Gridinsoft Security Lab

AlrustiqApp.exe is a process you can notice in your Task Manager, with anomalously high CPU consumption. It causes the computer to become extremely slow and unresponsive, so using it becomes barely possible. In this article, I will explain what this process is, how it appeared, and how to remove it. What is AlrustiqApp (Alrustiq Service) […]

Nnice ransomware is a malware strain that aims at encrypting user files and demanding ransom payment for their decryption. Detected on January 14, 2025, it presumably targets individuals and small businesses. Upon the encryption, it changes file extensions by adding the .nnice extension to the end, i.e. file.txt becomes file.txt.nnice, picture.jpeg – picture.jpeg.nnice, and so […]

Unsecapp.exe is a process you may notice in the Task Manager, without any reason or purpose. Users report about it popping up for no reason, and in some cases, it consumes a lot of CPU power. In this article, I will explain where this process comes from and what you should do about it. What […]

Contacto virus is a newly identified ransomware strain that encrypts victims’ files and demands a ransom for their decryption. We identified this sample on January 7, 2025, and made a comprehensive analysis of the threat. One hallmark of Contacto is its tendency to modify the system wallpaper, replacing it with a black background displaying a […]

Trojan:JS/FakeUpdate.HNAP!MTB is a detection of Microsoft Defender that flags a malicious program present in the system. It comes from the heuristic detection system, which scans for malware presence by the behavior; this allows for finding the most modern threats, yet can also lead to false positives. The detection itself normally flags a JavaScript file that […]

RDPLocker is a virus that encrypts the files and demands for a ransom payment for their decryption. It was first detected on malware analysis platforms at the very beginning of 2025, and by our observations attacks both individual users and corporations. One of the distinctive features of the malware is the changes to system wallpaper: […]

Softonic is a popular website that offers various software for downloading, in both free and paid versions. With it appearing on top of search results, users may think of it as a legit source of different programs. However, deeper research reveals quite worrying facts. But is Softonic safe to use? Can it spread viruses? Let […]

Audiodg.exe is a Windows process responsible for the correct audio operations in the system. However, like with many system processes, cybercriminals can use its name to hide their malicious programs. In this post, I will explain how to figure out if a file is legitimate, how to fix Audiodg.exe high CPU and remove the impostor […]

The development of generative AI that is capable of creating images gave an expected push for AI deepnude web services. People are eager to remove clothing from someone around them, and that wish was around for quite some time now. But how safe is it to use such services? And is it legal? Let’s find […]

MicrosoftHost.exe is a malicious process that the malware creates to disguise itself as a benign process. Users may witness high CPU load coming from this specific process. Despite its name, it is not associated with Microsoft in any way. In this post, I will explain what this process is and how to remove it. MicrosoftHost.exe […]

AlienWare is a type of ransomware designed to lock your files and hold them hostage until you pay up. It’s sneaky and frustrating, leaving your data scrambled and adding a random 4-symbol extension. The file named cat.jpg becomes cat.jpg.1zy3, document.docx – document.docx.9k4a, and so forth. This makes it easy to spot for the victim, but […]

Trojan:Win32/Pomal!rfn is a detection commonly encountered when downloading programs like emulators or games. This heuristic detection, flagged by Microsoft Defender, frequently raises questions about whether it represents a genuine threat or a false positive. This comprehensive guide explains the nature of Trojan:Win32/Pomal!rfn, analyzes its potential risks, and provides detailed removal instructions to ensure your system […]