The Computer Crime and Intellectual Property Section ransomware is a computer infection that displays a screen requesting money before it allows you to access your Windows desktop. This screen locker pretends to be an alert from the FBI that states they have detected that you have been viewing child pornography, using unlicensed software, or distributing copyrighted files. They further state that in order to avoid federal prosecution you must pay a fee of $300 in the form of a MoneyPak voucher within 72 hours to gain access to your computer again.

Read Entire Removal Guide

Win 7 Security Cleaner Pro is a rogue anti-spyware program from the Rogue.FakeRean-Braviax family of computer infections. This infection is considered a rogue anti-spyware program because it purposely displays fake scan results, false security warnings, hijacks your web browser, and does not allow you to run your legitimate Windows applications. This scareware is promoted through web sites that have been hacked with scripts that try to install the software by exploiting vulnerabilities on your computer. It is also promoted through Trojans that pretend to be legitimate programs that are required to view an online video, but instead install the infection.

Read Entire Removal Guide

Vista Security Cleaner Pro is a computer infection from the Rogue.FakeRean-Braviax family of rogue anti-spyware programs. This infection is considered a rogue anti-spyware program because it purposely displays fake scan results, false security warnings, hijacks your web browser, and does not allow you to run your legitimate Windows applications. This scareware is promoted through hacked web sites that attempt to install the software by exploiting vulnerabilities on your computer. It is also promoted through Trojans that pretend to be legitimate programs, but will install the infection instead when you run them.

Read Entire Removal Guide

XP Security Cleaner Pro is a computer infection from the Rogue.FakeRean-Braviax family of rogue anti-spyware programs. This infection is considered a rogue anti-spyware program because it purposely displays fake scan results, false security warnings, hijacks your web browser, and does not allow you to run your legitimate Windows applications. This scareware is promoted through hacked web sites that attempt to install the software by exploiting vulnerabilities on your computer. It is also promoted through Trojans that pretend to be legitimate programs, but will install the infection instead when you run them.

Read Entire Removal Guide

The Spamhaus Ransomware is computer infection that displays a a screenlocker so you can not access your desktop and applications and encrypts your files. When infected with this malware, you will be presented with a screen when you login to Windows that pretends to be from the Spamhaus Project. This screen states that they have detected your computer participating in illegal activities and have blocked access to it until you pay a fine. This infection will also scan your computer for files that end with the .ddrw ,.pptm ,.dotm ,.xltx ,.text ,.docm ,.djvu ,.potx ,.jpeg ,.pptx ,.sldm ,.xlsm ,.sldx ,.xlsb ,.ppam ,.xlsx ,.ppsm ,.ppsx ,.docx ,.odp ,.eml ,.ods ,.dot ,.php ,.xla ,.pas ,.gif ,.mpg ,.ppt ,.bkf ,.sda ,.mdf ,.ico ,.dwg ,.mbx ,.sfx ,.mdb ,.zip ,.xlt extensions and then encrypt them. When the ransomware encrypts a file it will rename it as a HTML file and then embed the encrypted file inside of it. If you then attempt to launch any of these encrypted files, you will be taken to a web page, which is currently at http://xblblock.com, that prompts you to pay the ransom in the form of a MoneyPak voucher.

Read Entire Removal Guide

System Care Antivirus is a computer infection from the Rogue.WinWebSec family of rogue anti-spyware programs. This program is categorized as a rogue because it pretends to be an anti-virus program, but instead displays fake scan results, fake security alerts, and blocks you from running your normal applications. This program is distributed through hacked web sites that exploit vulnerabilities on your computer and as Trojans disguised as a program that is necessary to view an online video. This particular variant is also known to be installed with the ZeroAccess rootkit, which makes it harder to remove and clean your computer.

Read Entire Removal Guide

iON Internet Security is a rogue anti-spyware program that pretends to be a legitimate anti-virus program, but instead displays false alerts and fake scan results in order to scare you into purchasing it. This program is distributed through hacked web sites that have exploit kits installed on them. When a person visits one of these hacked sites, the exploit kit will check for vulnerable programs installed in your web browser and then attempt to exploit them to install iOn Internet Security without your permission or knowledge.

Read Entire Removal Guide

The Department of Justice ransomware is a computer infection that displays a screenlocker that does not allow you to access your Windows desktop until you pay a ransom. This screenlocker pretends to be an alert from the United States Department of Justice that states they have detected that you have been viewing child pornography, using unlicensed software, or sharing copyrighted files. They further state that in order to avoid criminal prosecution you must pay a fee of $300 in the form of a MoneyPak voucher within 48 hours to gain access to your computer again.

Read Entire Removal Guide

The 22Find.com adware is a browser hijacker that is commonly bundled with a variety of free software that you can download from the Internet. 22Find is considered a browser hijacker because it changes your web browser's home page and default search provider to 22find.com without your permission. This in itself is not considered malicious as there are many legitimate programs that change these settings as well. What is considered malicious, though, is that it does not provide the ability to revert these settings or remove the program from computer and thus requires you to use specialized tools to remove it. Furthermore, this adware will append the argument http://www.22find.com/?utm_source=b&utm_medium=mlv&from=mlv&uid=&ts= to various web browser shortcuts. This causes the 22find.com web page to open when you launch one of these hijacked shortcuts.

Read Entire Removal Guide

The FBI. Cybercrime Division or International Cyber Security Protection Alliance infection is a screenlocker from the and Reveton family of ransomware infections. When installed this infection does not allow you to access your computer or your files without a paying a ransom. When infected with this Trojan, you will be shown a ransom screen instead of your Windows desktop when you login to Windows. This ransom screen will state that the FBI has detected that your computer has been downloading or distributing copyrighted content or pornography. This infection will display different lock screens depending on what country your computer is currently located in. It is able to detect your country by using the IP address of your computer. This guide will focus on the USA variant of the FBI Cybercrime Division, but the removal guide can be used for any variant of this ransomware.

Read Entire Removal Guide