Virus and Spyware Removal Guides, uninstall instructions

What kind of software is Tally Tab?

While inspecting untrustworthy websites, our research team discovered the Tally Tab browser extension. It is endorsed as a calculator widget for browsers. However, after analyzing Tally Tab, we determined that it is a browser hijacker. This extension modifies browsers to generate redirects.

What kind of website is celeb-trends-blog[.]com?

While examining celeb-trends-blog[.]com, we noticed that this page displays deceptive messages to trick visitors into allowing it to show notifications. We also learned that celeb-trends-blog[.]com redirects visitors to other untrustworthy websites. Our team encountered celeb-trends-blog[.]com while inspecting sites associated with rogue advertising networks.

What kind of malware is RedEnergy Stealer?

RedEnergy is the name of an information stealer that employs a fake update campaign to target multiple industry sectors. This malicious software has the capability to extract information from different web browsers, allowing sensitive data to be stolen. Additionally, it incorporates various modules to facilitate ransomware activities.

Since RedEnergy possesses the unique ability to function as both a stealer and ransomware, it is categorized as Stealer-as-a-Ransomware.

What kind of application is MachineDesktop?

MachineDesktop is a rogue app that we discovered while investigating new submissions to the VirusTotal site. After inspecting this application, we determined that it is advertising-supported software (adware). Additionally, we learned that MachineDesktop belongs to the AdLoad malware family.

What kind of malware is TriangleDB?

TriangleDB is a spyware-type program. It is designed to extract/record and exfiltrate vulnerable data from infected iPhone devices.

TriangleDB has been observed being injected into devices by the Triangulation backdoor. This malware campaign is sophisticated; the infection is triggered without user interaction (i.e., zero-click exploit), and traces of compromise are deleted. Triangulation and, by extension, TriangleDB have been around since as early as 2019 and are still active as of 2023.

What kind of malware is Triangulation?

Triangulation is the name of malware targeting iOS devices. It is part of a highly sophisticated campaign. Triangulation serves as a backdoor – a program that opens a "backdoor" for further infections. The malware can gather basic device/user data and download/install additional malicious components, including the TriangleDB spyware.

What Triangulation lacks in persistence-ensuring mechanisms, it compensates with infiltration methods requiring no user interaction (i.e., zero-click exploit) and its ability to remove traces of its presence.

Triangulation malware has been around since at least as early as 2019, and it is still active at the time of writing.

What kind of page is ooumoughtcall[.]com?

During our investigation of ooumoughtcall[.]com, we discovered that it is a deceptive website that presents a misleading message to entice visitors into consenting to receive notifications. Furthermore, ooumoughtcall[.]com can download a potentially harmful file. As a result, it is advisable to exercise caution and refrain from placing trust in ooumoughtcall[.]com.

What kind of page is heavypcprotection[.]com?

During our examination of web pages linked to unreliable advertising networks, we encountered heavypcprotection[.]com. Our investigation revealed that heavypcprotection[.]com is an untrustworthy website known for promoting the "McAfee - Your PC is infected with 5 viruses!" scam. Furthermore, heavypcprotection[.]com prompts users to grant permission to display notifications.

What kind of software is Sqoo search engine?

Sqoo search engine is the name of an extension that operates as a browser hijacker. This piece of software makes changes to browser settings in order to generate redirects that go through the sharesceral.uno and sqoo.co fake search engines. Additionally, this browser extension spies on users' browsing activity.

What kind of application is PrimaryRemote?

During a routine inspection of new submissions to VirusTotal, our researchers found the PrimaryRemote application. Our examination revealed that this app operates as advertising-supported software (adware). We also determined that PrimaryRemote is part of the AdLoad malware family.