News, Tips, Security Lab
RegAsm.exe
The RegAsm.exe process is an important component of the Windows operating system associated with the .NET Framework. This utility is…
LabHost Phishing Service Taken Down by Police
Authorities have seized the LabHost phishing service, accused of stealing personal information from victims worldwide. This service specialized in creating…
Virus:Win32/Expiro
Virus:Win32/Expiro is a detection of Microsoft Defender that refers to a malware with backdoor capabilities. It allows attackers to control…
Cisco Talos Warns of a Massive Brute Force Wave
The Cisco Talos security team has released information about a new campaign of attackers targeting mass account compromise. Specialists have…
PC Accelerate
PC Accelerate is a questionable software that is presented as a useful utility designed to optimize your computer’s performance. In…
Trojan:Script/Sabsik.fl.A!ml Analysis & Removal Guide
Trojan:Script/Sabsik.fl.A!ml is a generic detection name used by Microsoft Defender. This name is particularly used to denote stealer malware that also possesses dropper capabilities. It can perform various activities of…
What is Csrss.exe Process? Troubleshooting Guide
Csrss.exe is an important Windows process, which may sometimes consume a lot of system resources and puzzle the users with such behavior. Some people may mistake it for malware and…
ALPHV Ransomware Shut Down, Exit Scam Supposed
On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a…
Backdoor:Win32/Bladabindi!ml Analysis & Removal Guide
Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into and controlling victims’ computers. In which…
PUA:Win32/PCMechanic – PC Mechanic Plus Removal Guide
PUA:Win32/PCMechanic is a detection associated with the potentially unwanted application. This pseudo system optimizer claims that the user’s system has many problems, and then offers to call the “tech support”.…
Trojan:Script/Ulthar.A!ml
Trojan:Script/Ulthar.A!ml is a detection of Windows Defender that identifies as a trojan. It specifically refers to a script-based malicious program. However, it can often turn out to be a false…
rsEngineSvc.exe Process: Reason Core Security Engine Service
RsEngineSvc.exe is an executable file associated with RAV Antivirus, a program developed by ReasonLabs. While being less dangerous than malware, it may be categorized as PUP (Potentially Unwanted Program). This…
Bitfiat Process High CPU – Explained & Removal Guide
Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s…
Misleading:Win32/Lodi
Misleading:Win32/Lodi is Microsoft Defender’s detection of potentially dangerous software. It makes misleading or deceptive claims about files, registry entries, or other items on your computer. Such programs are also known…
Trojan:Script/Phonzy.B!ml
Trojan:Script/Phonzy.B!ml is a generic detection name used by Microsoft Defender. This type of malware is categorized as a loader as it mainly aims at delivering malicious payloads onto infected systems.…
LockBit is Back With New Claims and Victims
The story around LockBit ransomware takedown on February 19 continues to unfold. After almost a week of downtime and silence, the infamous gang is back online on a new Onion…
PUADlManager:Win32/OfferCore
PUADlManager:Win32/OfferCore is a detection of Microsoft Defender related to bundled software, specifically to a piece of code that is used to create the bundle. OfferCore itself is not a specific…