Malware Remediation Utility

  • Detect & remove the latest malware threats.
  • Malware detection & removal definitions are updated regularly.
  • Technical support & custom fixes for hard-to-kill malware.

Try SpyHunter (FREE)!*

* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Top Security News

Beware: Cybercriminals Leveraging Coronavirus to Exploit Computer Users and Spread Malware It hasn't taken a lot of time for threat actors to realize the social engineering opportunity that the novel coronavirus (2019-nCoV) has presented them. The respiratory infection that originated in...
Infections Abound as Computer Malware Exploiting COVID-19 Coronavirus Spreads Rapidly Adding to Worldwide Hysteria There's no doubt that the Coronavirus has created a worldwide hysteria and pandemic from having a negative impact on many economies to pressing government officials to hold conferences addressing...
Hackers Exploiting Coronavirus Fears To Push Malware As the Covid-19 pandemic goes into full swing, we see increasing numbers of hackers and nation-state actors trying to exploit the global fears for their own gains, spreading malicious software...

Top Articles

WebDiscover Browser

WebDiscover Browser screenshot

WebDiscover Browser is an adware threat developed by a Canada-based company named WebDiscover Media. Once installed on a PC, the malicious app makes a series of unwanted changes to all browsers installed on the computer, leading to a deteriorating online surfing experience. WebDiscover replaces the default home pages and search engines of affected Internet browsers with its own WebDiscover Homepage and WebDiscover Search, respectively. Furthermore, the malicious app modifies the “new tab” settings so that the corrupted browsers launch the malware's own search portal page when the user opens a new tab. Chrome users may not even recognize WebDiscover as an unwanted program and think they...

Posted on July 3, 2015 in Browser Hijackers

How to Fix Mac Error Code 43 When Copying Files

How to Fix Mac Error Code 43 When Copying Files screenshot

Getting an OS system error message while working on a project can be quite an unpleasant surprise. Whether relating to MS Windows, or Mac OS, such a bug is always bound to disrupt your normal computer work. While some errors tend to be system-specific, others can affect both Windows and Mac-based systems, albeit designating totally different problems. The so-called Code 43 error message, for example, is primarily associated with device driver problems in Windows PCs, on the one hand, and file transfer issues on Mac machines, on the other. If you are using Windows and looking for a way to fix this specific error, click here for a guide with possible solutions. If you are a Mac user,...

Posted on January 30, 2019 in Computer Security

Shlayer Trojan

Shlayer Trojan screenshot

The Shlayer Trojan is a cyber-threat aimed at Mac users who might be interested in trying out application stores other than the official App Store by Apple. The Shlayer Trojan might be promoted to the users as an independent application delivery platform that offers discounts on premium software. The Shlayer platform was reported of delivering harmful programs, unwanted browser extension, unrequested Internet settings modifications, promoting questionable shopping helpers and distributing supposedly free premium applications. The Shlayer Trojan was recognized by computer security researchers in January 2019 when the users started reporting fake Adobe Flash updates to Web browser vendors....

Posted on February 15, 2019 in Mac Malware, Trojans

CoronaVirus Ransomware

CoronaVirus Ransomware screenshot

The CoronaVirus Ransomware (also called CoronaVi2022 Ransomware) is a file-locker, which was released in the wild recently, and it seems that its author has opted to use the name of the Coronavirus (also known as COVID-19), which is a disease that is threatening users worldwide. Just like the disease it is named after, the CoronaVirus Ransomware also threatens users worldwide, but in a different way – it will try to encrypt their files, and also overwrite the contents of their drive's Master Boot Record (MBR). The latter operation may cause a lot of trouble, since the victims' computers will not load their operating system and, instead, they will display a copy of the CoronaVirus...

Posted on March 12, 2020 in Ransomware

Hackers Spreading Malware via Coronavirus Maps Online

Hackers Spreading Malware via Coronavirus Maps Online screenshot

The ongoing outbreak of the coronavirus is now disrupting business across the world, but apparently cybercriminals have no days off, since they're just as active as they were before the beginning of the outbreak. It appears they are now capitalizing on the fears of the people regarding the pandemic. It was back in January that the hackers started using the coronavirus threat as a focus of an email campaign that infected users with malware, and now they are expanding their operations to coronavirus outbreak maps that follow the number of infections and deaths across the world. Many organizations are feeling the pressure from these attacks, such as John Hopkins University who created...

Posted on March 11, 2020 in Computer Security

APT Attack Spreads Malware Using Coronavirus Theme

APT Attack Spreads Malware Using Coronavirus Theme screenshot

The APT (Advanced Persistent Threat) group was spotted sending out spear-phishing emails that allegedly have detailed information about COVID-19, a.k.a. Coronavirus, but instead, they infect the victims with a custom remote access Trojan (RAT). The group is using the coronavirus pandemic to infect unsuspecting victims with a previously unseen malware. The malware is dubbed 'Vicious Panda' by researchers, with the attackers using it in a campaign at the moment. Researchers managed to find two Rich Text Format (RTF) files that were targeting the Mongolian public sector during the outbreak. Once the files are open, a unique and custom-made remote access Trojan is executed. It develops a list...

Posted on March 16, 2020 in Computer Security

Top 20 Countries Found to Have the Most Cybercrime

Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm, Symantec, has discovered specific factors that determine why a certain country is plagued with cybercrime more so or less than another which allowed them to come up with a ranking for each. Symantec has ranked 20 countries that face, or cause, the most cybercrime. In compiling such a list, Symantec was able to quantify software code that interferes with a computer's normal functions, rank zombie systems, and observe the number of websites that host phishing sites, which are designed to trick computer users into disclosing personal data or banking...

Posted on July 9, 2009 in Computer Security

Top 5 Popular Cybercrimes: How You Can Easily Prevent Them

Over the course of the past few years, hackers and cybercrooks armed with sophisticated malware have stolen literally hundreds of millions of dollars from online banking accounts and individuals all over the world. We have said it many times before in recent articles, the days of robbing banks in person are gone and now it all takes place behind a screen of a computer connected to the Internet. The Internet can be the most useful tool in business, school or every-day life. At the same time, the Internet can make someone's life a living hell in the event that one becomes the next victim of a cybercrime. A large percentage of the world's population that uses computers over the Internet are aware of cybercrime and the consequences that they may face if they succumb to a cybercriminals' trap. Others who have no clue as to the dangers they...

Posted on October 12, 2010 in Computer Security


AntiMalware screenshot

A typical deceptive campaign is disguising harmful threats as legitimate security programs in order to steal money from inexperienced victims. AntiMalware is a particularly short-named version of this campaign, with clones with names such as Active Security and Total Security. AntiMalware uses an interface that is very similar to the Windows Defender and legitimate Microsoft security programs, to make the victim believe that AntiMalware is a legitimate anti-malware application. Observing AntiMalware's design, you will quickly spot authentic-looking Windows and Microsoft Security Essentials logos as well as a layout that may seem familiar to most users of legitimate Microsoft Security...

Posted on November 9, 2009 in Rogue Anti-Spyware Program

More Articles

WatchMyTVShows Toolbar

WatchMyTVShows Toolbar is a Web browser extension that may claim to offer you great service but is likely to disappoint you. Users are led to believe that by installing the WatchMyTVShows Toolbar extension, they will be able to watch their favorite TV shows via their Web browser. However, this is not the case. The WatchMyTVShows Toolbar is not likely to provide you with any engaging content, as its main goal is to hijack your Web browser. If you install the WatchMyTVShows Toolbar, you may notice that the settings of your system have been changed. This is due to the fact that the WatchMyTVShows Toolbar would go behind your back in order to set up the MyWay.com website as your default new tab page. This means that you will be redirected to the MyWay.com site every time you open a new tab page in your Web browser. Due to its shady...

Posted on July 2, 2020 in Potentially Unwanted Programs


RequestTop is the name of a shady application that targets Mac computers exclusively. If you do not remember installing it, it is likely due to the fact that this dodgy utility is distributed via free software bundles and fake application downloads. The goal of the RequestTop application is not to boost your browsing experience but to set up an affiliated website as your default search engine. Since the RequestTop app will apply changes to your system's settings without your consent, it is considered to be a PUP (Potentially Unwanted Program). If the RequestTop utility is installed on your Mac, all your Web searchers will be redirected to the site affiliated with the dubious application. To gain persistence on the host, the RequestTop tool will tamper with Mac's Launch Daemon. If you want to remove the RequestTop application from your...

Posted on July 2, 2020 in Mac Malware


The OperativeField application is a dodgy Mac utility, which will not improve your browsing quality in any manner. The OperativeField application is distributed via bogus downloads and freeware bundles. Users who install freeware are advised to pay close attention during the installation process as they may unknowingly consent to other software being installed on their system. The goal of the OperativeField utility is to trick the user into installing it by accident, as most users would not install this dodgy tool purposefully. When the OperativeField app is installed on your Mac, it will make sure to gain persistence by modifying the Mac's Device Profile and Launch Daemon settings. The OperativeField application will introduce changes to your system without asking for your permission. This would classify the OperativeField app as a...

Posted on July 2, 2020 in Mac Malware

Echelon Stealer

Echelon is the name of an infostealer that is advertised online by its creator. The individual behind the Echelon Stealer is a cyber crook under the username 'Madcode.' The Echelon Stealer was publicly available on the GitHub platform. However, the administrators of the website have caught wind of it and have already removed several pages associated with the Echelon Stealer. Legitimate websites like GitHub do not allow malware on their platforms and will take down any content that may be perceived as unsafe. Despite the efforts of the GitHub administrators, the Echelon Stealer is still freely available online as other shady individuals have downloaded the content and are distributing it themselves. The main goal of the Echelon Stealer is to obtain sensitive information from its targets. Infostealers, like the Echelon Stealer, are...

Posted on July 2, 2020 in Trojans

Cobian RAT

The Cobian malware is a RAT (Remote Access Trojan) that was first spotted back in 2017. Since its first iteration, the Cobian RAT has been updated several times, which has resulted in some significant improvements. The Cobian Trojan is offered as a malware-as-a-commodity on underground hacking forums. What makes this threat particularly dangerous is that anyone who is willing to pay the price can obtain the Cobian RAT and distribute it, which is likely to greatly increase the infection rate of this threat. However, the authors of the Cobian RAT do not only seek to scam their victims but their customers too. The individuals who pay for the Cobian RAT will not receive a genuine version of the hacking tool. Instead, the Cobian RAT, which is offered as a commodity, has a built-in backdoor. This backdoor serves to enable the authors of the...

Posted on July 2, 2020 in Remote Administration Tools


FakeSpy is a newly spotted Android spyware. The FakeSpy threat appears to be propagated via bogus text messages, which are disguised as legitimate alerts by delivery companies. The fake text messages in question are used to carry the malicious APK file responsible for the installation of the FakeSpy malware. The FakeSpy threat is capable of obtaining various types of sensitive data from its targets. Furthermore, the FakeSpy malware is capable of spamming the contact list of the victim with fake texts, in order to propagate itself to other users. This is a clever distribution technique, as users are more likely to trust a text message when it comes from someone they know and trust. The first time malware analysts spotted the FakeSpy threat was back in 2017. However, the cybercriminals behind the FakeSpy malware have no been idle over...

Posted on July 2, 2020 in Malware

Jwjs Ransomware

Jwjs Ransomware is a new data-locker, which targets regular users on the Web. Ransomware threats are one of the nastiest types of malware you can come across. If a file-locker infiltrates your computer, it will encrypt all your files and ask you to pay a ransom fee in exchange for a decryption key that is supposed to recover your data. Propagation and Encryption It is not exactly known how the Jwjs Ransomware is being propagated. It is likely that the attackers are using spam emails to spread this Trojan. The targeted users would receive an email that contains a fraudulent message, which is designed to either trick them into opening a malicious link or downloading a macro-laced attachment, which carries the payload of the Jwjs Ransomware. Some other popular distribution methods include fake social media posts, torrent trackers, bogus...

Posted on July 2, 2020 in Ransomware

Hackers Asking for Ransom after Wiping Lenovo NAS Devices

Hackers Asking for Ransom after Wiping Lenovo NAS Devices screenshot

A hacker group going by the name 'Cl0ud SecuritY' is breaking into LenovoEMC network-attached storage devices. They are wiping files and leaving ransom notes to owners, asking for $200 to $275 to access the data. Attacks were happening for no less than a month, according to entries reported on BitcoinAbuse. The website allows users to report bitcoin abuse with ransomware and other cybercrimes. The attacks were aimed specifically at LenovoEMC/Iomega NAS devices with exposed management interfaces unprotected by a password. Many NAS devices were found to contain a ransom note called 'RECOVER YOUR FILES !!!!.txt' All the ransom notes were signed with the name 'Cl0ud SecuritY' and the email...

Posted on July 2, 2020 in Computer Security

Lucifer Malware Abuses Critical Vulnerabilities

Lucifer Malware Abuses Critical Vulnerabilities screenshot

A new variant of powerful DDoS-capable and cryptojacking malware is making the rounds on the internet, exploiting vulnerabilities to spread on Windows machines. The malware, dubbed Lucifer, is part of a campaign in the works aimed at Windows hosts. The malware uses exploits in the attacks, according to Palo Alto Networks Unit 42. The malware operator named their new malware Satan DDoS, but the Satan Ransomware already exists, so Palo Alto changed the name with a similar alias. A blog post by researchers Durgesh Sangvikar, Ken Hsu, Chris Navarette, and Zhibin Zhang mentioned the 2.0 variant of Lucifer, found on May 29, 2020, was exploiting CVE-2019-9081. The deserialization bug in the...

Posted on July 1, 2020 in Computer Security


There are many websites online that have no content of value to offer you whatsoever. Among them is the Gichelfactice.info page. This site hosts no content but may claim the opposite to mislead users into visiting it. Once you open the Gichelfactice.info site, you will be greeted by a fake security prompt requiring you to click 'Allow' to prove that you are a legitimate user and not a robot. Unfortunately, this is nothing more than a fake CAPTCHA test that, once completed, will permit the Gichelfactice.info website to send you notifications via your Web browser. The Gichelfactice.info site will use this permission to bombard you with unwanted advertisements, which may push dodgy products and fake services. Experts warn against clicking on the advertisements associated with the Gichelfactice.info Web page. It is advisable to revoke all...

Posted on July 1, 2020 in Browser Hijackers


Ustinctsretio.info is the domain name of a shady website, that does not host any content. Despite being empty, the Ustinctsretio.info website will likely claim to offer users exciting content to trick them into launching it. If you try to view the content that the Ustinctsretio.info site claims to offer, you will be disappointed. Once you open the Ustinctsretio.info page, you will see a prompt asking you to click on the 'Allow' button on your screen. This is often referred to as the 'Please Click Allow to Continue' online tactic. Users who click on the 'Allow' button displayed on the Ustinctsretio.info website will subscribe to the notifications of this dodgy Web page. This will result in constant spam advertisements via the notifications of your Web browser. Among the advertisements associated with the Ustinctsretio.info website's...

Posted on July 1, 2020 in Browser Hijackers

OnlinePrivacyManager Toolbar

OnlinePrivacyManager Toolbar is a dodgy Web browser add-on that is likely to claim to offer excellent features that will improve your browsing quality greatly. However, the main purpose of this Web browser extension is not to offer you the excellent service it claims to provide. Instead, the goal of the OnlinePrivacyManager Toolbar add-on is to hijack your Web browser. This is why the OnlinePrivacyManager Toolbar Web browse extension is considered to be a PUP (Potentially Unwanted Program). Once you install the OnlinePrivacyManager Toolbar add-on, you may notice some changes in your Web browser. This is because the OnlinePrivacyManager Toolbar extension will go behind your back to put a sponsored website as your default new tab page. The goal of the OnlinePrivacyManager Toolbar Web browser add-on is to aid the affiliated website in...

Posted on July 1, 2020 in Potentially Unwanted Programs

'Wacker' Email Virus

Recently, users have reported being targeted by a new online tactic. This new con is called the 'Wacker' email virus. The targeted users would get an email that is titled 'Wacker – Customer Enquiry <RANDOM NUMBER>.' It is likely that every target is assigned a unique number, which shows up in the email title. The fraudulent email is disguised as a legitimate message sent by the Wacker Chemie AG company. This is a corporation involved in the chemical sector. You can rest assured that the Wacker Chemie AG company has nothing to do with the 'Wacker' email virus – this an unsafe tactic run by unknown cyber crooks. The goal of the 'Wacker' email virus is to propagate a threat called NetWire RAT (Remote Access Trojan). According to researchers, the victims are chosen randomly, and there is not a specific demographic, which is targeted...

Posted on July 1, 2020 in Adware

VinDizelPux Ransomware

A brand-new data-encrypting Trojan has come to the attention of cybersecurity analysts. The name of this new file-locker is VinDizelPux Ransomware. This Trojan belongs to the MedusaLocker Ransomware family. Propagation and Encryption Malware researchers have not yet identified the specific infection vector involved in the distribution of the VinDizelPux Ransomware. Experts speculate that the VinDizelPux Ransomware is likely being spread via mass spam emails, corrupted advertisements, fake social media pages, torrent trackers, fraudulent application updates and downloads, pirated copies of popular software suites, etc. Upon infecting a computer, the VinDizelPux Ransomware scans the files present on the compromised host. The VinDizelPux Ransomware is programmed to target documents, images, videos, audio files, presentations, databases,...

Posted on July 1, 2020 in Ransomware

Gyga Ransomware

The Gyga Ransomware is the name of a new file-locker that is preying on unsuspecting users online. The data-encrypting Trojan belongs to the notorious Dharma Ransomware family. Instead of creating a file-locker from scratch, the creators of the Gyga Ransomware have opted to base this Trojan on the Dharma Ransomware. This helps them save both time and effort. Propagation and Encryption File-encrypting Trojans like the Gyga Ransomware, tend to target a wide list of filetypes to cause maximum damage to the host. This list is likely to include .mp3, .midi, .aac, .mid, .wav, .webm, .mov, .mp4, .jpeg, .jpg, .svg, .gif, .png, .xls, .xlsx, .ppt, .pptx, .doc, .docx, .txt, .pdf, .rar, .zip, .db and many other filetypes. This means that after the Gyga Ransomware is done encrypting your data, the majority of your files will be unusable. Upon...

Posted on July 1, 2020 in Ransomware
1 2 3 4 5 6 7 8 9 10 11 1,464