Virus and Spyware Removal Guides, uninstall instructions

What is Buma Stemra?

The Buma Stemra message blocks computer users' screens, demanding payment of a 100 Euro fine for allegedly downloading copyrighted music files. This is a scam, a message created by cyber criminals that has no connection with the legitimate organization called Buma Stemra.

Fake messages such as these, which exploit the names of various authorities and organizations, are called ransomware infections. The main purpose of creating these messages is to trick unsuspecting PC users into paying bogus fines - money which is sent to cyber criminals.

This particular ransomware infection targets PC users from the Netherlands, exploits the name of Buma Stemra, and originates from a family of rogue screen lockers called Gimemo.

What is Creativetoolbars.com?

The Search.creativetoolbars.com website is promoted using a browser toolbar called SmartBar. This browser extension promises to enhance computer users' Internet browsing experience by providing them with Facebook and Twitter widgets, shortcuts to online games, etc.

This browser toolbar is not a virus and not related to malware infections, however, its developers use a deceptive promotion method called bundling. Commonly, this toolbar installs on users' computer without their consent using so-called 'installers'.

What is Policia Federal Argentina?

The Policia Federal Argentina message blocks computer users' desktops, demanding payment of a 200 ARS fine. This is a ransomware virus and should not be trusted - a scam developed by cyber criminals. The main goal of PFA ransomware is to extort money from unsuspecting PC users.

There are several ransomware families targeting computer users from Argentina including Raxm and Urausy (screenshots below). No genuine international authorities collect fines for any law violations by locking PC users' screens - this message is a cleverly-designed scam, which exploits the names of local authorities.

What is Instant Savings App?

The Instant Savings App browser add-on is developed by Innovative Apps, who claim that by installing it, Internet users will be able to save time and money when shopping online. This extension is compatible with Internet Explorer, Google Chrome, and Mozilla FireFox.

Whilst on first inspection Instant Savings App appears legitimate, in fact it is a potentially unwanted program distributed using a method called bundling.

The outcome of deceptive marketing methods such as these is that Instant Savings App users install this add-on unwillingly. This plug-in is not a virus or related to malware, however, it installs on users' computers together with free software downloaded from the Internet.

What is Polícia de Segurança Pública?

The Polícia de Segurança Pública message blocks computer users' desktops demanding payment of a 100 Euro fine. This is a scam, a deceptive message created by cyber criminals and targeting at PC users from Portugal.

This type of infection is called 'ransomware' and PC users should realize that the Portuguese Police do send these messages - it is a scam created by cyber criminals to infiltrate PCs by exploiting security vulnerabilities.

There are a number of ransomware families targeting PC users from Portugal including Reveton and Urausy. In both cases, cyber criminals make false accusations pertaining to watching pornography or downloading copyrighted content in order to scare unsuspecting PC users into paying the bogus fine.

What is ČESKÁ REPUBLIKA POLICIE?

The ČESKÁ REPUBLIKA POLICIE message blocks users' computer screens demanding payment of a 3000 CZK fine for supposed law violations relating to copyright, spam, etc.  

This is a ransomware scam, a type of infection developed by cyber criminals who operate by exploiting local authority names and displaying fake messages in order to extort bogus fines from computer users.

This ransomware predominantly targets computer users from the Czech Republic, however, note that there are several different families relating to this type of infection. The Czech Republic is targeted by the Reveton and Urausy ransomware families.

What is New Zealand Police?

The New Zealand Police message blocks computer screens and demands payment of a $100 NZD fine. This is a scam, a ransomware infection making false accusations regarding copyright law infringements, viewing or distributing pornography, spam distribution, etc. in an attempt to scare unsuspecting PC users into paying a bogus fine.

If you pay this fine, your money will be transferred to cyber criminals responsible for creating and distributing this rogue message. The New Zealand Police ransomware originates from a family of screen lockers called Urasy. Ransomware infections from this family are localized and exploit the names and graphics of various authorities from around the world.

What is PlayBryte?

The PlayBryte.com website offers users the ability to play Flash games. On initial inspection, this site may seem legitimate, however, there is a downside of using playbrite.com: to play the listed Flash games, users are forced into downloading a browser add-on called PlayBryte - a potentially unwanted program, which leads to unwanted pop-ups and text ads displayed within various websites.

Furthermore, this browser add-on may self-install together with additional freeware downloaded from the Internet.

Computer users should express cation when installing freeware, since many installers offer download of free Flash games together with the freeware that users install on their computers. The PlayBrite browser add-on, for example, is silently installed when Flash games are played on the website.

What is InfoAtoms?

InfoAtoms is a free browser add-on developed by InfoAtoms Inc. This browser extension promises to enhance users' Internet browsing experience by displaying instant search results, translations, synonyms, etc. when the user highlights text within any website.

This added functionality speeds up the process of searching for specific information and Internet users are able to find what they are looking for without opening additional browser tabs.

Whilst such functionality may seem useful, there is a downside to using this browser plug-in: it is promoted using deceptive methods and many computer users report that they have installed it on their Internet browsers (Internet Explorer, Google Chrome, and Mozilla Firefox) unwillingly.

What is Policia Federal Virus?

This message purports to be sent from the Policia Federal (Estados Unidos Mexicanos), blocks computer users' screens, and demands payment of a 2000 MXN fine. This is a scam which should not be trusted. In fact, this message is a ransomware infection sent, not by the Policia Federal, but by cyber criminals.

Paying this fine is equivalent to sending your money to the criminals responsible for releasing this scam. This particular ransomware infection originates from a family of screen lockers called Raxm and predominantly targets PC users from Mexico.

Note, however, that fake messages such as these are often localized, so that users from different countries observe the same message differently. For example, PC users from the USA observe this message as if sent by the FBI (using the English language and graphics of the FBI).