Virus and Spyware Removal Guides, uninstall instructions

What kind of malware is Mitu?

Our researchers found the Mitu ransomware during a routine inspection of new submissions to the VirusTotal site. This program is part of the Djvu ransomware family. It is designed to encrypt data and demand ransoms for its decryption.

After we executed a sample of Mitu on our testing system, it encrypted files and appended their titles with a ".mitu" extension. For example, an original filename such as "1.jpg" appeared as "1.jpg.mitu", "2.png" as "2.png.mitu", and so forth for all of the affected files.

Once the encryption process was concluded, Mitu created a ransom note titled "_readme.txt". It must be mentioned that Djvu ransomware infections can be accompanied by data-stealing malware, namely RedLine and Vidar.

What kind of malware is Miza?

Miza is a ransomware-type program that our researchers discovered during a routine inspection of new submissions to VirusTotal. This program is part of the Djvu ransomware family. Malware within the ransomware classification encrypts data and demands payment for its decryption.

After we executed a sample of Miza on our test machine, it encrypted files and appended their filenames with a ".miza" extension. To elaborate, a file originally named "1.jpg" appeared as "1.jpg.miza", "2.png" as "2.png.miza", and so on.

Once this process was completed, a ransom-demanding message – "_readme.txt" – was created. It is pertinent to mention that Djvu infections may arrive alongside the Vidar, RedLine, or other data stealers.

What kind of malware is Miqe?

Our researchers discovered the Miqe ransomware during a routine inspection of new submissions to the VirusTotal website. This malicious program is part of the Djvu ransomware family.

On our test machine, Miqe encrypted files and appended their filenames with a ".miqe" extension. For example, a file initially named "1.jpg" appeared as "1.jpg.miqe", "2.png" as "2.png.miqe", etc. Afterward, Miqe created a ransom note titled "_readme.txt".

It is noteworthy that Djvu ransomware infections commonly include the RedLine, Vidar, or other information-stealing malware.

What kind of page is advmonie[.]com?

Advmonie[.]com is a rogue webpage that operates by promoting browser notification spam and by redirecting users to other (likely dubious/malicious) sites.

Most visitors to this untrustworthy page access it through redirects generated by websites using rogue advertising networks. We discovered advmonie[.]com while examining sites that utilize said networks.

What kind of email is "HelpDesk Mail Delivery Failure"?

Our inspection of the "HelpDesk Mail Delivery Failure" email revealed that it is spam. The letter falsely claims that the recipient's messages failed delivery. The goal of this phishing mail is to lure recipients into disclosing their log-in credentials.

What kind of email is "Inquiry List"?

After inspecting the "Inquiry List" email, we determined that it is spam. The letter attempts to lure recipients into disclosing their email account log-in credentials to an attached phishing file.

What kind of page is adrgyouguide[.]com?

Our researchers discovered the adrgyouguide[.]com rogue page while inspecting suspect websites. It is designed to promote browser notification spam and redirect visitors to other (likely unreliable/harmful) sites. Most visitors enter adrgyouguide[.]com and pages akin to it through redirects caused by websites using rogue advertising networks.

What kind of page is phoathoosurvey[.]space?

Our researchers found the phoathoosurvey[.]space rogue page while inspecting suspect websites. It is designed to endorse deceptive content and browser notification spam. Additionally, this webpage can redirect visitors elsewhere (likely untrustworthy/hazardous sites).

Users typically enter pages like phoathoosurvey[.]space through redirects generated by sites employing rogue advertising networks.

What kind of page is monadvs[.]com?

While investigating suspicious sites, our researchers discovered the monadvs[.]com rogue webpage. It is designed to promote browser notification spam and redirect visitors to other (likely unreliable/hazardous) websites. Most users access pages of this kind via redirects caused by sites using rogue advertising networks.

What kind of application is InputDivision?

Our researchers found the InputDivision application while reviewing new submissions to the VirusTotal website. After examining this piece of software, we discovered that InputDivision is adware belonging to the AdLoad malware family.