Step-by-Step Malware Removal Instructions

Some-Light Adware
Adware

Some-Light Adware

Some-Light is the name of a browser extension that shows unwanted advertisements. Software of this type is called adware. Typically, users download and install adware unintentionally (without knowing that the application displays ads). Our team discovered Some-Light while examining deceptive web p

LockLock (MedusaLocker) Ransomware
Ransomware

LockLock (MedusaLocker) Ransomware

During a routine investigation of new submissions to VirusTotal, our researchers discovered the LockLock ransomware. It is yet another program from the MedusaLocker ransomware family. On our test machine, this malware encrypted files and appended their filenames with a ".locklock" extension. Henc

USPS POP-UP Scam
Phishing/Scam

USPS POP-UP Scam

It is a scam website, a fake USPS page designed to trick visitors into providing personal information. We discovered this site while inspecting other websites that use rogue advertising networks. USPS is a legitimate mail company providing postal service in the United States. It has nothing to do

Blocked (Important) Incoming Messages Email Scam
Phishing/Scam

Blocked (Important) Incoming Messages Email Scam

"Blocked (Important) Incoming Messages" is a spam email, which our inspection revealed to be a phishing scam. This letter attempts to deceive recipients into revealing their email account log-in credentials by claiming that a number of messages have failed to reach their inbox. The email w

OriginLogger Keylogger
Trojan

OriginLogger Keylogger

OriginLogger is the name of a keylogger (keystroke logger) that cybercriminals use to steal sensitive information. It is endorsed as a successor of Agent Tesla. OroginLogger captures keystrokes (records data entered with the keyboard) and includes additional features. Typically, threat actors use

Eebn Ransomware
Ransomware

Eebn Ransomware

Eebn is the name of ransomware that belongs to the ransomware family called Djvu. We discovered it while checking the VirusTotal page for recently submitted malware samples. Eebn encrypts files, appends its extension (".eebn") to filenames, and creates a text file ("_readme.txt") containing a rans

NonLight Adware
Adware

NonLight Adware

Our researchers discovered the NonLight browser extension while inspecting dubious software-promoting websites. While this piece of software promises to enable dark mode for simple design webpages, NonLight operates as adware instead. Adware stands for advertising-supported software. It en

Mix Colors Adware
Adware

Mix Colors Adware

While inspecting deceptive software-endorsing websites, our researchers discovered the Mix Colors rogue browser extension. It is promoted as a tool capable of changing webpage background colors. Our analysis of this extension revealed that it operates as adware instead. Adware stands for a

Maincaptcha.top Ads
Notification Spam

Maincaptcha.top Ads

Maincaptcha[.]top is an untrustworthy website that displays deceptive to trick visitors into agreeing to receive its notifications. Also, it redirects to other pages of this kind (one of them is a scam site). We discovered maincaptcha[.]top while inspecting torrent sites, illegal movie streaming p

GriftHorse Trojan (Android)
Trojan

GriftHorse Trojan (Android)

GriftHorse is the name of a trojan-type malware targeting Android devices. It is designed to infiltrate systems and stealthily subscribe victims to premium-rate mobile services. GriftHorse's campaigns are aggressive and extensive. According to Zimperium's researchers, this malware is active in ov