Malware Remediation Utility

  • Detect & remove the latest malware threats.
  • Malware detection & removal definitions are updated regularly.
  • Technical support & custom fixes for hard-to-kill malware.
* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Top Security News

Cybercriminals Are Still Taking Advantage of COVID-19 with Increased Attacks Microsoft unveiled its Asia Pacific findings from its latest Security Endpoint Threat Report for 2019, which shared that cybercriminals are making 60,000 COVID-19 themed phishing attempts daily....
Cybercriminals Sticking to Coronavirus and Financial Themes for Phishing Scams Summer is at its peak, and the online scammers are still doing whatever they can to take advantage of the uncertainty caused by the pandemic. Cyber-attacks are targeting businesses and consumers in...
Agencies Warn of Imminent Ransomware Cybercrime Threat to US Healthcare Sector Several agencies came out with a joint advisory on October 28 with stern warnings to the healthcare sector related to cybercrime. The advisory concerns an "imminent and increased cybercrime threat...

Top Articles

WebDiscover Browser

WebDiscover Browser screenshot

WebDiscover Browser is an adware threat developed by a Canada-based company named WebDiscover Media. Once installed on a PC, the malicious app makes a series of unwanted changes to all browsers installed on the computer, leading to a deteriorating online surfing experience. WebDiscover replaces the default home pages and search engines of affected Internet browsers with its own WebDiscover Homepage and WebDiscover Search, respectively. Furthermore, the malicious app modifies the “new tab” settings so that the corrupted browsers launch the malware's own search portal page when the user opens a new tab. Chrome users may not even recognize WebDiscover as an unwanted program and think they...

Posted on July 3, 2015 in Browser Hijackers

STOP Ransomware

STOP Ransomware screenshot

PC security researchers received reports of ransomware attacks involving a threat known as the STOP Ransomware on February 21, 2018. The STOP Ransomware is based on an open source ransomware platform and carries out a typical version of an encryption ransomware attack. The STOP Ransomware is distributed using spam email messages containing corrupted file attachments. These file attachments take the form of DOCX files with embedded macro scripts that download and install the STOP Ransomware onto the victim's computer. Learning how to recognize phishing emails and avoiding to download any unsolicited file attachments received is one of the ways to avoid these attacks. How to Recognize a...

Posted on February 26, 2018 in Ransomware

How to Fix Mac Error Code 43 When Copying Files

How to Fix Mac Error Code 43 When Copying Files screenshot

Getting an OS system error message while working on a project can be quite an unpleasant surprise. Whether relating to MS Windows, or Mac OS, such a bug is always bound to disrupt your normal computer work. While some errors tend to be system-specific, others can affect both Windows and Mac-based systems, albeit designating totally different problems. The so-called Code 43 error message, for example, is primarily associated with device driver problems in Windows PCs, on the one hand, and file transfer issues on Mac machines, on the other. If you are using Windows and looking for a way to fix this specific error, click here for a guide with possible solutions. If you are a Mac user,...

Posted on January 30, 2019 in Computer Security


Newsbreak.com screenshot

At first glance, the Newsbreak.com website appears to be a useful tool that would provide its visitors with the latest news. However, this is one of the countless bogus websites online that do not provide any content of value, and instead, seek to benefit from their visitors using various shady tricks. Spams Users with a Constant Flow of Advertisements Upon visiting the Newsbreak.com page, users will be asked to permit the site to display Web browser notifications. Keeping in mind that this fake page poses as a legitimate news website, many users may be tricked to allow browser notifications thinking that they will be alerted for the latest breaking news. However, this is not the case,...

Posted on February 3, 2020 in Browser Hijackers

APT Attack Spreads Malware Using Coronavirus Theme

APT Attack Spreads Malware Using Coronavirus Theme screenshot

The APT (Advanced Persistent Threat) group was spotted sending out spear-phishing emails that allegedly have detailed information about COVID-19, a.k.a. Coronavirus, but instead, they infect the victims with a custom remote access Trojan (RAT). The group is using the coronavirus pandemic to infect unsuspecting victims with a previously unseen malware. The malware is dubbed 'Vicious Panda' by researchers, with the attackers using it in a campaign at the moment. Researchers managed to find two Rich Text Format (RTF) files that were targeting the Mongolian public sector during the outbreak. Once the files are open, a unique and custom-made remote access Trojan is executed. It develops a list...

Posted on March 16, 2020 in Computer Security

.HOW Ransomware

.HOW Ransomware screenshot

.HOW Ransomware is a new file-encrypting Trojan, which appears to belong to the notorious Dharma Ransomware family. Data-lockers like the .HOW Ransomware are not built from scratch. Instead, their creators borrow the code of well-established threats like the Dharma Ransomware and create a new copy of it with a different name.  Propagation and Encryption To cause a significant amount of damage to the compromised host, the .HOW Ransomware is likely to go after a wide array of filetypes, such as .doc, .docx, .pdf, .txt, .mp3, .midi, .mid, .aac, .wav, .mov, .webm, .mp4, .db, .zip, .rar, .jpg, .jpeg, .png, .svg, .gif, .xls, .xlsx, .ppt, .pptx and others. The .HOW Ransomware uses a complex...

Posted on June 29, 2020 in Ransomware

Google Redirect Virus

Google Redirect Virus screenshot

The Google Redirect Virus has been around for quite some time and is known by many aliases, although, the primary behavior remains constant. Basically, the Google Redirect Virus plays tricks on the minds of PC users who desire Google web searches by randomly redirecting them to malicious web pages or search engines. The Google Redirect Virus Makes Online Searches Ineffective and Dangerous The Google Redirect Virus (GRV) has been frustrating Internet users for several years now, yet it looks like there is still no effective method for avoiding the infection. In fact, it has even become one of the most severe cybersecurity issues of our time due to the vast popularity of the Google search...

Posted on May 14, 2009 in Viruses

Search Marquis

Search Marquis screenshot

Search Marquis is a browser component that may disguise itself as a helpful tool that will enhance the browsing quality of popular browsers like Chrome and Safari. In fact, it is a shady browser extension that aims to alter the browser's setting without the user’s knowledge and consent. The main purpose of this Potentially Unwanted Program (PUP) is to sneak stealthily into Mac computers and generate revenue for its operators. This happens through a number of intermediate redirects through various dubious domains before displaying Bing.com results. This Week In Malware Episode 36 Part 2: Why Your Web Browser is Redirecting to Search Marquis & and How to Stop It! Once installed on a Mac...

Posted on June 9, 2020 in Browser Hijackers, Mac Malware


The Fuq.com virus is an adware-type of program that promotes websites with pornographic content. The advertising campaigns of this Potentially Unwanted Program (PUP) are very aggressive. They force their victims to view the suspicious content of the promoted pages by displaying relevant advertisements, banners or videos on the infected devices. The Fuq.com virus falls under the Mac viruses category and may cause many cybersecurity issues because of the content it pushes – pornographic websites often lead users to other unsafe websites, trigger malware downloads, or trick users into installing potentially harmful applications and tools. This Mac virus can be found on all popular browsers, including Firefox, Chrome, Safari, and Edge, whereby some typical symptoms will indicate its presence. The Fuq.com virus modifies the browser's...

Posted on January 6, 2021 in Mac Malware

More Articles


ActivePower is a potentially malignant piece of software installed as a browser extension or a stand-alone program on target computers. ActivePower is similar to a browser hijacker, and its primary function is to redirect online traffic through a particular rogue search engine and generate advertising revenues for its operators. As soon as ActivePower manages to sneak into a computer, it replaces the browser's default search engine and homepage with the ActivePower Search – a bogus search engine. Consequently, the compromised browser opens this potentially unsafe URL each time the user tries to surf the Internet. Also, all search queries get redirected through the malware's fake search tool, while a results page from a legit search engine is displayed. ActivePower falls under the Potentially Unwanted Programs (PUP) category due to its...

Posted on January 14, 2021 in Potentially Unwanted Programs


OptimalUnit is a Potentially Unwanted Program (PUP) that malware researchers classify as a browser hijacker. These PUPs are designed to promote fake search engines, redirect users to unknown websites, and generate advertising revenues for their operators. In the particular case of OptimalUnit, the questionable search provider that is supposed to be pushed is found at directsearchapp.com. To fulfill its purpose, this malware threat undertakes specific unsolicited modifications of the infected browser's settings. OptimalUnit replaces the original homepage, default search engine, and new tab address with the OptimalUnit Search. As a result, each time the users launch their browser, they get redirected to this potentially harmful URL, while the same unreliable search engine conducts all user search queries. OptimalUnit does not have the...

Posted on January 14, 2021 in Potentially Unwanted Programs

External Drive Does Not Show Up on Computer

External drives managed to establish themselves as a mainstay on the consumer market due to several of their inherent features. After all, external drivers are possibly the easiest, and sometimes cheapest, way to expand your storage capacity as they are not dependent on the user having sufficient free space in their computer case or having to sieve through the entirety of their installed programs and files, deleting ones that are deemed unnecessary and hoping that eventually there will be enough space to install whatever they currently need. External drives are fairly easy to connect and start using, but there are no guarantees that something will not go wrong. If your external drive doesn't show up in the Windows operating system, there are several methods that could potentially address the issue. First, let's explore the hardware...

Posted on January 14, 2021 in Issue

Wireless Devices Not Working on Windows

In past years, the advent of wireless technology has resulted in wireless devices and computer paraphernalia that deliver performance virtually indistinguishable from their wired counterparts. In most cases, setting up a wireless device is extremely easy - you plug in the appropriate receiver to your computer, turn on the device, and simply wait for them to establish a connection. As always, when dealing with sophisticated combinations of hardware and software issues are likely to occur. One of the simplest things to try if the device failed to connect initially is to turn it off, remove the receiver, and start the installation process from the top. An area that is responsible for a myriad of different issues, from the wireless device refusing to initialize properly to a device that was functioning just fine yesterday suddenly refusing...

Posted on January 14, 2021 in Issue

FBI Screenlocker

The FBI Screenlocker, as its name suggests, belongs to the screen locker type of malware. While the end goal is the same as that of ransomware threats, screen lockers are not as threatening and comparatively more comfortable to deal with because they do not encrypt any files on the compromised computer. Instead, they block the user's access through a full-screen window that usually contains a variant of a popular tactic scenario. The FBI Screenlocker follows a pattern - it blocks the system with a fullscreen window containing an alarming and completely fake message that asserts that the FBI has detected illicit activities being performed on the particular computer. It tries to paint the user as a hardened criminal who has now been caught doing some rather heinous crimes. The lists displayed by the FBI Screenlocker consists of four...

Posted on January 14, 2021 in Ransomware


Astercom.top is a deceptive website with a singular purpose - to trick visitors into subscribing to its push notification services. Those who fail to notice the trap and click the 'Allow' button as implied by the website conveniently will soon start to receive unwanted advertisements on the screen of their devices directly. Astercom.top is in no way unique apart from its name as there are countless virtually identical websites dedicated to propagating the same browser tactic. The most popular tactic, and one that Astercom.top also uses, is to pretend that a captcha check for bots is being carried out. The main message displayed across the website prominently states: 'Click Allow to confirm that you are not a robot!' To up its chances for success, Astercom.top also generates several fake alerts or error messages. Possible variations...

Posted on January 14, 2021 in Browser Hijackers

SearchConverterInc Search

No matter what unique features SearchConverterInc Search may boast to have, the truth that users who install the application will realize is that it is nothing more than a browser hijacker immediately. The application's primary goal is to take over the user's Web browser and force it to open a promoted address. The settings that nearly all browser hijackers target are the homepage, new page tab, and the default search engine. SearchConverterInc Search modifies these settings to open the feed.searchconverterinc.com address, which is a fake search engine. As a result, whenever the user simply starts the affected browser, opens a new page tab, or conducts a search, it would generate artificial traffic towards the promoted address. As for feed.searchconverterinc.com, it is classified as a fake search engine due to its complete inability to...

Posted on January 14, 2021 in Potentially Unwanted Programs

Bonsoir Ransomware

The Bonsoir Ransomware is a new potent malware threat that has been prowling for victims. So far, analysis by infosec researchers has not been able to classify this threat as a variant of any of the already established ransomware family suggesting that although Bonsoir acts as a typical representative of its malware type, its underlying code is fairly unique. Once inside the victim's computer, the threat deploys an encryption algorithm using the uncrackable cryptographic algorithm AES-256. The threat targets a wide range of filetypes, including OpenOffice documents, MS Office documents, archives, databases, audio, video and image files, photos, etc. Each encrypted file will have '.bonsoir' appended to its original filename as a new extension. The threat drops its ransom note as a text file named 'HOW-RECOVER-MY-FILES.txt.' According to...

Posted on January 14, 2021 in Ransomware

JJLF Ransomware

A new threatening ransomware belonging to the Matrix family, named JJLF, has been observed to be prowling in the wild. The threat is capable of shutting users out of their own private or work-related files completely through an encryption process leveraging a combination of uncrackable cryptographic algorithms - AES-256 and RSA-2048. The names of all affected files will be changed drastically. The JJLF Ransomware takes the original filename and appends to it an email address belonging to the hackers, followed by a random string of 17 characters, and finally '.JJLF' as a new file extension. The email address put inside the names of the files is 'JamesGouldiHip@yahoo.com.' A lengthy ransom note is dropped in every folder containing encrypted data in the form of an RTF file named '#README_JJLF#.rtf.' According to the instructions found...

Posted on January 13, 2021 in Ransomware

OSAMiner Malware

A threatening crypto mining campaign running since at least 2015 has been finally brought to light by infosec researchers at SentinelOne. The operation delivered a crypto mining threat named OSAMiner and targeted Mac users from the Chinese and Asia-Pacific region predominantly. The threat did appear on the radar of two Chinese cybersecurity companies back in 2018, but without having access to the full source code, the researchers couldn't determine the full scope and capabilities of the operation. The trick that allowed OSAMiner to continue its work in the shadows for so long was the use of a multi-phase attack chain that involved nested run-only AppleScript files. The attack begins with users downloading compromised software onto their Mac systems, such as cracked (pirated) Mac versions of the extremely popular videogame League of...

Posted on January 13, 2021 in Malware

Ransomweb Ransomware

Despite its name, the Ransomweb Ransomware only pretends to be ransomware. Initially, it appears to be following the typical behavior of this malware threat type - it was observed infecting a victim's website, encrypting the files there, appending the original files names with its own file extension - '.xploiter,' and generated a ransom note. Looking at the text left by the cybercriminals shows that something is amiss. There are no communication channels, such as emails, that the affected users can contact the criminals for details. The note doesn't even mention any payment of ransom - the main goal of any ransomware operation. Instead, the hackers responsible for the Ransomweb Ransomware appear to be just after causing mayhem stating that all of the affected files cannot be recovered unless the victim has a suitable backup. The...

Posted on January 13, 2021 in Ransomware

Rogue RAT

The cybercriminal market on the Dark Web continues to evolve, and the same can be observed happening with the malware tools that are being offered. Even crooks with extremely limited technical knowledge can now buy a sophisticated malware threat for extremely low prices instead of having to invest a large sum, as has been the most common case before. Indeed, infosec researchers have unearthed that a potent RAT (Remote Access Trojan) called Rogue is being sold at underground hacker forums for less than $30.  Analysis of Rogue RAT's underlying code revealed that the threat is not so much a unique creation as it is a combination of two already established Android RAT families. By borrowing from both the Cosmo and Hawkshaw families, the people responsible for Rogue RAT have created a threat with a vast array of harmful functionalities....

Posted on January 13, 2021 in Remote Administration Tools


Omingle.top is a possibly fraudulent website that attempts to receive users' permission to send them browser notifications. It exploits a prevalent clickbait tactic to get that permission - it displays a message asking users to confirm they are humans by clicking on an 'Allow' button. However, the truth is that by clicking on the displayed button, users give the fraudulent website permission to deliver advertising content straight to their computers. The fake CAPTCHA-verification test usually looks like this: 'Omingple.top wants to Show notifications Click Allow to confirm that you are not a robot!' Anything promoted by Omingle.top through its pop-up messages and push notifications could contain harmful links, leading to online gambling websites, online services for adults, deceptive advertisements and banners, and many other types of...

Posted on January 13, 2021 in Browser Hijackers


Systemtechnotify.com is a fake Apple website designed to display deceptive malware warnings to Apple iPhone users. Malware creators use such bogus websites to trick users into downloading rogue anti-malware applications that are supposed to detect and remove viruses from the target device. In fact, though, Systemtechnotify.com has nothing to do with Apple, neither have any of the Potentially Unwanted Programs (PUPs) that this page promotes, the technical capabilities of cleaning up any device from viruses. On the contrary, PUPs are themselves a serious threat to users' finances, online privacy, and stored data, as they execute several fraudulent activities. They collect the user's data, generate advertisements that redirect to potentially unsafe websites, or install destructive malware on the victim's computer directly....

Posted on January 13, 2021 in Mac Malware


Myniceposts.com's is an empty website with the main purpose of displaying advertising content on target computers directly. This scheme uses a browser-based tactic and operates by gaining user's permission to receive push notifications from the website Myniceposts.com. When users land on this page, they see a blank screen and a false error message with the following text: 'Myniceposts.com wants to Show notifications Click the Allow button to subscribe to push notifications and continue watching' It asks the user to click on the 'Allow' button to view some video content that is loading currently. However, the truth is that Myniceposts.com has no meaningful or useful information to display. Its only purpose is to trick its visitors into accepting browser notifications so that the cybercrooks can send advertising content directly to their...

Posted on January 12, 2021 in Browser Hijackers
1 2 3 4 5 6 7 8 9 ... 1554