Gridinsoft Security Lab

Kissanime site (kissanimes.net) poses itself as a library of a huge number of anime titles, available for free. However, our own research along with user complaints point at this website engaging in questionable activities that may lead to users getting infected with various viruses. In this article, I will explain whether the Kissanime site is […]

Unsecapp.exe is a process you may notice in the Task Manager, without any reason or purpose. Users report about it popping up for no reason, and in some cases, it consumes a lot of CPU power. In this article, I will explain where this process comes from and what you should do about it. What […]

Contacto virus is a newly identified ransomware strain that encrypts victims’ files and demands a ransom for their decryption. We identified this sample on January 7, 2025, and made a comprehensive analysis of the threat. One hallmark of Contacto is its tendency to modify the system wallpaper, replacing it with a black background displaying a […]

Trojan:JS/FakeUpdate.HNAP!MTB is a detection of Microsoft Defender that flags a malicious program present in the system. It comes from the heuristic detection system, which scans for malware presence by the behavior; this allows for finding the most modern threats, yet can also lead to false positives. The detection itself normally flags a JavaScript file that […]

Trojan Wacatac is a broad detection name for many malicious programs that share similar code and functionality. Often, the Wacatac label is used for malware with dropper capabilities, which can be used to deliver ransomware. In this article, I’ll look at both Trojan:Script/Wacatac.B!ml and Trojan:Win32/Wacatac.B!ml. At first glance, they might seem similar, but they are […]

RDPLocker is a virus that encrypts the files and demands for a ransom payment for their decryption. It was first detected on malware analysis platforms at the very beginning of 2025, and by our observations attacks both individual users and corporations. One of the distinctive features of the malware is the changes to system wallpaper: […]

Softonic is a popular website that offers various software for downloading, in both free and paid versions. With it appearing on top of search results, users may think of it as a legit source of different programs. However, deeper research reveals quite worrying facts. But is Softonic safe to use? Can it spread viruses? Let […]

Audiodg.exe is a Windows process responsible for the correct audio operations in the system. However, like with many system processes, cybercriminals can use its name to hide their malicious programs. In this post, I will explain how to figure out if a file is legitimate, how to fix Audiodg.exe high CPU and remove the impostor […]

The development of generative AI that is capable of creating images gave an expected push for AI deepnude web services. People are eager to remove clothing from someone around them, and that wish was around for quite some time now. But how safe is it to use such services? And is it legal? Let’s find […]

MicrosoftHost.exe is a malicious process that the malware creates to disguise itself as a benign process. Users may witness high CPU load coming from this specific process. Despite its name, it is not associated with Microsoft in any way. In this post, I will explain what this process is and how to remove it. MicrosoftHost.exe […]

AlienWare is a type of ransomware designed to lock your files and hold them hostage until you pay up. It’s sneaky and frustrating, leaving your data scrambled and adding a random 4-symbol extension. The file named cat.jpg becomes cat.jpg.1zy3, document.docx – document.docx.9k4a, and so forth. This makes it easy to spot for the victim, but […]

Trojan:Win32/Pomal!rfn is a detection commonly encountered when downloading programs like emulators or games. This detection, shown by Microsoft Defender, often sparks concerns about whether the threat is real or a false positive. Let’s break it down to understand its nature, potential risks, and the steps to remove it effectively. What is Trojan:Win32/Pomal!rfn? Trojan:Win32/Pomal!rfn is a […]