Crypt32mail.ru Ransomware seems to be a newer variant of a malicious file-encrypting program called Apocalypse Ransomware. Same as the older version the malware uses a strong cryptosystem called RSA; thus, all its affected files should become unusable. To recover the damaged data the infection’s creators might offer you a decryption tool. Needless to say, involving yourself with such people could be perilous since they will definitely try to extort money from you and there are no guarantees they will keep up to their promises. Therefore, our researchers at Anti-spyware-101.com advice erasing Crypt32mail.ru Ransomware with the instructions for manual removal placed below or with legitimate antimalware software. As for other details about the threat we encourage you to read the whole article. Read more »
Monthly Archives: May 2017 - Page 10
MyTransitMapper Toolbar
MyTransitMapper Toolbar might be considered as a useful addition to your browsers if you are a big traveler, but we must tell you what we have found out about this questionable browser extension so that you can make up your mind about it. Our malware specialists at anti-spyware-101.com have concluded after deep analysis that this tool is yet another potentially unwanted program (PUP) from the well-know creators of questionable and bad toolbars we usually refer to as the Mindspark family. This family contains dozens of similar and identical extensions that may pose a potential threat to your system. To be more precise, it is the promoted search engine that might cause the potential exposure to questionable third-party advertisements and sponsored links. Engaging with such content could lead to more serious infections and visiting malicious websites built to scam unsuspecting users. All in all, we suggest that you remove MyTransitMapper Toolbar as soon as possible because this PUP may not be as reliable as you may think. Read more »
.serp File Extension
Most probably it is one of the worst moments of your virtual life when you find that your file names have changed and now they have a .serp File Extension. This can affect most of your personal and other files since the related malware infection attacks hundreds of extensions. Our malware specialists at anti-spyware-101.com have identified this severe threat as Serpent Ransomware, which may also use ".serpent" file extension. Our research indicates that this malicious program was probably designed to target Danish computer users. Of course, this does not mean that you cannot find files with .serp File Extension on your system if you let this beast of a ransomware program infiltrate your system. Unfortunately, noticing this file extension also means that you may never be able to use the files again that have been taken hostage by this malware. Our experience and user reports confirm that it is always risky to believe that cyber criminals would send you the promised decryption tool or private key even if you transfer the demanded ransom fee. In this case the amount of money is rather high. You also need to consider that paying money to criminals equals supporting cyber crime. We recommend that you remove Serpent Ransomware before you start to delete .serp File Extension from your system. Read more »
Pytehole Ransomware
A new crypto-threat Pytehole Ransomware has been released by cyber criminals recently. It was first detected on the 25th of April, 2017, so it is not distributed actively yet, but specialists at anti-spyware-101.com still want users to know about the damage it might cause. We should start by saying that this malicious application arrives on computers illegally and then, after its executable file pyte-hole.exe (it might have a different name) is launched, starts encrypting users’ files. It does not encrypt all files it finds stored on the system, so %WINDIR% files (Windows OS files) are left untouched, and the affected computer can work normally. Unfortunately, Pytehole Ransomware stays active on the system after performing the encryption process, so it might strike again, specialists say. In consequence, users who discover Pytehole Ransomware on their PCs and a bunch of files encrypted should hurry to remove this malicious application fully. Keeping malware installed is always a bad idea because it might be performing activities in the background or even help other threats to sneak onto the system unnoticed. Read more »
Myluckysurfing.com
Myluckysurfing.com is a browser hijacker. A browser hijacker is a type of unwanted program that can change your browser’s settings behind your back. This type of program is actually more annoying than dangerous, but you should not keep it on your computer because the hijacker could be exploited in cyber crime schemes. Please remove Myluckysurfing.com from your system as soon as possible because this application could be associated with quite a few dangerous acts. And when you get rid of this browser hijacker, you should also terminate all the other unwanted programs installed on your PC. The chances are that you may have quite a few. Read more »
'Your Hard drive will be DELETED' Pop-Up
'Your Hard drive will be DELETED' Pop-Up might look like a message from the system, but our researchers have no doubt it is nothing more than another technical support scam. The fake alert might instruct the user to call technical support via a toll-free telephone number, such as 1-855-999-9246. It may advise users to do so to protect the computer and information on the hard drive from a particular virus. Contacting the fake support team could be extremely risky since you could accidentally give up your login information or other sensitive data. Not to mention, the scammers may try to sell you useless or expensive software you do not need. What you should do is find the recently installed suspicious application that is to blame for 'Your Hard drive will be DELETED' Pop-Up and reset the browser as it is explained in the instructions located at the end of the article. Read more »
Flowspirit
Flowspirit is a tool that promises to help improve the traffic rate of users’ websites considerably. It comes in two versions: Chinese (available at spiritsoft.cn) and English (available at ipts.com) – both of them act the same. At the time of writing, Flowspirit is not spread bundled with third-party software, which suggests that users usually download and install this program willingly on their computers. Of course, the situation might change one day. Frankly speaking, it does not really matter where users get Flowspirit from because, in any event, it cannot be called a fully trustworthy program. In the opinion of specialists at anti-spyware-101.com, it should be called a potentially unwanted program (PUP) because it does not act like a fully reliable application. Find those drawbacks that have determined the category of Flowspirit listed in the paragraphs that follow. It should be easier to decide whether to let the program stay or not if you read the provided information. Read more »
Xpan Ransomware
Xpan Ransomware is a new threat from the notorious Brazilian cyber criminal organization often referred to as "TeamXRat" or "CorporacaoXRat." These criminals are also responsible for creating the infamous Xorist Ransomware; however, this new ransomware seems to be more complex than any previous ones from this team. After sneaking on to your system without your knowledge, it encrypts all your important files, including documents and archives. Our malware specialists at anti-spyware-101.com say that this ransomware may mostly target corporations and bigger companies. Therefore, it is possible that the ransom fee these crooks demand is rather high. While you as a personal computer user may be safe from this nightmarish attack, we believe that it is important to know how this threat can slither onto a computer and how it works because this information may help you avoid similar hits. We advise you to remove Xpan Ransomware immediately from your computer, or at least what could be left of it after the attack. Please read our full report to learn more about this vicious program. Read more »
Internet Speed Pilot Extension
Although Internet Speed Pilot Extension promises to test your Internet speeds within seconds for free, our research team does not recommend installing it onto any web browser. This potentially unwanted program (PUP) was designed to hijack your browser by replacing regular homepage and default search provider options with a browser hijacker, search.internetspeedpilot.com. Even if you can reject or accept the changes, the hijacker remains unreliable in any case. Also, you are forced to accept the changes if you want to install the add-on, and that is the first big red flag that you might face. If you are being pushed to install something undesirable or unfamiliar along with something desirable, the chances are that malware or unreliable software is involved. We advise deleting Internet Speed Pilot Extension along with the hijacker that is attached to it, but you can make your own decision after reviewing our analysis. Read more »
Setupsk
If an advertising-supported program called Setupsk has slithered into your operating system, you are likely to be facing all kinds of advertisements. This adware is likely to slither in without the user’s notice, and so you might not know that it exists at all. According to our research team at Anti-Spyware-101.com, this particular piece of software can affect Mozilla Firefox, Microsoft Edge, Google Chrome, Opera, and Internet Explorer browsers. It is also possible that it could showcase ads on Yandex, which is a web browser created for the Russian market. Considering that this adware was set up to evade many Russian websites, it is most likely that its creator comes from Russia; however, at this time, we cannot confirm this yet. What we can confirm is that the advertisements represented by this program can be misleading, and so interacting with them can be risky. That is the main reason to remove Setupsk from your operating system. If you want to learn more, you should continue reading. Read more »