Virus and Spyware Removal Guides, uninstall instructions

What is Polisen Enheten för databrott?

The Polisen Enheten för databrott message blocks the computer screen stating that this is due to the user allegedly watching child pornography, transferring prohibited content, or for possessing pirated copies of video, music, or software files. This is a scam, a ransomware virus targeting computer users predominantly from Sweden.

The main purpose of this deceptive screen-blocking message is to trick PC users into paying a bogus 100 Euro (or 1000 SEK) fine using Ukash or PaySafeCard.

Computer users should be aware that no legitimate authorities or organizations, internationally, use these messages to collect fines for any law violations. Paying this fine as demanded by the Polisen Enheten för databrott message (screenshot below), is equivalent to sending your money to cyber criminals.

What is Polizia Di Stato?

The Polizia Di Stato message blocks computer screens and demands payment of a 100 Euro fine within the next 72 hours. This is a scam created by cyber criminals and not related to any legitimate authorities from Italy. The main purpose of this rogue message is to trick unsuspecting PC users into paying a bogus fine using Ukash or PaySafeCard.

Note that accusations of using pirated music, video, software, or watching pornography are made simply to scare users into paying the bogus fine.

In fact, paying the 100 Euro fine as demanded by the Polizia Di Stato ransomware virus is equivalent to sending your money to cyber criminals. PC users should be aware that no authorities or organizations, internationally, use screen-blocking messages to collect fines for any law violations.

What is Polizei Virus (Canada)?

The POLIZEI Cybercrime Investigation Department (Canada) message blocks computer screens, demanding payment of a $100 CAD fine using Ukash. This is a scam created by cyber criminals and not related to any legitimate authorities.

This ransomware virus targets PC users predominantly from Canada using the Windows XP, Windows Vista, and Windows 7 and 8 operating systems. The virus originates from a family of rogue screen-blocking messages called "Flimrans".

When users' computers are infected with this ransomware virus, a deceptive message is displayed on start-up, stating that user must pay a fine within the next 72 hours for alleged law violations such as illegal use of copyrighted video, music, software, or for watching child pornography.

Computer users from Canada should be aware that neither the "Polizei Cybercrime Investigation Department", nor any other authorities internationally, use screen-blocking messages to collect fines for any law violations.

What is WebCake?

The WebCake browser add-on is created by WebCake LLC. and compatible with Google Chrome, Internet Explorer, and Mozilla Firefox. This extension promises to save Internet users time and money by allowing price comparison and related topic searches.

Note that many computer users refer to this browser plug-in as adware or a virus since it is an intrusive browser add-on, which installs on Internet browsers with free software downloaded from the Internet. Moreover, it employs a wide range of unwanted ads supposedly to make the add-on free.

What is Australian Federal Police (AFP)?

The Australian Federal Police scam is one of many ransomware infections (screen lockers) targeting unsuspecting PC users worldwide. This method of extorting money from PC users is popular amongst cyber criminals who continue to create and distribute new ransomware infections on a daily basis.

This particular ransomware targets computer users from Australia, however, these screen lockers are able to detect computer IP addresses and thus present localized versions of the deceptive screen-blocking messages.

What is Royal Canadian Mounted Police?

The Royal Canadian Mounted Police (RCMP) message demands that computer users pay a $100 CAD fine. This is a scam, a ransomware infection delivering false statements - accusing PC users of downloading copyrighted music and video files, in order to scare them into paying a fake fine.

In fact, this message was created by cyber criminals via Trojan infections employed to infiltrate users' systems with ransomware scams. The Royal Canadian Mounted Police do not send messages such as this and no authorities internationally use these methods (locking computer screens) to collect fines for any law violations.

What is is Ad.Xtendmedia.com?

Ad.Xtendmedia.com is an ad server used to provide pop-up and banner ads to various sources. Many Internet users refer to Ad.xtendmedia.com as a virus or malware, since their Internet browsers continually open pop-up ads originating from this ad network.

Computer users should be aware that this website alone is not related to computer security infections, however, it generates deceptive ads and clicking on these may lead to serious privacy and security issues.

Moreover, pop-up ads by Ad.xtendmedia.com are employed by various misleading programs and freeware 'download installers' in order to monetize incoming web traffic. Browser redirects and pop-up ads by this website can be caused by potentially unwanted browser extensions and adware.

What is DnsBasic.com?

DnsBasic.com is a misleading website which attempts to coerce Internet users into using their malicious search engine. Note that many computer users refer to DnsBasic.com as the DnsBasic virus or the DnsBasic browser hijacker.

These associations are made since this website employs deceptive promotion methods: hijacking Internet browsers (Internet Explorer, Google Chrome, Mozilla FireFox) and modifying the settings (homepage and default search engine) without the user's consent.

Browser redirects to DnsBasic.com are often caused by rogue free software developers and download websites, which use 'freeware installers'. Using deceptive tactics, these installers offer installation of additional browser add-ons and toolbars when Internet users download their programs.

What is You Shall Not Pass?

The "You shall not pass" message appears when attempting to access Google, Facebook, or other popular websites. It is a host hijacker - a security infection, which modifies the operating system Hosts file. This file is used to resolve canonical names of websites to IP addresses.

When this file is modified, users may be redirected to malicious websites whilst still observing valid URLs in address bar. Note that this particular security threat does not appear to be especially malicious - it blocks access to popular websites, however, it does not perform other malicious tasks.

Other Hosts file hijackers prevent users' access to the Internet, then coerce them into completing online surveys before returning Internet access.

What is Computer Crime and Intellectual Property Section?

The Computer Crime and Intellectual Property Section message "Your PC is blocked due to at least one of the reasons specified below" is a scam, a ransomware virus created by cyber criminals. This fake message infiltrates users' systems via detected security vulnerabilities and blocks the computer screens.

Moreover, it makes false accusations of copyright violations and related rights infringements (or viewing and distributing prohibited pornographic content), and then demands payment of a $300 fine using MoneyPak.

This particular ransomware virus originates from a family of rogue software called Flimrans and targets PC users from the USA. Internet users should be aware that the Computer Crime and Intellectual Property Section does not use screen locking messages to collect fines. This is a scam and paying this fake fine is equivalent to sending your money to cyber criminals.