Virus and Spyware Removal Guides, uninstall instructions

What is mobilisearch.com (mobility-search.com)?

During our investigation, we discovered that mobilisearch.com is a fake search engine promoted through malicious browser extensions. Typically, users are compelled to utilize such search engines via a technique known as browser hijacking. Trusting mobilisearch.com or applications created to hijack browsers is not advised.

What kind of application is ProcesserCache?

During our examination, we discovered that ProcesserCache is an undesirable application classified as adware. Apps like ProcesserCache are designed to display intrusive advertisements and may also collect user information. Consequently, it's advisable to avoid trusting ProcesserCache and similar applications.

What kind of malware is JerryRansom?

In our evaluation of samples uploaded to Virustotal, we discovered the JerryRansom ransomware, which is based on the Chaos ransomware. JerryRansom encrypts files, changes the desktop wallpaper, crates a ransom note (the "Read_me.txt" file), and appends four random characters to filenames.

For instance, JerryRansom renames a file named "1.jpg" to "1.jpg.bs20", "2.png" to "2.png.csri", and so forth.

What kind of program is Web Ads Filter?

Although Web Ads Filter is marketed as a browser extension for getting rid of offensive advertisements, our examination indicates that it functions as adware. Once added to a web browser and activated, Web Ads Filter inundates users with irritating advertisements that could potentially direct them to untrustworthy pages.

What kind of page is myhotfeed[.]com?

Myhotfeed[.]com is the address of a rogue webpage discovered by our research team during a routine investigation of suspect sites. This website endorses browser notification spam and redirects users to different (likely dubious/malicious) pages.

Most visitors to webpages like myhotfeed[.]com enter them via redirects generated by sites that employ rogue advertising networks.

What kind of application is ChipsOverallKind?

ChipsOverallKind is a rogue application found by our research team during a routine investigation of new file submissions to the VirusTotal platform.

Upon inspection, we determined that this app is adware from the AdLoad malware family. ChipsOverallKind runs intrusive advertisement campaigns and may exhibit other harmful capabilities.

What kind of malware is Wing?

Wing is the name of a ransomware-type program. This malware is designed to encrypt files and demand ransoms for their recovery (decryption).

We have obtained a test sample of this ransomware and executed it on our testing system. The program appended locked files with a ".wing" extension, e.g., a file titled "1.jpg" appeared as "1.jpg.Wingransomware@test.com.Q0ZLQA5KUMLK.wing" afterward. Following the completion of this process, a ransom note named "Readme.txt" was dropped.

Since we investigated a test version of Wing, its extension and note title/contents may differ depending on the attackers operating this ransomware.

It is pertinent to mention that spam emails and posts on hacker forums have been discovered in which Wing's developers are seeking partners (i.e., trying to establish a Ransomware-as-a-Service – RaaS model business).

What kind of malware is AllaKore?

AllaKore is a RAT (Remote Access Trojan). These trojans enable remote access and control over compromised systems. AllaKore was first detected in 2015 as an open-source RAT written in the Delphi programming language, and it possessed rather basic capabilities.

However, since 2021, heavily modified variants of AllaKore have been used in targeted attacks. These campaigns aimed to infiltrate large entities located in Mexico, with gross revenues ranging from 1 to over 100 million USD. Evidence suggests that the threat actors behind these attacks are based in Latin America.

What kind of malware is Joker?

Joker is a malware that targets Android devices. This malicious program is classed as a Remote Access Trojan (RAT). Joker operates by enabling remote access and control over machines. It is also considered to be a banking trojan, as it seeks finance-related information. Joker malware is related to the CopyBara trojan.

What kind of application is StandartPartition?

Upon analysis, it was discovered that the app functions as adware. StandartPartition, upon installation, displays intrusive advertisements to promote questionable content. Furthermore, the app may possess the ability to access and collect personal information. Therefore, it is advisable to avoid using this app.