Trojan:Win64/Zusy.CZ!MTB
Trojan:Win64/Zusy.CZ!MTB is a detection of Microsoft Defender that can flag several different types of malware. Being a heuristic detection, it can as well be a false positive, with no real threat to the system....
Threat research notebook
Gridinsoft Security Lab
Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.
291 lab recordsAltisik Service: High CPU Miner, Safe Check, and Removal
Altisik Service using high CPU? Learn what AltisikService.exe is, why it returns after ending the task,...
Trojan:Win32/Fauppod!ml
What does Fauppod!ml mean? Trojan:Win32/Fauppod!ml is a Microsoft Defender machine-learning detection. It does not name one...
JsTimer Extension Virus – Easy Removal Instructions
JsTimer is a malicious browser extension detected in various browsers, predominantly targeting users through dubious websites....
Research log
PUA:Win32/GameHack: Virus or False Positive?
PUA:Win32/GameHack is a Microsoft Defender detection for game cheats, trainers, memory editors, patched game files, and related tools that modify game behavior. It is...
Funny Tool Redirect Extension Virus – Easy Removal Instructions
Funny Tool Redirect is a malicious browser extension that you may see installed in your browser. It spreads through dodgy websites and does a...
Trojan:Win64/Reflo.HNS!MTB
Win64/Reflo.HNS!MTB is a detection of a malware sample that aims at stealing confidential information. It usually spreads through game mods and works as quietly...
Check-tl-ver Pop-Up Virus
Analysis shows a hike in the number of malicious pop-ups that come from Check-tl-ver websites. It is a rather common strategy of aggressive marketing...
Trojan:PowerShell/CoinStealer.RP!MTB
Trojan:PowerShell/CoinStealer.RP!MTB is a detection of Microsoft Defender, that normally flags malware that can steal cryptocurrency wallets. You may see it popping up after downloading...
PUABundler:Win32/DriverPack
PUABundler:Win32/DriverPack is potentially unwanted software that claims to install or update drivers. In fact, it floods the system with unwanted software and changes browser...
Virus Alert (05261) Scam
"Virus Alert (05261)" is a scam pop-up message you can see on a website that looks like a Microsoft page, but with a strange...
Movidown Unwanted Application
Movidown is an Unwanted Application that initially mimics a utility for controlling fan speed. However, beneath this shell, it has the capabilities of a...
“Managed by Your Organization” – How to Remove From Chrome?
“Managed by your organization” is a line that appears when the web browser is attacked by browser hijackers. This malware abuses a legitimate Chrome...
PUA:Win32/SBYinYing
PUA:Win32/SBYinYing is a potentially unwanted application (PUA) that is often bundled with certain cracked games. It may display ads to users or redirect them...
How to Turn Off Microsoft Defender Safely
You can temporarily turn off Microsoft Defender Antivirus from Windows Security, but you should only do it for a specific trusted reason and turn...
Trojan:Win32/Qhosts
Trojan:Win32/Qhosts is malware that provides remote access to the target system and modifies the Hosts file. It is primarily distributed through illegal activation tools...
PUABundler:Win32/YandexBundled
PUABundler:Win32/YandexBundled is a detection of potentially unwanted application (PUA) associated with the Russian company Yandex. It is typically distributed as bundled software with repackaged...
Docker Engine Authentication Bypass Vulnerability Exploited
Attackers are actively exploiting a critical vulnerability in the Docker Engine that may allow for authentication bypass in a chain attack. This vulnerability allows...
Hamster Kombat Players Targeted in a New Malware Spreading Scheme
Players of Hamster Kombat have become prime targets for scammers promoting phishing schemes aimed at those looking for easy earnings. Malicious actors steal confidential...
Trojan:BAT/PSRunner.VS!MSR
Trojan:BAT/PSRunner.VS!MSR is a detection of malware that executes malicious commands on a compromised system. It does not do much hurt by itself and rather...