the Fake FBI Anti-Piracy Warning Off of Your Monitor without Falling Victim to Its Extortion Racket
Once you learn to ignore all the fake legalistic details of a Fake FBI Anti-Piracy Warning, the Fake FBI Anti-Piracy Warning actually can be identified as an expanded and borderless pop-up – just the same as any other pop-up advertisement that commonly is displayed on less trustworthy than usual websites. To remove the Fake FBI Anti-Piracy Warning, you'll need to delete the ransomware Trojan that's displaying it – a process that SpywareRemove.com malware experts recommend enabling with an appropriate anti-malware scanner.
Since ransomware Trojans that display pop-ups like the Fake FBI Anti-Piracy Warning can block various programs, including anti-malware applications, SpywareRemove.com malware experts encourage you to try to disable the Fake FBI Anti-Piracy Warning's malware before you scan your PC. The Safe Mode feature of Windows usually is the most convenient solution for this, although other procedures (such as booting uninfected operating systems from USB devices) also can be used if they're necessary.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%CommonAppData%\
File name: %CommonAppData%\%CommonAppData%\.exe
File name: %CommonAppData%\.exeFile type: Executable File
Mime Type: unknown/exe
%CommonAppData%\\arr-next.gif
File name: %CommonAppData%\\arr-next.gifMime Type: unknown/gif
%CommonAppData%\\bg.wav
File name: %CommonAppData%\\bg.wavMime Type: unknown/wav
%CommonAppData%\\b-sep.gif
File name: %CommonAppData%\\b-sep.gifMime Type: unknown/gif
%CommonAppData%\\btn.png
File name: %CommonAppData%\\btn.pngMime Type: unknown/png
%CommonAppData%\\btn-sq.gif
File name: %CommonAppData%\\btn-sq.gifMime Type: unknown/gif
%CommonAppData%\\cam-place.bmp
File name: %CommonAppData%\\cam-place.bmpMime Type: unknown/bmp
%CommonAppData%\\card.jpg
File name: %CommonAppData%\\card.jpgMime Type: unknown/jpg
%CommonAppData%\\green-l.png
File name: %CommonAppData%\\green-l.pngMime Type: unknown/png
%CommonAppData%\\green-r.png
File name: %CommonAppData%\\green-r.pngMime Type: unknown/png
%CommonAppData%\\ie7.css
File name: %CommonAppData%\\ie7.cssMime Type: unknown/css
%CommonAppData%\\larr.gif
File name: %CommonAppData%\\larr.gifMime Type: unknown/gif
%CommonAppData%\\lock.png
File name: %CommonAppData%\\lock.pngMime Type: unknown/png
%CommonAppData%\\locked-text-en.png
File name: %CommonAppData%\\locked-text-en.pngMime Type: unknown/png
%CommonAppData%\\logo-img.png
File name: %CommonAppData%\\logo-img.pngMime Type: unknown/png
%CommonAppData%\\logo-text.gif
File name: %CommonAppData%\\logo-text.gifMime Type: unknown/gif
%CommonAppData%\\main.html
File name: %CommonAppData%\\main.htmlMime Type: unknown/html
%CommonAppData%\\mainbg.gif
File name: %CommonAppData%\\mainbg.gifMime Type: unknown/gif
%CommonAppData%\\mcafee-lock.png
File name: %CommonAppData%\\mcafee-lock.pngMime Type: unknown/png
%CommonAppData%\\money.gif
File name: %CommonAppData%\\money.gifMime Type: unknown/gif
%CommonAppData%\\moneypak.png
File name: %CommonAppData%\\moneypak.pngMime Type: unknown/png
%CommonAppData%\\payments-en.png
File name: %CommonAppData%\\payments-en.pngMime Type: unknown/png
%CommonAppData%\\side-block.png
File name: %CommonAppData%\\side-block.pngMime Type: unknown/png
%CommonAppData%\\step.gif
File name: %CommonAppData%\\step.gifMime Type: unknown/gif
%CommonAppData%\\step.png
File name: %CommonAppData%\\step.pngMime Type: unknown/png
%CommonAppData%\\style.css
File name: %CommonAppData%\\style.cssMime Type: unknown/css
%CommonAppData%\\wait.html
File name: %CommonAppData%\\wait.htmlMime Type: unknown/html
%WinDir%\.exe
File name: %WinDir%\.exeFile type: Executable File
Mime Type: unknown/exe
Registry Modifications
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "" = "C:\WINDOWS\.exe;"
I'm not sure if this post will be allowed since I'm mineiontng I use Norton. I have Norton Internet Security installed on this pc & the Norton/Symantec forum is very busy with new postings of this "moneypac" issue on their computers. Also the forums have been very active with postings of "Trojan gen.2 and zeroaccess infection". From what I've been reading in the posts, Norton can't stay ahead of the infections from the last two, due to the bad guys constantly making new variations. Does Sophos do a better job at preventing infections from these nasties or do all anti-virus, internet suites, lag behind the bad guys?I know no "security suite" is going to be 100% effective every day, but I'm starting to feel like we're in a time the bad guys are winning in critical areas.