Virus and Spyware Removal Guides, uninstall instructions

What is the "LOCKED ON POSSESSION OF COPYRIGHTED MATERIAL" ransomware?

"LOCKED ON POSSESSION OF COPYRIGHTED MATERIAL" is a malicious program categorized as ransomware. Despite its misleading name, it is unrelated to copyright law infringement or possession of illegal material. This is merely a scare-tactic to trick victims into meeting the ransom demands it makes.

The malware in question is designed to encrypt data and demand payment for decryption. During the encryption process, all of the compromised files are appended with the ".LOCKED" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.LOCKED" following encryption.

After this process is complete, ransom messages are created in a pop-up window and "README TO UNLOCK.txt" text files, which are dropped into affected folders.

What is RunningOptimizer?

RunningOptimizer is classified as adware and a browser hijacker, since it feeds users with various advertisements and promotes the 0yrvtrh.com address by changing certain browser settings. Research shows that this app can also access sensitive information from browsers.

Generally, users do not download or install apps such as RunningOptimizer (adware, browser hijackers) intentionally. Therefore, they are categorized as potentially unwanted applications (PUAs).

What is Satellite And Earth Maps?

Satellite And Earth Maps is dubious software endorsed as a tool for fast access to various maps and directions. It is categorized as a browser hijacker, due to the modifications this application makes to browsers to promote hsatelliteandearthmaps.com, a fake search engine.

Additionally, most browser hijackers gather information relating to browsing activity. Since users typically download/install Satellite And Earth Maps inadvertently, it is classified as a Potentially Unwanted Application (PUA).

What is Go To My News?

Go To My News is rogue software advertised as a tool for quick access to various popular news websites. Following successful infiltration, Go To My News makes modifications to browser settings to promote hgotomynews.com, a fake search engine. Additionally, it monitors users' browsing activity.

Due to the dubious techniques used to proliferate Go To My News, it is classified as a Potentially Unwanted Application (PUA).

What is Insta Forms Finder?

Insta Forms Finder is a browser hijacker which changes certain browser settings to hinstaformfinder.com, the address of a fake search engine. Browser hijackers also collect details relating to users' browsing activities. Note that users mostly download and install apps such as Insta Forms Finder (browser hijackers) inadvertently.

For this reason they are categorized as potentially unwanted applications (PUAs).

What is Tejodes?

Tejodes ransomware is designed to encrypt files, modify filenames and provide instructions about how to pay a ransom. It renames encrypted files by appending the ".tejodes" extension. For example, it would rename "1.jpg" to "1.jpg.tejodes", "2.jpg" to "2.jpg.tejodes", and so on.

Instructions about how to pay the ransom are provided in the modified desktop wallpaper, displayed pop-up window and "HOW TO DECRYPT FILES.txt" text file, which Tejodes ransomware creates in all folders that contain encrypted files.

What is Police ransomware?

Police is a malicious program classified as ransomware. This malware is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".Police" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.Police" following encryption.

Once this process is complete, ransom messages are created in a pop-up window and "HOW TO DECRYPT FILES.txt" text files, which are dropped into compromised folders.

What is "Your Email Is Out Of Date Email Scam"?

Typically, cyber criminals behind phishing emails such as this attempt to deceive individuals into providing sensitive information. For example, personally identifiable information, banking, credit card details, login credentials (usernames, passwords), etc. In this particular case, cyber criminals seek to trick recipients into providing their Microsoft Office (Office 365) login credentials.

What is OriginalEngineSearch?

OriginalEngineSearchn is an adware-type application with browser hijacker traits. Following successful installation, it runs intrusive advertisement campaigns and makes alterations to browser settings to promote fake search engines. Most apps of this type (adware and browser hijackers) have data tracking capabilities, which are employed to monitor browsing activity.

Due to the dubious techniques used to proliferate OriginalEngineSearch, it is classified as a Potentially Unwanted Application (PUA). One of these distribution methods is via fake Adobe Flash Player updaters. Note that bogus software updaters and installers are not used to proliferate PUAs exclusively, they also spread Trojans, ransomware and other malware.

What is SSHBOT?

Discovered by Karsten Hahn, SSHBOT (also known as P4YME) is a screenlocker - malware that locks computers. The main purpose of SSHBOT is to ensure that victims are unable to access the Windows desktop or use installed programs, files, etc., unless they pay a ransom to the cyber criminals responsible.