Gridinsoft Security Lab

Audiodg.exe is a Windows process responsible for the correct audio operations in the system. However, like with many system processes, cybercriminals can use its name to hide their malicious programs. In this post, I will explain how to figure out if a file is legitimate, how to fix Audiodg.exe high CPU and remove the impostor […]

The development of generative AI that is capable of creating images gave an expected push for AI deepnude web services. People are eager to remove clothing from someone around them, and that wish was around for quite some time now. But how safe is it to use such services? And is it legal? Let’s find […]

MicrosoftHost.exe is a malicious process that the malware creates to disguise itself as a benign process. Users may witness high CPU load coming from this specific process. Despite its name, it is not associated with Microsoft in any way. In this post, I will explain what this process is and how to remove it. MicrosoftHost.exe […]

AlienWare is a type of ransomware designed to lock your files and hold them hostage until you pay up. It’s sneaky and frustrating, leaving your data scrambled and adding a random 4-symbol extension. The file named cat.jpg becomes cat.jpg.1zy3, document.docx – document.docx.9k4a, and so forth. This makes it easy to spot for the victim, but […]

Trojan:Win32/Pomal!rfn is a detection commonly encountered when downloading programs like emulators or games. This detection, shown by Microsoft Defender, often sparks concerns about whether the threat is real or a false positive. Let’s break it down to understand its nature, potential risks, and the steps to remove it effectively. What is Trojan:Win32/Pomal!rfn? Trojan:Win32/Pomal!rfn is a […]

Novalock is a sophisticated form of malware designed to encrypt your files and then demand payment for their release. It belongs to the Globeimposter virus family, and shares a lot of functionality with other samples of the same group. The malware leaves a clear marker: files are appended with a .novalock extension. This attack is […]

Locklocklock is a ransomware virus designed to lock your files and demand payment to restore access. Victims can identify encrypted files by the addition of a .locklocklock extension to every affected one. This malware operates under the control of a sophisticated network of cybercriminals who develop, distribute, and profit from it. In every folder containing […]

Trojan:Win32/Patched refers to a detection for modified versions of legitimate programs. Often such modifications are made to add malicious functionality to a program. Trojan:Win32/Patched Overview Trojan:Win32/Patched is a Microsoft Defender detection used to detect programs that have been modified by hackers to perform malicious actions. Unlike traditional Trojans that disguise themselves as useful software, this […]

SUPERLOCK is a ransomware infection that aims at blocking access to the files and demanding a payment for getting them back. Users can distinguish the encrypted files by them containing an additional .superlock extension, and also a lengthy ID code. As the result, the file originally named document.docx starts looking like document.docx.80E6332B3C8DN14401.superlock This malware is […]

Brad Garlinghouse Crypto Giveaway is a scam campaign that masquerades as a cryptocurrency giveaway. It falsely claimed to be organized by Ripple Foundation with Brad Garlinghouse, Ripple’s CEO, as the face of the event. It uses a sense of urgency and the allure of receiving free XRP tokens to deceive victims into clicking on fraudulent […]

Shougnoboassi.net is a website that you may notice appearing in your web browser. It shows a human verification button, and upon interaction redirects the user to a questionable website. In fact, this site is related to malicious activity, and in this post, I will explain how to stop it. What is Shougnoboassi.net? Shougnoboassi.net is a […]

Skyjem.com is a questionable search engine that you may see appearing in the browser for no obvious reason. Its search results are questionable and heavily infused with advertisements and links to shady pages. Here’s a breakdown of what this site is, how it ends up on your system, and what measures you can take to […]