Threat research notebook

Gridinsoft Security Lab

Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.

302 lab records

Latest note ·

PUA:Win32/Presenoker: Meaning, Removal, and Safe Check

PUA:Win32/Presenoker is a Microsoft Defender detection for a potentially unwanted application, not a single fixed virus family. Treat it as unsafe unless you clearly recognize the app, downloaded it from the official source, and...

Research log

01

Win.MxResIcn.Heur.Gen

Record ·

Antivirus engine of MaxSecure, a well-known cybersecurity vendor, currently shows massive amounts of false positive detection with the name Win.MxResIcn.Heur.Gen. It touches numerous legitimate...

02

IP Stresser: Legal Test or DDoS Booter?

Record ·

An IP stresser is safe only for systems you own or have written permission to test. Learn free-stresser red flags, DDoS booter risks, and...

03

Meduza Stealer

Record ·

The Malware world evolves constantly, and it would be reckless to ignore newcomers and their potential. Meduza Stealer appears to be a pretty potent...

08

RegAsm.exe: Safe or Malware?

Record ·

RegAsm.exe is a legitimate Microsoft .NET tool, but malware can imitate or abuse it. Check the path, signature, command line, startup entries, and blocked...

09

What Is TextInputHost.exe?

Record ·

TextInputHost.exe is usually a safe Microsoft Windows input process. Learn how to verify its path and signature, fix high GPU usage or system errors,...

12

Sniffing vs Spoofing

Record ·

Learn the difference between sniffing and spoofing, how attackers use traffic capture and fake identity, and how to protect accounts, devices, and networks.

15

What Is UsoClient.exe? Safe or Virus?

Record ·

UsoClient.exe is a legitimate Windows Update component, not a virus when it runs from C:\Windows\System32\UsoClient.exe and is signed by Microsoft Windows. It belongs to...

AI Assistant

Hello! 👋 How can I help you today?