News, Tips, Security Lab
Re-Captha-Version Pop-Up Notification Spam
Recent user complaints show a new wave of malicious Re-Captha-Version website pop-ups. Such websites aim to force users into allowing…
Fujitsu Hacked, Warns of Data Leak Possibility
Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware…
Taskbarify Unwanted Application
Taskbarify is unwanted software that claims it is a tiny little Windows tweaker. However, it also turns the device into…
Trojan:Win32/Vigorf.A
Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant…
Trojan:Win32/Znyonm
Trojan:Win32/Znyonm is a detection often seen during the backdoor malware activity in the background. Such malware can escalate privileges, enable…
Backdoor:Win32/Bladabindi!ml Analysis & Removal Guide
Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into and controlling victims’ computers. In which…
PUA:Win32/PCMechanic – PC Mechanic Plus Removal Guide
PUA:Win32/PCMechanic is a detection associated with the potentially unwanted application. This pseudo system optimizer claims that the user’s system has many problems, and then offers to call the “tech support”.…
Trojan:Script/Ulthar.A!ml
Trojan:Script/Ulthar.A!ml is a detection of Windows Defender that identifies as a trojan. It specifically refers to a script-based malicious program. However, it can often turn out to be a false…
rsEngineSvc.exe Process: Reason Core Security Engine Service
RsEngineSvc.exe is an executable file associated with RAV Antivirus, a program developed by ReasonLabs. While being less dangerous than malware, it may be categorized as PUP (Potentially Unwanted Program). This…
Bitfiat Process High CPU – Explained & Removal Guide
Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s…
Misleading:Win32/Lodi
Misleading:Win32/Lodi is Microsoft Defender’s detection of potentially dangerous software. It makes misleading or deceptive claims about files, registry entries, or other items on your computer. Such programs are also known…
Trojan:Script/Phonzy.B!ml
Trojan:Script/Phonzy.B!ml is a generic detection name used by Microsoft Defender. This type of malware is categorized as a loader as it mainly aims at delivering malicious payloads onto infected systems.…
LockBit is Back With New Claims and Victims
The story around LockBit ransomware takedown on February 19 continues to unfold. After almost a week of downtime and silence, the infamous gang is back online on a new Onion…
What is Wave Browser? — How to Uninstall Guide
Wave Browser is an unwanted browser application that tries to look as a yet another Chromium-based project. Although it performs its function, according to users’ reviews, there are more problems…
PUADlManager:Win32/OfferCore
PUADlManager:Win32/OfferCore is a detection of Microsoft Defender related to bundled software, specifically to a piece of code that is used to create the bundle. OfferCore itself is not a specific…
MrB Ransomware (.mrB Files) – Analysis & File Decryption
MrB ransomware is a new Dharma ransomware sample, discovered on February 21, 2024. It is distinctive for applying a complex extension to the encrypted files that ends up with “.mrB”.…
WinRing0x64.sys Process – What is It? Can I Delete?
WinRing0x64.sys is a low-level driver that is used by specific applications. The file is not malicious, though, but malware can abuse this driver. Next, we will find out who uses…