Malware Remediation Utility

  • Detect & remove the latest malware threats.
  • Malware detection & removal definitions are updated regularly.
  • Technical support & custom fixes for hard-to-kill malware.
* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Top Security News

Cybercriminals Are Still Taking Advantage of COVID-19 with Increased Attacks Microsoft unveiled its Asia Pacific findings from its latest Security Endpoint Threat Report for 2019, which shared that cybercriminals are making 60,000 COVID-19 themed phishing attempts daily....
Cybercriminals Sticking to Coronavirus and Financial Themes for Phishing Scams Summer is at its peak, and the online scammers are still doing whatever they can to take advantage of the uncertainty caused by the pandemic. Cyber-attacks are targeting businesses and consumers in...
Agencies Warn of Imminent Ransomware Cybercrime Threat to US Healthcare Sector Several agencies came out with a joint advisory on October 28 with stern warnings to the healthcare sector related to cybercrime. The advisory concerns an "imminent and increased cybercrime threat...

Top Articles

WebDiscover Browser

WebDiscover Browser screenshot

WebDiscover Browser is an adware threat developed by a Canada-based company named WebDiscover Media. Once installed on a PC, the malicious app makes a series of unwanted changes to all browsers installed on the computer, leading to a deteriorating online surfing experience. WebDiscover replaces the default home pages and search engines of affected Internet browsers with its own WebDiscover Homepage and WebDiscover Search, respectively. Furthermore, the malicious app modifies the “new tab” settings so that the corrupted browsers launch the malware's own search portal page when the user opens a new tab. Chrome users may not even recognize WebDiscover as an unwanted program and think they...

Posted on July 3, 2015 in Browser Hijackers

STOP Ransomware

STOP Ransomware screenshot

PC security researchers received reports of ransomware attacks involving a threat known as the STOP Ransomware on February 21, 2018. The STOP Ransomware is based on an open source ransomware platform and carries out a typical version of an encryption ransomware attack. The STOP Ransomware is distributed using spam email messages containing corrupted file attachments. These file attachments take the form of DOCX files with embedded macro scripts that download and install the STOP Ransomware onto the victim's computer. Learning how to recognize phishing emails and avoiding to download any unsolicited file attachments received is one of the ways to avoid these attacks. How to Recognize a...

Posted on February 26, 2018 in Ransomware

How to Fix Mac Error Code 43 When Copying Files

How to Fix Mac Error Code 43 When Copying Files screenshot

Getting an OS system error message while working on a project can be quite an unpleasant surprise. Whether relating to MS Windows, or Mac OS, such a bug is always bound to disrupt your normal computer work. While some errors tend to be system-specific, others can affect both Windows and Mac-based systems, albeit designating totally different problems. The so-called Code 43 error message, for example, is primarily associated with device driver problems in Windows PCs, on the one hand, and file transfer issues on Mac machines, on the other. If you are using Windows and looking for a way to fix this specific error, click here for a guide with possible solutions. If you are a Mac user,...

Posted on January 30, 2019 in Computer Security


Newsbreak.com screenshot

At first glance, the Newsbreak.com website appears to be a useful tool that would provide its visitors with the latest news. However, this is one of the countless bogus websites online that do not provide any content of value, and instead, seek to benefit from their visitors using various shady tricks. Spams Users with a Constant Flow of Advertisements Upon visiting the Newsbreak.com page, users will be asked to permit the site to display Web browser notifications. Keeping in mind that this fake page poses as a legitimate news website, many users may be tricked to allow browser notifications thinking that they will be alerted for the latest breaking news. However, this is not the case,...

Posted on February 3, 2020 in Browser Hijackers

APT Attack Spreads Malware Using Coronavirus Theme

APT Attack Spreads Malware Using Coronavirus Theme screenshot

The APT (Advanced Persistent Threat) group was spotted sending out spear-phishing emails that allegedly have detailed information about COVID-19, a.k.a. Coronavirus, but instead, they infect the victims with a custom remote access Trojan (RAT). The group is using the coronavirus pandemic to infect unsuspecting victims with a previously unseen malware. The malware is dubbed 'Vicious Panda' by researchers, with the attackers using it in a campaign at the moment. Researchers managed to find two Rich Text Format (RTF) files that were targeting the Mongolian public sector during the outbreak. Once the files are open, a unique and custom-made remote access Trojan is executed. It develops a list...

Posted on March 16, 2020 in Computer Security

.HOW Ransomware

.HOW Ransomware screenshot

.HOW Ransomware is a new file-encrypting Trojan, which appears to belong to the notorious Dharma Ransomware family. Data-lockers like the .HOW Ransomware are not built from scratch. Instead, their creators borrow the code of well-established threats like the Dharma Ransomware and create a new copy of it with a different name.  Propagation and Encryption To cause a significant amount of damage to the compromised host, the .HOW Ransomware is likely to go after a wide array of filetypes, such as .doc, .docx, .pdf, .txt, .mp3, .midi, .mid, .aac, .wav, .mov, .webm, .mp4, .db, .zip, .rar, .jpg, .jpeg, .png, .svg, .gif, .xls, .xlsx, .ppt, .pptx and others. The .HOW Ransomware uses a complex...

Posted on June 29, 2020 in Ransomware

Top 5 Popular Cybercrimes: How You Can Easily Prevent Them

Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in person are gone and now it all takes place behind a screen of a computer connected to the Internet. The Internet can be the most useful tool in business, school or every-day life. At the same time, the Internet can make someone's life a living hell in the event that one becomes the next victim of a cybercrime. A large percentage of the world's population that uses computers over the Internet are aware of cybercrime and the consequences that they may face if they succumb to a cybercriminals' trap. Others who have no clue as to the dangers they...

Posted on October 12, 2010 in Computer Security

Search Marquis

Search Marquis screenshot

Search Marquis is a browser component that may disguise itself as a helpful tool that will enhance the browsing quality of popular browsers like Chrome and Safari. In fact, it is a shady browser extension that aims to alter the browser's setting without the user’s knowledge and consent. The main purpose of this Potentially Unwanted Program (PUP) is to sneak stealthily into Mac computers and generate revenue for its operators. This happens through a number of intermediate redirects through various dubious domains before displaying Bing.com results. This Week In Malware Episode 36 Part 2: Why Your Web Browser is Redirecting to Search Marquis & and How to Stop It! Once installed on a Mac...

Posted on June 9, 2020 in Browser Hijackers, Mac Malware

More Articles

ViperSoftX RAT

RATs or Remote Access Trojans are among the most threatening malware types, and, as such, ViperSoftX RAT presents a severe security issue. This JavaScript-based RAT is equipped with several obfuscation techniques designed to reduce the chances of it being detected, as well as analyzing its code that much harder. Among the methods employed by ViperSoftX RAT are partial code encryption via the AES cryptographic algorithm and using legitimate names to disguise its code. Once inside the targeted computer, ViperSoftX RAT establishes persistence and begins to collect various system data. Among the harvested details are the device serial number, device name, username, operating system, and a list of installed anti-malware solutions. The main purpose of ViperSoftX RAT is to collect cryptocurrencies, Bitcoin and Ethereum mainly, by interfering...

Posted on January 26, 2021 in Remote Administration Tools


Holanews.biz is a deceptive website created with just one purpose - to propagate a popular browser-based tactic. The use of various manipulative social-engineering tactics tries to lure its visitors into subscribing to its push notification services by clicking the 'Allow' button. It must be noted that Holanews.biz is in no way unique; in fact, there are countless websites identical to it virtually already present on the Internet, and more are being created every single day. The most popular scenario among these fraudulent websites is pretending to conduct a captcha check for bots. Holanews.biz, however, employs a different variation. It displays to its visitors prominently a Download button accompanied by the following message: 'Your file is ready to download.' The implication is that you will have to click 'Allow' to download the...

Posted on January 26, 2021 in Browser Hijackers

Bar1 New Tab

The Bar1 New Tab is a browser hijacker application targeting Mac users. The Bar1 New Tab is capable of attaching itself to all of the popular browsers - Chrome, Mozilla, Opera, but not Safari. The goal is to take over certain browser settings; in most cases, those are the default search engine, the homepage, and the new page tab, and set them to open a specific promoted address. Typically, that is a fake search engine that cannot produce any search results on its own. Instead, it takes any search queries conducted in the affected browser and redirects them through a real search engine such as Yahoo, Google, etc. Browser hijackers also can generate monetary gains for their creators by delivering sponsored advertisements. The advertisements can be injected into the list of displayed search results even though they may not fit the...

Posted on January 26, 2021 in Mac Malware


SkilledObject is an application that combines characteristics of adware with those of a browser hijacker. It is designed to target Mac users. Due to the deceptive distribution methods it employs, SkilledObject also is classified as a PUP (Potentially Unwanted Program). For example, SkilledObject has been observed to be distributed inside a fake installer designed to mimic Adobe Flash Player's legitimate installer. Once installed, SkilledObject will begin to deliver unwanted advertisements to the user. They could take the form of pop-up windows, banners, surveys, etc. The advertisements could start to cover the content on visited pages. Furthermore, they could be promoting other dubious PUPs or even fake software updates with malware threats lurking inside them. Technical support tactics also could be among the redirects caused by...

Posted on January 26, 2021 in Mac Malware


CleanParameter is a PUP (Potentially Unwanted Program) that is targeting Mac users. No matter what features the application may boast as having, its true nature is that of adware. It is being distributed through deceptive marketing tactics such as hiding inside fake Adobe Flash Player updates. Once installed on the user's computer, CleanParameter will begin to generate intrusive promoted advertisements. Clicking on them could redirect the user to various suspicious third-party websites that could be peddling additional PUPs or fake software updates. Landing pages for technical support tactics could also be delivered. Apart from its adware capabilities, CleanParameter also is equipped with several browser hijacker capabilities. These allow it to create forced redirects in the affected browser. It should be noted that most adware and...

Posted on January 26, 2021 in Mac Malware

Judge Ransomware

The Judge Ransomware is a potent threat that can wreak havoc on any computer it manages to infect. Using an encryption routine with an uncrackable cryptographic algorithm, the files it locks are impossible to recover without access to the specific decryption key. As a result, suddenly, affected users will find themselves unable to access files that were perfectly fine just moments ago. The hackers' goal is to extort money from their victims in exchange for providing the decryption tool and software that could potentially restore the locked data. When the Judge Ransomware encrypts a file, it also modifies that file's original name by appending to it an email address under the control of the hackers followed by a new file extension - '.judge.' The email address is 'judgemebackup@tutanota.com.' To make sure that be victims will be 1000%...

Posted on January 26, 2021 in Ransomware

SUMMON Ransomware

Infosec researchers have detected a new threatening ransomware that has been unleashed in the wild. Named SUMMON Ransomware, it is capable of affecting a large number of file types leaving users scrambling to regain access to their personal or work-related data. The SUMMON Ransomware uses a complex name pattern for every file it encrypts. First, it attaches an email address under the control of the hackers, followed by a unique ID string assigned to the specific victim to the front of the original filename. At the same time, a new file extension - '.SUMMON,' will be appended to the end of the name. The ransom note containing instructions for SUMMON Ransomware's victims is dropped as files named '#ReadThis.HTA.' No specific sum for the ransom is mentioned. Still, the note does clarify that the money must be sent as Bitcoins to the...

Posted on January 26, 2021 in Ransomware

Windows Photos App Not Working

Packed with Windows 10 is the Microsoft Photos application, the default application that users can rely on to open photos and other image files. Throughout several updates, however, the features offered by the application have been steadily expanded, and it can now also be used to edit photos and videos, add 3D effects, create albums, and even some basic video editing options, such as marking up images with drawings, adding 3D effects and background music to videos. It is understandable then that users accustomed to having access to the application could be quite frustrated if Windows Photos suddenly refused even to start. The reasons for the issue can be varied, but numerous users were plagued by one error in particular - File System Error -2147219196, that prevents the application from opening at all. Fortunately, several methods...

Posted on January 26, 2021 in Issue


MacOS.iDoctor.H is a Potentially Unwanted Application (PUA) detection for macOS that typically spreads as fake optimization software. Such rogue apps are very common as they are an easy way of infecting computers with various dangerous malware threats. Mac users usually download and install iDoctor.H from untrusted websites, faux landing pages and portals, online forums, or social media posts. Another standard distribution method of PUAs is called 'bundling.' When that method is used, the undesired apps and tools are delivered through popular freeware installers. Malware developers also spread their creations through phishing email campaigns where the malicious files are hidden within attached documents. Once MacOS.iDoctor.H is installed on your Mac computer, the scope of the damage it can cause seems broad. Initially, the app may...

Posted on January 26, 2021 in Mac Malware, Potentially Unwanted Programs


Trojan.MacOS.Chatzum.A is the detection designation for the Chatzum trojan. Chatzum is a threat affecting Mac devices. It is often classified as a browser-hijacker or adware because it exhibits behavior typical for those types of threats. Chatzum is reportedly capable of displaying unsolicited advertisement messages through a multitude of avenues including messaging applications, browser pop-ups and it’s own browser plugin and toolbar. In this regard, Chatzum is similar to Zako, another adware for Mac. Like Zako, Chatzum is also often installed in freeware bundles. This may happen with or without the informed consent of the user depending on the particular bundle. Another way for Chatzum to get installed on a Mac is through fake Flash updates. Chatzum also installs its own toolbar and automatically changes the default home page and...

Posted on January 26, 2021 in Mac Malware, Trojans


Trojan.MacOS.Clapzok.A is the detection of Clapzok, a multiplatform file infector trojan. The file infector designation stems from the ability of Clapzok to copy its code into other applications. In other words, Clapzok can self propagate once it has infected a system. This may sound scary and it potentially could be. However, Clapzok has been around for about 15 years (8 years for the Mac version) and it is a PoC or Proof of Concept virus. What this means is that it was developed to point out a security flaw and doesn’t necessarily pose any risk. In Clapzok’s case, the developer is researcher JPanic. Clapzok was first introduced as PoC in 2006 but at the time it wasn’t compatible with Mac systems. Since the concept was a file infector, the only thing the original Clapzok does is to copy its code into other files and applications. That...

Posted on January 26, 2021 in Mac Malware, Trojans


Trojan.MacOS.Agent.LR or just Agent.LR is a generic detection of a trojan infection developed to compromise MacOS devices. The term "trojan" is used to describe malware developed with the specific goal to infect devices without the owner noticing. The usual ways for trojans to spread are: Email attachments containing malicious macros. Freeware bundles. Fake Adobe Flash updates. MacOS systems used to have a reputation for being safe from malware but that has changed. While it is true that the malware affecting Macs is still a fraction compared to threats geared toward Windows systems, the segment is growing. Once a trojan like Agent.LR successfully infiltrates a device, there are many ways for cybercriminals to use it. Some trojans are used as backdoors giving the criminals access to a device or a network. Others are tailored to steal...

Posted on January 26, 2021 in Mac Malware, Trojans


MacRemover.C has been classified as a Potentially Unwanted Program (PUP) for Mac computers. It looks like it spreads around as an application named MacRemover for macOS that is supposed to help users remove undesired Mac apps from their system without any trace. Such a feature is already available in every operating system, so MacRemover is, in the very best case, unnecessary. Yet, it is not advisable to keep that application installed on your computer as it may bring along many cybersecurity risks. Some malicious features of PUPs include pop-up messages that are displayed directly on the user’s computer. These pop-ups could contain all sorts of advertising material, yet they usually promote potentially hazardous products and services on the Internet through embedded redirecting scripts. For example, MacRemover.C may show you fake...

Posted on January 26, 2021 in Mac Malware, Potentially Unwanted Programs


Mderedpro.top is a website tasked with a singular objective - to propagate a popular browser-based tactic. Visitors who land on it are subjected to various social-engineering tactics and tricks aimed at getting them to click on the 'Allow' button. Doing so will subscribe the user to the website's push notification services, which will result in the generation of various unsolicited advertisements. Mderedpro.top is just one of the countless virtually identical websites that are designed to conduct this particular tactic. It also utilizes the most popular scenario by pretending to be conducting a captcha check for bots. Anyone who lands on the website will see the prominently displayed message - 'Click Allow to confirm you are not a robot!' immediately. Other misleading alert messages also can be generated: Mderedpro.top says: 'CLICK...

Posted on January 25, 2021 in Browser Hijackers


Vercounsel.top is a mostly empty website, but don't let that fool you; its only reason for existing is to propagate a rather popular browser tactic. Vercounsel.top, and the myriad of websites virtually identical to it, abuse various social-engineering tactics to trick visitors into subscribing to their push notification services. The scheme's crux is for the user to click on the 'Allow' button resulting in the fraudulent website being granted all of the browser permissions it needs. Now, it can start generating various unwanted advertisements on the affected device. Disabling the browser will not be enough to stop the advertisements from appearing. Furthermore, users should avoid being tempted to click on any advertisements, as they could be redirected to suspicious third-party websites. There, they could be subjected to offers to...

Posted on January 25, 2021 in Browser Hijackers
1 2 3 4 5 6 7 8 9 ... 1559