TROJ_RANSOM.CXB

Posted: November 22, 2012

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	10/10
Infected PCs:	78

First Seen:	November 25, 2012
OS(es) Affected:	Windows

Also, known as 'FBI Your PC is blocked' Ransomware, TROJ_RANSOM.CXB displays a fake legal warning regarding copyright infringement, blocks other programs on your computer and demands that you pay a MoneyPak fine before your PC is restored to normal. Despite its attempts to look like an authenticate legal alert, TROJ_RANSOM.CXB isn't endorsed by the FBI and is installed without any attempt to detect the crimes that it appears to be trying to prevent. SpywareRemove.com malware researchers recommend that you disable and delete TROJ_RANSOM.CXB with standard anti-malware methods as noted in this article – and emphasize that you don't need to pay TROJ_RANSOM.CXB's fee to do so.

The Reasons Not to Heed TROJ_RANSOM.CXB's FBI When They Come A-Calling for You

TROJ_RANSOM.CXB is just one of the recent examples of ransomware trojans to target the United States under a fake FBI banner. Similar ransomware trojans include the FBI MoneyPak Ransomware, the FBI Ultimate Game Card Virus, FBI Green Dot Moneypak Virus, and 'FBI Online Agent has blocked your computer for security reason' Ransomware. – as well as a variant of TROJ_RANSOM.CXB, TROJ_RANSOM.AAF. All of these trojans are easily identified due to their usage of fake FBI warning pop-ups.

TROJ_RANSOM.CXB's pop-up includes the usual threats about illegal media file-viewing, downloading or distribution, along with a request to pay a two hundred dollar fine through MoneyPak. Besides its pop-up, TROJ_RANSOM.CXB also loops an MP3 audio file that announces additional warnings – all of which are fraudulent and can be ignored without incurring any legal penalties.

TROJ_RANSOM.CXB attacks appear to be targeted at residents of the United States. However, SpywareRemove.com malware researchers warn that similar ransomware trojans have been identified in attacks against other countries – especially Europe. As such, all PC users in general should take suitable precautions to protect their computers from common infection vectors like spam e-mail and exploit-using websites.

The Sticking Point in TROJ_RANSOM.CXB's Little Ransom Idea

TROJ_RANSOM.CXB also launches automatically with Windows and must be disabled by Safe Mode or a removable USB drive reboot. Until you disable TROJ_RANSOM.CXB, you may be unable to access the Command Prompt, Registry Editor, Task Manager or other Windows tools. This also places your PC in a state of vulnerability that should be remedied as soon as possible.

To remove TROJ_RANSOM.CXB and its undesirable changes to your computer, SpywareRemove.com malware researchers don't recommend that you pay its fine. Instead of rewarding criminals for their misbehavior, you should keep your money and delete TROJ_RANSOM.CXB after it's been disabled by one of the tactics noted in this article. Most anti-malware programs with a good reputation should be adequate at handling TROJ_RANSOM.CXB (which doesn't display any type of particularly in-depth or unusual defenses against dedicated anti-malware products).

TROJ_RANSOM.CXB

Threat Metric

The Reasons Not to Heed TROJ_RANSOM.CXB's FBI When They Come A-Calling for You

The Sticking Point in TROJ_RANSOM.CXB's Little Ransom Idea

Leave a Reply