Gridinsoft Security Lab

RDPLocker is a virus that encrypts the files and demands for a ransom payment for their decryption. It was first detected on malware analysis platforms at the very beginning of 2025, and by our observations attacks both individual users and corporations. One of the distinctive features of the malware is the changes to system wallpaper: […]

Softonic is a popular website that offers various software for downloading, in both free and paid versions. With it appearing on top of search results, users may think of it as a legit source of different programs. However, deeper research reveals quite worrying facts. But is Softonic safe to use? Can it spread viruses? Let […]

Audiodg.exe is a Windows process responsible for the correct audio operations in the system. However, like with many system processes, cybercriminals can use its name to hide their malicious programs. In this post, I will explain how to figure out if a file is legitimate, how to fix Audiodg.exe high CPU and remove the impostor […]

The development of generative AI that is capable of creating images gave an expected push for AI deepnude web services. People are eager to remove clothing from someone around them, and that wish was around for quite some time now. But how safe is it to use such services? And is it legal? Let’s find […]

MicrosoftHost.exe is a malicious process that the malware creates to disguise itself as a benign process. Users may witness high CPU load coming from this specific process. Despite its name, it is not associated with Microsoft in any way. In this post, I will explain what this process is and how to remove it. MicrosoftHost.exe […]

AlienWare is a type of ransomware designed to lock your files and hold them hostage until you pay up. It’s sneaky and frustrating, leaving your data scrambled and adding a random 4-symbol extension. The file named cat.jpg becomes cat.jpg.1zy3, document.docx – document.docx.9k4a, and so forth. This makes it easy to spot for the victim, but […]

Trojan:Win32/Pomal!rfn is a detection commonly encountered when downloading programs like emulators or games. This heuristic detection, flagged by Microsoft Defender, frequently raises questions about whether it represents a genuine threat or a false positive. This comprehensive guide explains the nature of Trojan:Win32/Pomal!rfn, analyzes its potential risks, and provides detailed removal instructions to ensure your system […]

Novalock is a sophisticated form of malware designed to encrypt your files and then demand payment for their release. It belongs to the Globeimposter virus family, and shares a lot of functionality with other samples of the same group. The malware leaves a clear marker: files are appended with a .novalock extension. This attack is […]

Locklocklock is a ransomware virus designed to lock your files and demand payment to restore access. Victims can identify encrypted files by the addition of a .locklocklock extension to every affected one. This malware operates under the control of a sophisticated network of cybercriminals who develop, distribute, and profit from it. In every folder containing […]

Trojan:Win32/Patched refers to a detection for modified versions of legitimate programs. Often such modifications are made to add malicious functionality to a program. Trojan:Win32/Patched Overview Trojan:Win32/Patched is a Microsoft Defender detection used to detect programs that have been modified by hackers to perform malicious actions. Unlike traditional Trojans that disguise themselves as useful software, this […]

SUPERLOCK is a ransomware infection that aims at blocking access to the files and demanding a payment for getting them back. Users can distinguish the encrypted files by them containing an additional .superlock extension, and also a lengthy ID code. As the result, the file originally named document.docx starts looking like document.docx.80E6332B3C8DN14401.superlock This malware is […]

Brad Garlinghouse Crypto Giveaway is a scam campaign that masquerades as a cryptocurrency giveaway. It falsely claimed to be organized by Ripple Foundation with Brad Garlinghouse, Ripple’s CEO, as the face of the event. It uses a sense of urgency and the allure of receiving free XRP tokens to deceive victims into clicking on fraudulent […]