Virus and Spyware Removal Guides, uninstall instructions

What is ProgressionLegion?

ProgressionLegion is a rogue app that our researchers found while inspecting new submissions to VirusTotal. After analyzing this piece of software, we determined that it operates as adware and belongs to the AdLoad malware family.

What kind of page is push-detectors[.]com?

Push-detectors[.]com is an untrustworthy website that displays deceptive content to trick visitors into agreeing to receive notifications. Moreover, it redirects to other websites of this kind. Our team has discovered push-detectors[.]com while examining pages that use rogue advertising networks.

What kind of page is tacklingallas[.]com?

Tacklingallas[.]com is a rogue page that our researchers discovered while inspecting dubious websites. It operates by pushing browser notification spam and redirecting visitors to different (likely unreliable/malicious) sites. Most users typically enter webpages of this kind through redirects caused by sites using rogue advertising networks.

What kind of application is SampleLight?

SampleLight is an adware-type application designed to generate intrusive advertisements. Like most apps of this type, SampleLight is distributed using shady methods. Our malware researchers have discovered SampleLight adware while inspecting deceptive pages suggesting that visitors must update the Adobe Flash Player.

What kind of page is nerybelfaste[.]xyz?

Nerybelfaste[.]xyz is a website designed to trick visitors into allowing it to show notifications. We have discovered it while analyzing pages that use rogue advertising networks (e.g., illegal movie streaming pages, torrent sites). Additionally, nerybelfaste[.]xyz redirects visitors to other shady websites.

What is FortSearch?

FortSearch is a piece of rogue software. After analyzing it, we determined that this extension operates as a browser hijacker. FortSearch makes alterations to browser settings in order to promote (by causing redirects to) the fortsearch.xyz fake search engine.

What kind of malware is WanaCray2023+?

WanaCray2023+ is ransomware that belongs to the Xorist ransomware family. We have discovered this variant while examining malware samples submitted to the VirusTotal website. It was found that WanaCray2023+ encrypts files and appends the ".WanaCray2023+" extension to their filenames.

Also, WanaCray2023+ changes the desktop wallpaper, displays a pop-up window and creates the "HOW TO DECRYPT FILES.txt" file (both contain a ransom note). An example of how WanaCray2023+ renames files: it changes "1.jpg" to "1.jpg.WanaCray2023+", "2.png" to "2.png.WanaCray2023+", and so forth.

What kind of application is Live-Secure?

Live-Secure is a browser hijacker that our team has discovered while examining questionable web pages. After installing this application, we found out that it hijacks a web browser by changing some of its settings to live-secure.xyz - it promotes a fake search engine.

What kind of page is news-jivuka[.]cc?

News-jivuka[.]cc is a rogue site designed to promote browser notification spam and redirect visitors to other (likely untrustworthy/malicious) webpages. Our research team discovered this page while inspecting websites using rogue advertising networks. Most users enter news-jivuka[.]cc and similar sites via redirects caused by webpages employing such advertising networks.

What is StreamTopSearch?

StreamTopSearch is a rogue browser extension. After analyzing it, our researchers determined that it operates as a browser hijacker. StreamTopSearch modifies browser settings to promote the streamtopsearch.com fake search engine.