Threat research notebook

Gridinsoft Security Lab

Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.

302 lab records

Latest note ·

PUABundler:Win32/MediaGet: What It Is and How to Remove It

PUABundler:Win32/MediaGet is a Microsoft Defender detection for MediaGet-related bundled software. MediaGet is commonly associated with torrent/pirated-content workflows and may install extra components or unwanted programs. Even when it is not a classic virus, it...

Research log

01

Azurestaticapps.net

Record ·

Azurestaticapps.net is a selection of pages registered on genuine Microsoft hosting, that try scaring the user by false malware infection claims. In fact, it...

02

Trojan:Win64/Zusy.CZ!MTB

Record ·

Trojan:Win64/Zusy.CZ!MTB is a detection of Microsoft Defender that can flag several different types of malware. Being a heuristic detection, it can as well be...

03

Sec-tl Pop-Up Virus

Record ·

Sec-tl pop-up ads are malicious push notifications that parasite legitimate browser functionality. Fraudulent actors that stand behind this chain of websites earn money by...

05

First-tl Pop-Up Virus

Record ·

First-tl pop-up ads are malicious push notifications (like a Sec-tl sites) that parasite legitimate browser functionality. Fraudulent actors that stand behind this chain of...

08

Trojan:Win32/Fauppod!ml

Record ·

What does Fauppod!ml mean? Trojan:Win32/Fauppod!ml is a Microsoft Defender machine-learning detection. It does not name one exact malware family; it means the file looks...

09

JsTimer Extension Virus – Easy Removal Instructions

Record ·

JsTimer is a malicious browser extension detected in various browsers, predominantly targeting users through dubious websites. This extension engages in peculiar behavior by blocking...

12

Trojan:Win64/Reflo.HNS!MTB

Record ·

Win64/Reflo.HNS!MTB is a detection of a malware sample that aims at stealing confidential information. It usually spreads through game mods and works as quietly...

13

Check-tl-ver Pop-Up Virus

Record ·

Analysis shows a hike in the number of malicious pop-ups that come from Check-tl-ver websites. It is a rather common strategy of aggressive marketing...

14

Trojan:PowerShell/CoinStealer.RP!MTB

Record ·

Trojan:PowerShell/CoinStealer.RP!MTB is a detection of Microsoft Defender, that normally flags malware that can steal cryptocurrency wallets. You may see it popping up after downloading...

15

PUABundler:Win32/DriverPack

Record ·

PUABundler:Win32/DriverPack is potentially unwanted software that claims to install or update drivers. In fact, it floods the system with unwanted software and changes browser...

16

Virus Alert (05261) Scam

Record ·

"Virus Alert (05261)" is a scam pop-up message you can see on a website that looks like a Microsoft page, but with a strange...

AI Assistant

Hello! 👋 How can I help you today?