Gridinsoft Security Lab

The Malware world evolves constantly, and it would be reckless to ignore newcomers and their potential. Meduza Stealer appears to be a pretty potent stealer variant with its unique features and marketing model. Additionally, this malware may be considered a firstling of a new malware generation – one which breaks old geolocation filtering rules. What […]

SearchHost is a process responsible for indexing the Start menu and Explorer search files in Windows 10/11. It allows you to conveniently search for files on your computer by indexing their contents. However, this process can be spoofed by a coin miner or malware that uses its name to masquerade on your system. How to […]

Over the last four years, the share of script-based attacks of malware offenses worldwide has grown so drastically that it raised alerts among security specialists and ordinary users. In this post, we shall regard script-based malware, assess its strengths and weaknesses, explain how the attacks happen, and suggest measures to maintain security in your workgroup. […]

Program:Win32/Wacapew.C!ml detection refers to programs that have suspicious properties. This can be either a false positive or a detection of a program that has its properties & functions border with ones of a PUA. Let’s look into this and find out what this detection is. What is Win32/Wacapew.C!ml? Program:Win32/Wacapew.C!ml is a heuristic detection designed to […]

PUABundler:Win32/CandyOpen (or OpenCandy) is an unwanted program that acts as a browser hijacker and can download junk apps to your system. Specifically, it points at a thing known as OpenCandy adware, which is known for its indecent behavior. Let’s break it down and see what the PUABundler/Candyopen in a real-world example. What is PUABundler:Win32/CandyOpen? As […]

The RegAsm.exe process is an important component of the Windows operating system associated with the .NET Framework. This utility is designed to register .NET assemblies in the Windows registry, allowing COM clients to call managed applications. Let’s analyze its functionality and see whether malware can abuse it. What is RegAsm.exe? RegAsm.exe (Assembly Registration Tool) is […]

TextInputHost.exe is a legitimate Windows process responsible for text input functionality on your system. This essential component manages input from keyboards, touchscreens, and stylus pens, while also enabling emoji selection and other input features. While generally benign, the process can sometimes cause performance issues or system errors that require troubleshooting. This comprehensive guide explains everything […]

Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out by the high CPU load it creates, making the system much less responsive. Let’s figure out what this process is, and how to get rid of it.

RsEngineSvc.exe is an executable file associated with RAV Antivirus, a program developed by ReasonLabs. While being less dangerous than malware, it may be categorized as PUP (Potentially Unwanted Program). This kind of software is usually bundled with other free applications and installed without the user’s knowledge or distributed through deceptive advertising. Is Rsenginesvc.exe Virus? As […]

Users are increasingly encountering malicious links that, when clicked, unleash a different kind of computer destruction. In this case, users must be aware of the appearance of such malware, its associated links, and other potential hazards. This article aims to introduce the concepts of sniffing and spoofing, distinguish between them, explore protective measures against these […]

Csrss.exe is an important Windows process, which may sometimes consume a lot of system resources and puzzle the users with such behavior. Some people may mistake it for trojan virus and try to terminate it forcefully. So, is csrss.exe dangerous? And how to fix the issues it creates? Let’s find out. What is Csrss.exe? Csrss.exe […]

The Usermode Font Driver Host process is an important part of the Windows operating system. It may raise questions among users due to its high consumption of resources such as CPU and memory. Let’s find out what this process is and whether you can do without it. What is Usermode Font Driver Host? The Usermode […]