News, Tips, Security Lab
Usermode Font Driver Host (fontdrvhost.exe)
The Usermode Font Driver Host process is an important part of the Windows operating system. It may raise questions among…
PUA:Win32/Vigua.A
PUA:Win32/Vigua.A is a universal detection name used by Microsoft Defender to detect potentially unwanted applications (PUAs). This is often associated…
Re Captha Version Pop-Ups Virus
Recent user complaints show a new wave of malicious Re Captha Version website pop-ups. Such websites aim to force users…
Fujitsu Hacked, Warns of Data Leak Possibility
Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware…
Taskbarify Unwanted Application
Taskbarify is unwanted software that claims it is a tiny little Windows tweaker. However, it also turns the device into…
Misleading:Win32/Lodi
Misleading:Win32/Lodi is Microsoft Defender’s detection of potentially dangerous software. It makes misleading or deceptive claims about files, registry entries, or other items on your computer. Such programs are also known…
Trojan:Script/Phonzy.B!ml
Trojan:Script/Phonzy.B!ml is a generic detection name used by Microsoft Defender. This type of malware is categorized as a loader as it mainly aims at delivering malicious payloads onto infected systems.…
LockBit is Back With New Claims and Victims
The story around LockBit ransomware takedown on February 19 continues to unfold. After almost a week of downtime and silence, the infamous gang is back online on a new Onion…
What is Wave Browser? — How to Uninstall Guide
Wave Browser is an unwanted browser application that tries to look as a yet another Chromium-based project. Although it performs its function, according to users’ reviews, there are more problems…
PUADlManager:Win32/OfferCore
PUADlManager:Win32/OfferCore is a detection of Microsoft Defender related to bundled software, specifically to a piece of code that is used to create the bundle. OfferCore itself is not a specific…
MrB Ransomware (.mrB Files) – Analysis & File Decryption
MrB ransomware is a new Dharma ransomware sample, discovered on February 21, 2024. It is distinctive for applying a complex extension to the encrypted files that ends up with “.mrB”.…
WinRing0x64.sys Process – What is It? Can I Delete?
WinRing0x64.sys is a low-level driver that is used by specific applications. The file is not malicious, though, but malware can abuse this driver. Next, we will find out who uses…
SearchHost High Memory, CPU & GPU Troubleshooting
SearchHost is a process responsible for indexing the Start menu and Explorer search files in Windows 10/11. It allows you to conveniently search for files on your computer by indexing…
LockBit Ransomware Taken Down by NCA
On February 19, 2024, LockBit ransomware was taken down by the UK National Crime Agency in cooperation with a selection of other law enforcement agencies. The banner typical for such…
What is Sihost.exe? Windows 10/11 Guide
Sihost.exe is a crucial background process in Windows 11/10 that governs essential features like the context menu and action center. However, it can sometimes malfunction and disrupt system stability. In…
SYSDF Ransomware (.SYSDF Files) – Malware Analysis & Removal
SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies, aiming at file encryption with further requests for ransom payment…
HxTsr.exe – What is the HxTsr Process? Windows 10/11 Guide
The HxTsr.exe process is a part of the Microsoft Outlook Communications component of the Windows 10/11 operating system. This process is responsible for synchronizing mail, contacts and calendar between Outlook…