Threat research notebook
Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.
291 lab recordsVirTool:Win32/DefenderTamperingRestore is the name of the Microsoft Defender detection of a malicious element present in the system. Usually, it marks a thing that can weaken the system's security and make the device vulnerable to...
Adaware Web Companion is not a classic virus, but it is often unwanted. Learn when to...
PUA:Win32/MyWebSearch is a Microsoft Defender potentially unwanted application detection tied to browser/search changes. It is usually...
Broom Cleaner is an unwanted program that at first glance seems to be a safe tool...
PC Accelerate is a questionable software that is presented as a useful utility designed to optimize your computer's performance. In reality though, this software...
URL:Scam in Avast or AVG means a web shield blocked a suspicious scam URL. Learn when it is a real threat, when it may...
The Walliant application is a Potentially Unwanted Application (PUA). It is promoted as an app that automatically changes desktop wallpapers. Though it in fact...
SMApps is a malicious program that aims at spreading illegal promotions. It mainly attacks browsers by changing settings and redirecting search queries from Google...
Hunt ransomware is a new sample of the Dharma/CrySis ransomware family that appeared on April 5, 2024. This malware aims at encrypting the files...
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic...
Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or websites. These redirects ruin...
Taskbarify is unwanted software (like a Movidown)that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy...
PUABundler:Win32/uTorrent_BundleInstaller is a Microsoft Defender detection for a potentially unwanted bundled installer connected to uTorrent or BitTorrent-style setup packages. The issue is usually the...
WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file –...
PUABundler:Win32/FusionCore is a designation that Microsoft Defender Antivirus uses to detect and remove potentially unwanted programs (PUP) that are spread by bundling technology. FusionCore...
Trojan:Script/Sabsik.FL.A!ml is a Defender script Trojan alert. Check the file path, source, false-positive risk, and cleanup steps before restoring it.
Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into...
PUA:Win32/PCMechanic is a detection associated with the potentially unwanted application. This pseudo system optimizer claims that the user’s system has many problems, and then...
Trojan:Script/Ulthar.A!ml is a Defender script alert. Check the file path, source, false-positive risk, and cleanup steps before restoring it.
Bitfiat is a malicious coin miner that exploits your computer's hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making...
