Win.MxResIcn.Heur.Gen is a detection name used by the MaxSecure anti-virus program. There has recently been an influx of posts on various forums about MaxSecure detecting legitimate programs (e.g., Brave browser) as Win.MxResIcn.Heur.Gen. The detection is a heuristic, meaning MaxSecure considers the detected item to be behaving in a way that resembles malware. Heuristic detections do not necessarily mean malware. Users seem to…
Trojan:Win32/Znyonm is a detection name used to identify backdoor malware like Pikabot, Remcos RAT, and GuLoader. Backdoor malware is a type of infection that stays dormant on a device until it’s commanded to download another malicious payload. If no security software is installed on a device, these trojans can stay unnoticed as they do not exhibit any obvious signs of…
The “Urgent Security Alert” email is part of a phishing campaign that aims to steal users’ email login credentials. The email is disguised as a notification from the email service provider, supposedly informing users that their passwords will expire and their accounts will be restricted and even permanently deactivated. The email asks that users take immediate steps to maintain the…
The “Human Resource Internal Memo” email is part of a phishing campaign that tries to steal users’ email login credentials. The email is disguised as a notification email from the recipients’ workplace HR Department, and informs them about the 2025 Annual Salary compensation Report. Supposedly, recipients can check the report by clicking on the provided link. If users were to click…
Mzre ransomware is a file-encrypting malware that takes files hostage and demands a payment for a decryptor. It comes from the Djvu/STOP malware family, and can be differentiated from its other versions by the .mzre extension added to encrypted files. The ransomware targets personal files, so you can expect all your photos, documents, etc., to have the .mzre extension added…
The “Mailbox Usage Warning” email is part of a phishing campaign that targets users’ email login credentials. The email is disguised as a notification from the email service provider, informing users that their inboxes are almost full. The email does not contain a lot of information, but it implies that recipients need to free up space to continue receiving and sending…
ocsrchrdr.com is a browser hijacker-promoted website that may be set as your homepage. If you find ocsrchrdr.com set as your homepage, your computer has a browser hijacker installed. Shopping Helper+ is one of the hijackers promoting ocsrchrdr.com, but others may do it as well. It’s not a serious infection that will cause damage to your computer, but it’s also not something you…
Cdaz ransomware, or .cdaz virus, is a file-encrypting malware from the Djvu/STOP ransomware family. It’s a dangerous infection that takes all personal files on the infected device hostage and demands payment for their recovery. The ransomware can be identified by the .cdaz extension added to encrypted files. You will not be able to open files with that extension unless you…