Threat research notebook
Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.
297 lab recordsWin32/Uwamson.A!ml is a specific name of a Microsoft Defender detection. This designation indicates that the suspicious program or file scanned by the antivirus has characteristics of malware. That is, the program has characteristics that...
VirTool:Win32/DefenderTamperingRestore means Defender restored unsafe settings. Learn when it is MSERT auto-heal, policy conflict, or malware...
Chromstera Browser is a Chromium-based browser that users often report as unwanted because it can appear...
Universal Browser is a name of a browser that users spectate in a strange update window...
Wave Browser keeps opening or came bundled with another download? Learn how to uninstall it, remove startup leftovers, reset affected browsers, and stop it...
PUA:Win32/Conduit is a Defender alert for Conduit/Search Protect browser hijacking. Learn quarantine, browser reset, persistence, and cleanup steps.
Adaware Web Companion is not a classic virus, but it is often unwanted. Learn when to uninstall it, what browser settings to check, and...
PUA:Win32/MyWebSearch is a Microsoft Defender potentially unwanted application detection tied to browser/search changes. It is usually not a destructive virus, but it can change...
Broom Cleaner is an unwanted program that at first glance seems to be a safe tool for cleaning and optimizing your computer. However, in...
PC Accelerate Pro is a fake optimizer and potentially unwanted app. Learn how to remove it, stop popups, clean leftovers, and prevent similar bundled...
URL:Scam in Avast or AVG means a web shield blocked a suspicious scam URL. Learn when it is a real threat, when it may...
The Walliant application is a Potentially Unwanted Application (PUA). It is promoted as an app that automatically changes desktop wallpapers. Though it in fact...
SMApps is a malicious program that aims at spreading illegal promotions. It mainly attacks browsers by changing settings and redirecting search queries from Google...
Hunt ransomware is a new sample of the Dharma/CrySis ransomware family that appeared on April 5, 2024. This malware aims at encrypting the files...
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic...
Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or websites. These redirects ruin...
Taskbarify is unwanted software (like a Movidown)that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy...
PUABundler:Win32/uTorrent_BundleInstaller is a Defender PUA alert for uTorrent or BitTorrent bundle installers. Remove the wrapper and check leftover apps.
WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file –...
PUABundler:Win32/FusionCore is a designation that Microsoft Defender Antivirus uses to detect and remove potentially unwanted programs (PUP) that are spread by bundling technology. FusionCore...
