Gridinsoft Security Lab

Trojan:Win64/RustyStealer.DSK!MTB is a sophisticated malware designed to infiltrate 64-bit Windows systems, primarily focusing on stealing sensitive information such as login credentials, financial data, and personal details. It operates silently, making it hard to detect without specialized security software, and can cause noticeable system slowdowns or unexpected pop-ups. In this post, I will explain how to […]

TrojanProxy:Win32/Acapaladat.B is a type of malware that hides in free, unauthorized VPN applications, turning infected computers into proxy servers for cybercriminals. This allows attackers to mask their identities while conducting illegal activities online, such as distributing more malware or launching attacks. In this post, I’ll go into more detail about what it is and how […]

OneStart is a rogue program that is presented as a Chromium-based browser with AI features, such as a ChatGPT widget and a desktop toolbar, aiming to streamline access to various online tools. It is in fact a rather controversial application, with many sources classifying it as a Potentially Unwanted Program (PUP) due to how it’s […]

EpiStart or EpiBrowser is a Chromium-based web browser that is often installed without the user’s explicit consent. After installation, it passes all search queries through a chain of dubious pages, then delivers results by a different search engine. In this post, I will explain how did this browser appear and how to remove it for […]

The release of DeepSeek AI chatbot gave a push for an enormous number of DeepSeek scams that trick users in a variety of shady activities. Some of them just aim at charging money for services that are free by design, others try collecting users’ personal information or even infect them with malware. In this article, […]

“Windows Defender Security Center” is a scam message that comes from a fake website. This fraud is built on the inexperience and trust of Internet users. Now I will tell you how it works and how not to become a victim of it. Windows Defender Security Center Scam Overview “Windows Defender Security Center” is a […]

Jupiter Airdrop scam is an alleged crypto-airdrop campaign that promises free crypto tokens, yet in return only empties users’ crypto wallets. Parasiting on the name of a legit and real cryptocurrency, this scam exploits hastily made decisions and a rush for quick profit. In this article, I describe how this scam operates, and explain to […]

Sync.clearnview.com is a website that users can see in a number of alerts from antivirus programs. Simultaneously, it may appear during the normal browsing activity, and display unwanted and unpredicted results. Its presence in any form is a marker of malicious activity, and in this article, I will explain how to remove it and prevent […]

AlrustiqApp.exe is a process you can notice in your Task Manager, with anomalously high CPU consumption. It causes the computer to become extremely slow and unresponsive, so using it becomes barely possible. In this article, I will explain what this process is, how it appeared, and how to remove it. What is AlrustiqApp (Alrustiq Service) […]

Nnice ransomware is a malware strain that aims at encrypting user files and demanding ransom payment for their decryption. Detected on January 14, 2025, it presumably targets individuals and small businesses. Upon the encryption, it changes file extensions by adding the .nnice extension to the end, i.e. file.txt becomes file.txt.nnice, picture.jpeg – picture.jpeg.nnice, and so […]

Unsecapp.exe is a process you may notice in the Task Manager, without any reason or purpose. Users report about it popping up for no reason, and in some cases, it consumes a lot of CPU power. In this article, I will explain where this process comes from and what you should do about it. What […]

Contacto virus is a newly identified ransomware strain that encrypts victims’ files and demands a ransom for their decryption. We identified this sample on January 7, 2025, and made a comprehensive analysis of the threat. One hallmark of Contacto is its tendency to modify the system wallpaper, replacing it with a black background displaying a […]