Virus and Spyware Removal Guides, uninstall instructions

What kind of page is germantopsuper[.]pw?

Germantopsuper[.]pw is a rogue webpage promoting scams and spam browser notifications. Furthermore, it can redirect visitors to other (likely untrustworthy/hazardous) sites.

Users primarily access pages of this kind via redirects caused by websites utilizing rogue advertising networks. Our researchers discovered germantopsuper[.]pw during a routine investigation of sites that use said networks.

What kind of application is HostingValues?

Our research team discovered the HostingValues rogue app while checking out new file submissions to the VirusTotal platform. After investigating this application, we learned that it is advertising-supported software (adware). Additionally, we determined that HostingValues is part of the AdLoad malware family.

What kind of software is TimeNow?

Our researchers found the TimeNow browser extension while investigating deceptive sites. This piece of software is promoted as an easy-access tool to world clocks, i.e., current time in different timezones.

After analyzing TimeNow, we determined that it operates as a browser hijacker. The extension makes alterations to browser settings in order to promote (through redirects) the zsrcunow.com illegitimate search engine.

What kind of email is "McAfee Has Successfully Renewed Your Membership"?

Our inspection of the "McAfee Has Successfully Renewed Your Membership" email revealed that it is spam. The email is presented as a notification from McAfee regarding membership renewal. This spam mail promotes a callback scam by deceiving users into calling a fake helpline to address or cancel the renewal fee.

It must be emphasized that all the information provided by this email is false, and this mail is in no way associated with the McAfee anti-virus or its developer – McAfee Corp.

What kind of application is InitialPlatform?

We found the InitialPlatform adware-type application during a routine inspection of new submissions to the VirusTotal website. This piece of software is part of the AdLoad malware family. It is designed to display ads on various interfaces. InitialPlatform may also have other harmful capabilities.

What kind of app is InterfaceBrowser?

After evaluating InterfaceBrowser, it has been determined that its primary objective is to bombard users with intrusive advertisements. Programs of this type are categorized as adware. It is essential to highlight that applications like InterfaceBrowser are frequently promoted and disseminated through misleading methods, causing users to unwittingly install them.

What kind of application is HardwareRelevancy?

HardwareRelevancy is a rogue application that our researchers discovered while investigating new submissions to the VirusTotal website. Our examination revealed that HardwareRelevancy is advertising-supported software (adware) belonging to the AdLoad malware family.

What kind of email is "Password Was Compromised Through A Legitimate Website"?

After analyzing the "Password Was Compromised Through A Legitimate Website" email, we determined that it is spam. This mail is a sextortion scam. It falsely claims that the recipient's device was infected with malware, which was then used to gain access to the microphone and camera.

Unlike in typical sextortion scams, this email does not state that sexually explicit content depicting the recipient was recorded. Rather, it implies that that is the case yet leaves room for interpretation to expand the pool of victims.

It must be stressed that all these claims are fake – hence, this mail poses no threat to recipients.

What is "Change Of Your Banking Details"?

After performing a review, it has been concluded that the intent of this email is to trick recipients into opening a malicious attachment. Cybercriminals behind this email use the attached file to distribute a remote administration trojan (RAT) named Agent Tesla. Typically, RATs can be used for multiple malicious purposes.

What is AltocumulusFloccus?

While analyzing a suspicious installer obtained from an untrustworthy website, we came across the AltocumulusFloccus browser extension. Our investigation revealed that this extension is malign in nature, capable of enabling the "Managed by your organization" feature in the Chrome browser, collecting diverse data, and controlling specific browser elements.