Virus and Spyware Removal Guides, uninstall instructions

What is SUISA?

SUISA is a legitimate organization from Switzerland which provides music-related copyright services. This organization is in no way related to a message that blocks computer users' screens, demanding payment of a 150 CHF fine for alleged download of pirated music files from the Internet.

This message is called ransomware and is created by cyber criminals with the sole purpose of tricking unsuspecting PC users into paying bogus fines. In fact, paying this fine will result in sending your PaySafeCard code to Cyber criminals - you will lose your money and your computer will remain blocked.

What is AKM?

The AKM message blocks computer users' screens with the text, "Ihr Computer ist gesperrt", demanding payment of 100 Euro fines in order to unblock them. This is a scam, a ransomware infection developed by cyber criminals. Fake messages such as this are used to scare unsuspecting PC users into paying bogus fines using pre-paid cards such as PaySafeCard or MoneyPak.

This malicious message blocks users' desktops and is derived from a ransomware family called Gimemo, which targets PC users from Austria. Cyber criminals responsible for releasing this scam exploit the name of AKM (a legitimate organization related to music copyright services in Austria).

What is Sacem?

The Sacem message ("Ordinateur est verrouillé") blocks computer users' screens, demanding payment of a 100 Euro fine. This is a scam. These messages are called ransomware and employed by cyber criminals to trick PC users into paying bogus fines for supposed law violations.

This particular ransomware states that a fine must be paid for downloading copyrighted music files from the Internet. Note that Sacem is an organization from France, which protects, represents, and provides services for, music authors and composers. This organization is in no way related to messages that block computer screens.

The Sacem “Ordinateur est verrouillé" ransomware originates from a family called Gimemo and targets PC users predominantly from France.

What is KODA?

Any message displayed by Koda, stating that your computer has been blocked ("Din computer er blevet låst"), is a scam created by cyber criminals. In fact, Koda (a non-profit collective rights management society that administers Danish and international copyrights for music creators and publishers) does not send messages such as this.

Fake messages are, however, created by cyber criminals with the intention of tricking unsuspecting PC users into paying a bogus 1000 DKK fine for supposed copyright law violations.

This fake message states that the computer lock was applied, since the user has downloaded copyrighted music fines from the Internet. These statements are false and made only to scare PC users.

What is Luxorr?

The Luxorr message blocks computer users' screens and demanding payment of a 100 Euro fine for allegedly downloading copyrighted music files from the Internet. This is a scam, a fake message, which exploits the name of Luxorr (Luxembourg Organisation For Reproduction Rights) in an attempt to scare PC users into paying a bogus fine.

Do not trust any information displayed by this message - the accusations of copyright law infringements are fake and paying this fine is equivalent to sending money to cyber criminals responsible for releasing this scam.

Fake messages such as these, which block computer screens and demand payment of fines to unlock PCs, are called ransomware. This particular ransomware infection originates from a family called Gimemo and targets PC users predominantly from Luxembourg.

What is Tono?

Tono is a legitimate organization, which protects the financial and legal rights of Norwegian and foreign composers, authors, and publishers of music. A recently-discovered ransomware infection exploits the name of this organization in order to trick unsuspecting PC users from Norway into paying a bogus 1000 NOK fine.

The fake message blocks computer users' screens, demanding payment of the fine using PaySafeCard for supposed copyright violations (downloading pirated music files). Tono has no connection with this message - this is a ransomware infection created by cyber criminals, and paying this fine is equivalent to sending money directly to them.

What is Buma Stemra?

The Buma Stemra message blocks computer users' screens, demanding payment of a 100 Euro fine for allegedly downloading copyrighted music files. This is a scam, a message created by cyber criminals that has no connection with the legitimate organization called Buma Stemra.

Fake messages such as these, which exploit the names of various authorities and organizations, are called ransomware infections. The main purpose of creating these messages is to trick unsuspecting PC users into paying bogus fines - money which is sent to cyber criminals.

This particular ransomware infection targets PC users from the Netherlands, exploits the name of Buma Stemra, and originates from a family of rogue screen lockers called Gimemo.

What is Creativetoolbars.com?

The Search.creativetoolbars.com website is promoted using a browser toolbar called SmartBar. This browser extension promises to enhance computer users' Internet browsing experience by providing them with Facebook and Twitter widgets, shortcuts to online games, etc.

This browser toolbar is not a virus and not related to malware infections, however, its developers use a deceptive promotion method called bundling. Commonly, this toolbar installs on users' computer without their consent using so-called 'installers'.

What is Policia Federal Argentina?

The Policia Federal Argentina message blocks computer users' desktops, demanding payment of a 200 ARS fine. This is a ransomware virus and should not be trusted - a scam developed by cyber criminals. The main goal of PFA ransomware is to extort money from unsuspecting PC users.

There are several ransomware families targeting computer users from Argentina including Raxm and Urausy (screenshots below). No genuine international authorities collect fines for any law violations by locking PC users' screens - this message is a cleverly-designed scam, which exploits the names of local authorities.

What is Instant Savings App?

The Instant Savings App browser add-on is developed by Innovative Apps, who claim that by installing it, Internet users will be able to save time and money when shopping online. This extension is compatible with Internet Explorer, Google Chrome, and Mozilla FireFox.

Whilst on first inspection Instant Savings App appears legitimate, in fact it is a potentially unwanted program distributed using a method called bundling.

The outcome of deceptive marketing methods such as these is that Instant Savings App users install this add-on unwillingly. This plug-in is not a virus or related to malware, however, it installs on users' computers together with free software downloaded from the Internet.