Virus and Spyware Removal Guides, uninstall instructions

What is mutigue[.]com?

Mutigue[.]com is a rogue website sharing many similarities with apsolutamente.org, mobsuitem.com, success-news.org, and thousands of others. It is designed to load dubious content and/or redirect visitors to different (likely unreliable or malicious) webpages.

Rogue sites are typically entered through redirects caused by untrustworthy pages, intrusive adverts, or installed PUAs (Potentially Unwanted Applications).

What is yUixN ransomware?

yUixN is part of the Dharma family. It blocks access to files by encrypting them and modifies their filenames by appending the victim's ID, retools@eml.cc email address and the ".yUixN" extension to them. For example, it renames "1.jpg" to "1.jpg.id-C279F237.[retools@eml.cc].yUixN", "2.jpg" to "2.jpg.id-C279F237.[retools@eml.cc].yUixN".

Also, yUixN ransomware creates the "FILES ENCRYPTED.txt" file and displays a pop-up window. Both of them are ransom notes that provide victims contact information and some additional details.

What is "Customer Experience Survey"?

"Customer Experience Survey" refers to a group of scams that promise fake rewards for survey completion. They are essentially the same, key differences being the supposed organizer of the giveaway and hoax prizes. These schemes aim to trick users into revealing their personal information (phishing) and/or paying bogus fees.

Deceptive websites are usually accessed via mistyped URLs, or redirects caused by rogue sites, intrusive ads, or installed PUAs (Potentially Unwanted Applications). This software can stealthily infiltrate systems and typically has harmful abilities.

What is mugrikees[.]com site?

Mugrikees[.]com is an untrustworthy page designed to display deceptive content to trick visitors into allowing it to show notifications and open other shady websites. It is similar to thehomesail[.]com, apsolutamente[.]org, haenkyouv[.]space, and hundreds of other pages. Most users end up on websites of this type unintentionally.

What is JamesBond ransomware?

JamesBond is a ransomware-type program. It locks victims' files through encryption and demands payment for the data recovery (decryption). During the encryption process, files are appended with a ".jamesbond2021@tutanotacom_jamesbond" extension. For example, a file named "1.jpg" would appear as "1.jpg.jamesbond2021@tutanotacom_jamesbond".

After this process is complete, ransom notes - "read_it.txt" - are created. Additionally, this ransomware changes the desktop wallpaper.

What is Cracker ransomware?

Belonging to the VoidCrypt ransomware family, Cracker is a malicious program designed to encrypt data (render files inaccessible) and demand payment for the decryption.

Compromised files are renamed according to this pattern: original filename, cyber criminals' email address, unique ID assigned to the victim, and the ".cracker" extension. For example, a file initially named "1.jpg" would appear as something similar to "1.jpg.[rucetsus@gmail.com][MJ-YM7982451360].cracker". Once this process is complete, a ransom note - "Read-this.txt" - is created.

What is thehomesail[.]com page?

Thehomesail[.]com loads deceptive content, asks for permission to display/show notifications, and opens shady pages. Thehomesail[.]com is like apsolutamente[.]org, mobsuitem[.]com, l-o-a-d-i-n-g[.]biz and lots of other pages. Pages of this type are promoted through other dubious pages, shady ads, and (or) potentially unwanted apps (PUAs).

What is ModuleService?

ModuleService is an adware-type app with browser hijacker traits. Furthermore, software products within these categories are also considered to be PUAs (Potentially Unwanted Applications).

What is Wiot ransomware?

Wiot belongs to the Djvu ransomware family. It prevents victims from accessing their files by encrypting them and appends the ".wiot" extension to each encrypted file's filename. For example, Wiot renames "1.jpg" to "1.jpg.wiot", "2.jpg" to "2.jpg.wiot", and so on. It also creates the "_readme.txt" file (a ransom note).

What is MacFly Pro?

MacFly Pro is advertised as a simple and powerful app that that assists Mac maintenance, however, it is likely that this app is promoted using dubious methods. I.e. some users might download and install MacFly Pro inadvertently. These apps are classified as potentially unwanted applications (PUAs).