PUABundler:Win32/FusionCore
PUABundler:Win32/FusionCore is a designation that Microsoft Defender Antivirus uses to detect and remove potentially unwanted programs (PUP) that are spread by bundling technology. FusionCore is not a stand-alone program, it…
Trojan:Script/Sabsik.fl.A!ml Analysis & Removal Guide
Trojan:Script/Sabsik.fl.A!ml is a generic detection name used by Microsoft Defender. This name is particularly used to denote stealer malware that also possesses dropper capabilities. It can perform various activities of…
ALPHV Ransomware Shut Down, Exit Scam Supposed
On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a…
Backdoor:Win32/Bladabindi!ml Analysis & Removal Guide
Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into and controlling victims' computers. In which…
PUA:Win32/PCMechanic – PC Mechanic Plus Removal Guide
PUA:Win32/PCMechanic is a detection associated with the potentially unwanted application. This pseudo system optimizer claims that the user’s system has many problems, and then offers to call the “tech support”.…
Trojan:Script/Ulthar.A!ml
Trojan:Script/Ulthar.A!ml is a detection of Windows Defender that identifies as a trojan. It specifically refers to a script-based malicious program. However, it can often turn out to be a false…
Bitfiat Process High CPU – Explained & Removal Guide
Bitfiat is a malicious coin miner that exploits your computer's hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s…
Misleading:Win32/Lodi
Misleading:Win32/Lodi is Microsoft Defender's detection of potentially dangerous software. It makes misleading or deceptive claims about files, registry entries, or other items on your computer. Such programs are also known…
Trojan:Script/Phonzy.B!ml
Trojan:Script/Phonzy.B!ml is a generic detection name used by Microsoft Defender. This type of malware is categorized as a loader as it mainly aims at delivering malicious payloads onto infected systems.…
MrB Ransomware (.mrB Files) – Analysis & File Decryption
MrB ransomware is a new Dharma ransomware sample, discovered on February 21, 2024. It is distinctive for applying a complex extension to the encrypted files that ends up with “.mrB”.…
LockBit Ransomware Taken Down by NCA
On February 19, 2024, LockBit ransomware was taken down by the UK National Crime Agency in cooperation with a selection of other law enforcement agencies. The banner typical for such…
SYSDF Ransomware (.SYSDF Files) – Malware Analysis & Removal
SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies, aiming at file encryption with further requests for ransom payment…