Malware Remediation Utility

  • Detect & remove the latest malware threats.
  • Malware detection & removal definitions are updated regularly.
  • Technical support & custom fixes for hard-to-kill malware.

Try SpyHunter (FREE)!*

* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Top Security News

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware It hasn't taken a lot of time for threat actors to realize the social engineering opportunity that the novel coronavirus (2019-nCoV) has presented them. The respiratory infection that originated in...
Infections Abound as Computer Malware Exploiting COVID-19 Coronavirus Spreads Rapidly Adding to Worldwide Hysteria There's no doubt that the Coronavirus has created a worldwide hysteria and pandemic from having a negative impact on many economies to pressing government officials to hold conferences addressing...
Hackers Exploiting Coronavirus Fears To Push Malware As the Covid-19 pandemic goes into full swing, we see increasing numbers of hackers and nation-state actors trying to exploit the global fears for their own gains, spreading malicious software...

Top Articles

WebDiscover Browser

WebDiscover Browser screenshot

WebDiscover Browser is an adware threat developed by a Canada-based company named WebDiscover Media. Once installed on a PC, the malicious app makes a series of unwanted changes to all browsers installed on the computer, leading to a deteriorating online surfing experience. WebDiscover replaces the default home pages and search engines of affected Internet browsers with its own WebDiscover Homepage and WebDiscover Search, respectively. Furthermore, the malicious app modifies the “new tab” settings so that the corrupted browsers launch the malware's own search portal page when the user opens a new tab. Chrome users may not even recognize WebDiscover as an unwanted program and think they...

Posted on July 3, 2015 in Browser Hijackers

How to Fix Mac Error Code 43 When Copying Files

How to Fix Mac Error Code 43 When Copying Files screenshot

Getting an OS system error message while working on a project can be quite an unpleasant surprise. Whether relating to MS Windows, or Mac OS, such a bug is always bound to disrupt your normal computer work. While some errors tend to be system-specific, others can affect both Windows and Mac-based systems, albeit designating totally different problems. The so-called Code 43 error message, for example, is primarily associated with device driver problems in Windows PCs, on the one hand, and file transfer issues on Mac machines, on the other. If you are using Windows and looking for a way to fix this specific error, click here for a guide with possible solutions. If you are a Mac user,...

Posted on January 30, 2019 in Computer Security

Shlayer Trojan

Shlayer Trojan screenshot

The Shlayer Trojan is a cyber-threat aimed at Mac users who might be interested in trying out application stores other than the official App Store by Apple. The Shlayer Trojan might be promoted to the users as an independent application delivery platform that offers discounts on premium software. The Shlayer platform was reported of delivering harmful programs, unwanted browser extension, unrequested Internet settings modifications, promoting questionable shopping helpers and distributing supposedly free premium applications. The Shlayer Trojan was recognized by computer security researchers in January 2019 when the users started reporting fake Adobe Flash updates to Web browser vendors....

Posted on February 15, 2019 in Mac Malware, Trojans

CoronaVirus Ransomware

CoronaVirus Ransomware screenshot

The CoronaVirus Ransomware (also called CoronaVi2022 Ransomware) is a file-locker, which was released in the wild recently, and it seems that its author has opted to use the name of the Coronavirus (also known as COVID-19), which is a disease that is threatening users worldwide. Just like the disease it is named after, the CoronaVirus Ransomware also threatens users worldwide, but in a different way – it will try to encrypt their files, and also overwrite the contents of their drive's Master Boot Record (MBR). The latter operation may cause a lot of trouble, since the victims' computers will not load their operating system and, instead, they will display a copy of the CoronaVirus...

Posted on March 12, 2020 in Ransomware

Hackers Spreading Malware via Coronavirus Maps Online

Hackers Spreading Malware via Coronavirus Maps Online screenshot

The ongoing outbreak of the coronavirus is now disrupting business across the world, but apparently cybercriminals have no days off, since they're just as active as they were before the beginning of the outbreak. It appears they are now capitalizing on the fears of the people regarding the pandemic. It was back in January that the hackers started using the coronavirus threat as a focus of an email campaign that infected users with malware, and now they are expanding their operations to coronavirus outbreak maps that follow the number of infections and deaths across the world. Many organizations are feeling the pressure from these attacks, such as John Hopkins University who created...

Posted on March 11, 2020 in Computer Security

APT Attack Spreads Malware Using Coronavirus Theme

APT Attack Spreads Malware Using Coronavirus Theme screenshot

The APT (Advanced Persistent Threat) group was spotted sending out spear-phishing emails that allegedly have detailed information about COVID-19, a.k.a. Coronavirus, but instead, they infect the victims with a custom remote access Trojan (RAT). The group is using the coronavirus pandemic to infect unsuspecting victims with a previously unseen malware. The malware is dubbed 'Vicious Panda' by researchers, with the attackers using it in a campaign at the moment. Researchers managed to find two Rich Text Format (RTF) files that were targeting the Mongolian public sector during the outbreak. Once the files are open, a unique and custom-made remote access Trojan is executed. It develops a list...

Posted on March 16, 2020 in Computer Security

Top 20 Countries Found to Have the Most Cybercrime

Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm, Symantec, has discovered specific factors that determine why a certain country is plagued with cybercrime more so or less than another which allowed them to come up with a ranking for each. Symantec has ranked 20 countries that face, or cause, the most cybercrime. In compiling such a list, Symantec was able to quantify software code that interferes with a computer's normal functions, rank zombie systems, and observe the number of websites that host phishing sites, which are designed to trick computer users into disclosing personal data or banking...

Posted on July 9, 2009 in Computer Security

Top 5 Popular Cybercrimes: How You Can Easily Prevent Them

Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in person are gone and now it all takes place behind a screen of a computer connected to the Internet. The Internet can be the most useful tool in business, school or every-day life. At the same time, the Internet can make someone's life a living hell in the event that one becomes the next victim of a cybercrime. A large percentage of the world's population that uses computers over the Internet are aware of cybercrime and the consequences that they may face if they succumb to a cybercriminals' trap. Others who have no clue as to the dangers they...

Posted on October 12, 2010 in Computer Security


AntiMalware screenshot

A typical deceptive campaign is disguising harmful threats as legitimate security programs in order to steal money from inexperienced victims. AntiMalware is a particularly short-named version of this campaign, with clones with names such as Active Security and Total Security. AntiMalware uses an interface that is very similar to the Windows Defender and legitimate Microsoft security programs, to make the victim believe that AntiMalware is a legitimate anti-malware application. Observing AntiMalware's design, you will quickly spot authentic-looking Windows and Microsoft Security Essentials logos as well as a layout that may seem familiar to most users of legitimate Microsoft Security...

Posted on November 9, 2009 in Rogue Anti-Spyware Program

More Articles

Lucifer Malware Abuses Critical Vulnerabilities

Lucifer Malware Abuses Critical Vulnerabilities screenshot

A new variant of powerful DDoS-capable and cryptojacking malware is making the rounds on the internet, exploiting vulnerabilities to spread on Windows machines. The malware, dubbed Lucifer, is part of a campaign in the works aimed at Windows hosts. The malware uses exploits in the attacks, according to Palo Alto Networks Unit 42. The malware operator named their new malware Satan DDoS, but the Satan Ransomware already exists, so Palo Alto changed the name with a similar alias. A blog post by researchers Durgesh Sangvikar, Ken Hsu, Chris Navarette, and Zhibin Zhang mentioned the 2.0 variant of Lucifer, found on May 29, 2020, was exploiting CVE-2019-9081. The deserialization bug in the...

Posted on July 1, 2020 in Computer Security


There are many websites online that have no content of value to offer you whatsoever. Among them is the Gichelfactice.info page. This site hosts no content but may claim the opposite to mislead users into visiting it. Once you open the Gichelfactice.info site, you will be greeted by a fake security prompt requiring you to click 'Allow' to prove that you are a legitimate user and not a robot. Unfortunately, this is nothing more than a fake CAPTCHA test that, once completed, will permit the Gichelfactice.info website to send you notifications via your Web browser. The Gichelfactice.info site will use this permission to bombard you with unwanted advertisements, which may push dodgy products and fake services. Experts warn against clicking on the advertisements associated with the Gichelfactice.info Web page. It is advisable to revoke all...

Posted on July 1, 2020 in Browser Hijackers


Ustinctsretio.info is the domain name of a shady website, that does not host any content. Despite being empty, the Ustinctsretio.info website will likely claim to offer users exciting content to trick them into launching it. If you try to view the content that the Ustinctsretio.info site claims to offer, you will be disappointed. Once you open the Ustinctsretio.info page, you will see a prompt asking you to click on the 'Allow' button on your screen. This is often referred to as the 'Please Click Allow to Continue' online tactic. Users who click on the 'Allow' button displayed on the Ustinctsretio.info website will subscribe to the notifications of this dodgy Web page. This will result in constant spam advertisements via the notifications of your Web browser. Among the advertisements associated with the Ustinctsretio.info website's...

Posted on July 1, 2020 in Browser Hijackers

OnlinePrivacyManager Toolbar

OnlinePrivacyManager Toolbar is a dodgy Web browser add-on that is likely to claim to offer excellent features that will improve your browsing quality greatly. However, the main purpose of this Web browser extension is not to offer you the excellent service it claims to provide. Instead, the goal of the OnlinePrivacyManager Toolbar add-on is to hijack your Web browser. This is why the OnlinePrivacyManager Toolbar Web browse extension is considered to be a PUP (Potentially Unwanted Program). Once you install the OnlinePrivacyManager Toolbar add-on, you may notice some changes in your Web browser. This is because the OnlinePrivacyManager Toolbar extension will go behind your back to put a sponsored website as your default new tab page. The goal of the OnlinePrivacyManager Toolbar Web browser add-on is to aid the affiliated website in...

Posted on July 1, 2020 in Potentially Unwanted Programs

'Wacker' Email Virus

Recently, users have reported being targeted by a new online tactic. This new con is called the 'Wacker' email virus. The targeted users would get an email that is titled 'Wacker – Customer Enquiry <RANDOM NUMBER>.' It is likely that every target is assigned a unique number, which shows up in the email title. The fraudulent email is disguised as a legitimate message sent by the Wacker Chemie AG company. This is a corporation involved in the chemical sector. You can rest assured that the Wacker Chemie AG company has nothing to do with the 'Wacker' email virus – this an unsafe tactic run by unknown cyber crooks. The goal of the 'Wacker' email virus is to propagate a threat called NetWire RAT (Remote Access Trojan). According to researchers, the victims are chosen randomly, and there is not a specific demographic, which is targeted...

Posted on July 1, 2020 in Adware

VinDizelPux Ransomware

A brand-new data-encrypting Trojan has come to the attention of cybersecurity analysts. The name of this new file-locker is VinDizelPux Ransomware. This Trojan belongs to the MedusaLocker Ransomware family. Propagation and Encryption Malware researchers have not yet identified the specific infection vector involved in the distribution of the VinDizelPux Ransomware. Experts speculate that the VinDizelPux Ransomware is likely being spread via mass spam emails, corrupted advertisements, fake social media pages, torrent trackers, fraudulent application updates and downloads, pirated copies of popular software suites, etc. Upon infecting a computer, the VinDizelPux Ransomware scans the files present on the compromised host. The VinDizelPux Ransomware is programmed to target documents, images, videos, audio files, presentations, databases,...

Posted on July 1, 2020 in Ransomware

Gyga Ransomware

The Gyga Ransomware is the name of a new file-locker that is preying on unsuspecting users online. The data-encrypting Trojan belongs to the notorious Dharma Ransomware family. Instead of creating a file-locker from scratch, the creators of the Gyga Ransomware have opted to base this Trojan on the Dharma Ransomware. This helps them save both time and effort. Propagation and Encryption File-encrypting Trojans like the Gyga Ransomware, tend to target a wide list of filetypes to cause maximum damage to the host. This list is likely to include .mp3, .midi, .aac, .mid, .wav, .webm, .mov, .mp4, .jpeg, .jpg, .svg, .gif, .png, .xls, .xlsx, .ppt, .pptx, .doc, .docx, .txt, .pdf, .rar, .zip, .db and many other filetypes. This means that after the Gyga Ransomware is done encrypting your data, the majority of your files will be unusable. Upon...

Posted on July 1, 2020 in Ransomware

'pain@onefinedstay.com' Ransomware

Security researchers have uncovered a brand-new data-locking Trojan dubbed 'pain@onefinedstay.com' Ransomware. Upon looking further into this newly spotted Trojan, experts found that it is a variant of the infamous Dharma Ransomware – one of the most active ransomware families in the world. Propagation and Encryption Threats like the ‘pain@onefinedstay.com' Ransomware are known to target a very wide variety of filetypes. This is due to the fact that the more files a data-locker encrypts, the more likely it is for the victim to pay the ransom fee demanded by the attackers. If you fall victim to the ‘pain@onefinedstay.com' Ransomware, this nasty Trojan will make sure to encrypt all your documents, images, audio files, videos, spreadsheets, presentations, databases, archives and other data present on your system. When the...

Posted on July 1, 2020 in Ransomware

Promethium APT

The Promethium hacking group is an APT (Advanced Persistent Threat) that is best known for the spyware toolkit called StrongPity. Some malware analysts even refer to the Promethium group as StrongPity APT. The Promethium hacking group appears to target high-ranking politicians, military officials and political organizations mainly. Most of the Promethium APT's campaigns are concentrated in Syria and Turkey, but they also are known to have carried out campaigns against targets located in Italy and Belgium. The Promethium hacking group has been on the radar of malware researchers since 2012, and throughout the years, they have introduced many updates to their projects. According to analysts, the Promethium APT has set up more than 30 brand-new C&C (Command & Control) servers recently, which greatly expands their infrastructure....

Posted on July 1, 2020 in Advanced Persistent Threat (APT)


The StrongPity threat is a piece of malware that belongs to the arsenal of the Promethium APT (Advanced Persistent Threat). This hacking group was first spotted back in 2012 and has remained active to this day. In its early campaigns, the Promethium APT would mainly go after targets in Turkey and Syria. However, the hacking group has recently opted to expand its reach and has carried out attacks against targets located in India, Canada, Vietnam and Colombia reportedly. The StrongPity threat servers a spyware tool that is capable of exfiltrating various data types from its hosts. The Promethium APT has updated this hacking tool several times over the years. The latest iteration of the StrongPity malware is called StrongPity3 – this threat is very stealthy thanks to new and enhanced exfiltration methods combined with contemporary...

Posted on July 1, 2020 in Trojans

EvilQuest Ransomware

The EvilQuest Ransomware is a brand-new file-locker that appears to target Mac computers only. This is rather unusual, as there are not many data-encrypting Trojans, which go after OSX systems – most target Windows computers. According to malware researchers, the EvilQuest Ransomware is being propagated via bogus applications for Mac, like Mixer and Ableton. The creators of the EvilQuest Ransomware appear to use another distribution method in addition to the fake pirated copies of the aforementioned applications – a modified version of the Little Snitch application. This app is a torrent-sharing tool, which is a household name in the world of online piracy. To avoid raising any red flags, the installers responsible for the EvilQuest Ransomware propagation also will offer a functioning copy of the application alongside the threat. For...

Posted on July 1, 2020 in Mac Malware, Ransomware


There are many low-level fraudsters that generate revenue via fraudulent websites online. One of the most commonly used tricks is the 'Please Click Allow to Continue' tactic. Sites who host this tactic are usually empty and have nothing to offer their visitors. A perfect example of this is the Onesiderivatej.info website. Users who launch the Onesiderivatej.info website will see a bogus security prompt that will ask them to confirm that they are not a robot by clicking on the 'Allow' button on their screen. Unfortunately, this is not a legitimate CAPTCHA test. If you follow the Onesiderivatej.info website's instructions, you will subscribe to the Web browser notifications of this shady page. Once you have permitted the Onesiderivatej.info site to send you notifications, the shady Web page will flood you with unwanted advertisements,...

Posted on June 30, 2020 in Browser Hijackers


Newmode.biz is the domain name of a dodgy website, whose only goal is to hijack your Web browser notifications. The Newmode.biz site may claim to host engaging videos to attract the attention of users. However, this website is empty, and you should not waste your time with it. If you try to open the Newmode.biz site and view the video that it claims to host, you will be presented with a fraudulent animation, which will make it appear as if the dodgy page is loading the content. Next, the Newmode.biz page will spawn a prompt requesting that you to click 'Allow' to get access to the video. Sadly, there is no video to be viewed and click on the 'Allow' button will permit the dubious site to send you notifications via your Web browser. This is a common only tactic known as 'Please Click Allow to Continue.' Permitting the shady Web page to...

Posted on June 30, 2020 in Browser Hijackers

My Smart Converter

My Smart Converter is a Web browser extension that is likely to diminish your browsing quality instead of boost it. The My Smart Converter add-on is one of the numerous shady extensions whose primary goal is not to provide quality service but to hijack the user’s Web browser. The My Smart Converter add-on is associated with a website hosted on the Mysmartconverter.com/newtab/v1 domain. This is a basic search aggregator, which is not likely to offer you high-quality service. When you install the My Smart Converter Web browser extension, it will make sure to change the settings of your system quietly to assure that you are redirected to the Mysmartconverter.com/newtab/v1 website every time you open a new tab page in your browser. Since the My Smart Converter extension fails to acquire the user’s consent, it is considered to be a PUP...

Posted on June 30, 2020 in Potentially Unwanted Programs


MyShortcutTab is a shady Web browser add-on that is likely to exaggerate its usefulness to trick users into installing it. However, the MyShortcutTab Web browser extension is a PUP (Potentially Unwanted Program) that is not likely to bring many positive changes to your browsing experience. As soon as you install the MyShortcutTab extension on your system, it will alter your Web browser's settings. This is done to set up an affiliated website as your default new tab page – this helps the site in question generate both traffic and revenue. The MyShortcutTab Web browser extension works in cooperation with the Search-find.net website. The Search-find.net page hosts a basic search engine that cannot compete with the quality of service of well-regarded search aggregators like Google, Yahoo and Bing. The site affiliated with the MyShortcutTab...

Posted on June 30, 2020 in Potentially Unwanted Programs
1 2 3 4 5 6 7 8 9 10 11 1,463