Virus and Spyware Removal Guides, uninstall instructions

What is Disk Antivirus Professional?

Disk Antivirus Professional is a fake antivirus program, the main purpose of which, is to sell a useless license key. This program is a fake security scanner that mimics the detection of various security threats on users' PCs. It then uses these bogus threats in an attempt to coerce users into paying for a 'full version' in order to remove them.

This is a scam created by cyber criminals who make money from users who fall for the trickery shown by Disk Antivirus Professional. In fact, none of security threats detected by this program exist on users' PCs. This bogus software creates random files on their systems, and then 'identifies' them as being Trojans, malware, or viruses.

What is FileBulldog?

The FileBulldog toolbar is created using Visicom Media Api to enhance Internet users' browsing experience by providing shortcuts to popular websites. The program, also called FileBulldog, claims to maintain computer security by automatically downloading software updates.

Whilst on initial inspection, this program and associated toolbar appear legitimate, many computer users report that they have installed the Filebulldog toolbar without their consent.

The result of FileBulldog toolbar installation is browser redirect issues to the search.filebulldog.com and dealbd.mystart.com websites. Commonly, these unwilling toolbar installations occur when computer users install freeware downloaded from the Internet.

What is Ads on Images?

Recently, many computer users reported that they observed unwanted ads appearing upon images when surfing the Internet. According to the reports, the ads appeared in Facebook, Wikipedia, MSN, etc. Following some research, our security team discovered that there is a new browser add-on (adware) distributed using freeware downloads.

This causes unwanted ads to appear on all images present in various websites. This browser add-on is called 'Services x86' and is installed on users' Internet browsers (Internet Explorer, Google Chrome, Mozilla FireFox) together with free software. This browser add-on is especially rogue, since at time of testing, it was installed without permission using silent installers.

What is Savings Vault?

Savings Vault is a browser extension developed by 215 Apps (Excellent Apps), which displays coupon deals when Internet users visit various online shopping websites such as Expedia, Kmart, OfficeDepot, etc. This browser add-on is compatible with Internet Explorer, Google Chrome, and Mozilla FireFox.

The creators of Savings Vault state that this browser plug-in helps to save time and money when shopping online, and although this functionality may seem useful, many Internet users report that this add-on was installed on their Internet browsers without their consent. This type of unwilling installation may occur when users download and install freeware.

What is SUISA?

SUISA is a legitimate organization from Switzerland which provides music-related copyright services. This organization is in no way related to a message that blocks computer users' screens, demanding payment of a 150 CHF fine for alleged download of pirated music files from the Internet.

This message is called ransomware and is created by cyber criminals with the sole purpose of tricking unsuspecting PC users into paying bogus fines. In fact, paying this fine will result in sending your PaySafeCard code to Cyber criminals - you will lose your money and your computer will remain blocked.

What is AKM?

The AKM message blocks computer users' screens with the text, "Ihr Computer ist gesperrt", demanding payment of 100 Euro fines in order to unblock them. This is a scam, a ransomware infection developed by cyber criminals. Fake messages such as this are used to scare unsuspecting PC users into paying bogus fines using pre-paid cards such as PaySafeCard or MoneyPak.

This malicious message blocks users' desktops and is derived from a ransomware family called Gimemo, which targets PC users from Austria. Cyber criminals responsible for releasing this scam exploit the name of AKM (a legitimate organization related to music copyright services in Austria).

What is Sacem?

The Sacem message ("Ordinateur est verrouillé") blocks computer users' screens, demanding payment of a 100 Euro fine. This is a scam. These messages are called ransomware and employed by cyber criminals to trick PC users into paying bogus fines for supposed law violations.

This particular ransomware states that a fine must be paid for downloading copyrighted music files from the Internet. Note that Sacem is an organization from France, which protects, represents, and provides services for, music authors and composers. This organization is in no way related to messages that block computer screens.

The Sacem “Ordinateur est verrouillé" ransomware originates from a family called Gimemo and targets PC users predominantly from France.

What is KODA?

Any message displayed by Koda, stating that your computer has been blocked ("Din computer er blevet låst"), is a scam created by cyber criminals. In fact, Koda (a non-profit collective rights management society that administers Danish and international copyrights for music creators and publishers) does not send messages such as this.

Fake messages are, however, created by cyber criminals with the intention of tricking unsuspecting PC users into paying a bogus 1000 DKK fine for supposed copyright law violations.

This fake message states that the computer lock was applied, since the user has downloaded copyrighted music fines from the Internet. These statements are false and made only to scare PC users.

What is Luxorr?

The Luxorr message blocks computer users' screens and demanding payment of a 100 Euro fine for allegedly downloading copyrighted music files from the Internet. This is a scam, a fake message, which exploits the name of Luxorr (Luxembourg Organisation For Reproduction Rights) in an attempt to scare PC users into paying a bogus fine.

Do not trust any information displayed by this message - the accusations of copyright law infringements are fake and paying this fine is equivalent to sending money to cyber criminals responsible for releasing this scam.

Fake messages such as these, which block computer screens and demand payment of fines to unlock PCs, are called ransomware. This particular ransomware infection originates from a family called Gimemo and targets PC users predominantly from Luxembourg.

What is Tono?

Tono is a legitimate organization, which protects the financial and legal rights of Norwegian and foreign composers, authors, and publishers of music. A recently-discovered ransomware infection exploits the name of this organization in order to trick unsuspecting PC users from Norway into paying a bogus 1000 NOK fine.

The fake message blocks computer users' screens, demanding payment of the fine using PaySafeCard for supposed copyright violations (downloading pirated music files). Tono has no connection with this message - this is a ransomware infection created by cyber criminals, and paying this fine is equivalent to sending money directly to them.