home

antivirusfrancais.com

BERNEX APLICACIONES SL

Domain Information

The domain antivirusfrancais.com registered by BERNEX APLICACIONES SL was initially registered in June of 2014 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Madrid, Madrid within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Madrid, Spain (ES)

Create date:
Saturday, June 28, 2014

Expires date:
Tuesday, June 28, 2016

Updated date:
Thursday, May 28, 2015

ASN:
AS57286 ASGIGAS GIGAS HOSTING S.L.,ES

Whois:
2 antivirusfrancais.com records

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Trojan.Win32.Generic
66.67%

Trend Micro House Call
Suspicious_GEN.F47V1027, Suspicious_GEN.F47V1024
66.67%

McAfee
Artemis!6EE99A48AA4C, Artemis!B675039A3F3D
66.67%

ESET NOD32
NSIS/Hoax.ArchSMS
66.67%

AVG
Generic
66.67%

Reason Heuristics
PUP.Installer.BERNEXAPLICACIONESSL.DD
66.67%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
33.33%

F-Secure
Application:W32/Generic.70053c248f!Online
33.33%

Malwarebytes
PUP.SmsPay
33.33%

K7 AntiVirus
JokeProgram
33.33%

Sophos
Generic PUA HD
33.33%

Baidu Antivirus
Trojan.NSIS.ArchSMS
33.33%

The domain antivirusfrancais.com has been seen to resolve to the following 3 IP addresses.

185.53.177.20
July 2, 2016

188.165.132.183
188-165-132-183.kimsufi.com
February 2, 2016

146.255.103.93
mail.phpriot.com
May 4, 2015

File downloads found at URLs served by antivirusfrancais.com.

2 / 68      (false positives)
http://antivirusfrancais.com/.../AVAST_ANTIVIRUS_2014_FR_setup.exe  (wrar420.exe)

6 / 68      (Adware)
http://antivirusfrancais.com/.../AVAST_ANTIVIRUS_2014_FR_setup.exe  (6ee99a48aa4c42a9482883640687764d)

10 / 68    (Adware)
http://antivirusfrancais.com/.../telechargeravast.php  (avast_antivirus_2014_fr_setup.exe)

The following 26 files have been seen to comunicate with antivirusfrancais.com in live environments.

TCP » 185.53.177.20:80
fgs-1.1.0.65.crx

TCP » 185.53.177.20:80
fgs-1.1.0.26.crx

TCP » 185.53.177.20:80
fgs-1.1.0.41.crx

TCP » 185.53.177.20:80
fgs-1.1.0.16.crx

TCP » 185.53.177.20:80
fgs-1.1.0.36.crx

TCP » 185.53.177.20:80
fgs-1.0.0.1.crx

TCP » 185.53.177.20:80
fgs-1.0.0.9.crx

TCP » 185.53.177.20:80
fgs-1.1.0.0.crx

TCP » 185.53.177.20:80
fgs-1.1.0.55.crx

TCP » 185.53.177.20:80
fgs-1.1.0.38.crx

TCP » 185.53.177.20:80
fgs-1.1.0.30.crx

TCP » 185.53.177.20:80
fgs-1.1.0.29.crx

TCP » 185.53.177.20:80
fgs-1.1.0.61.crx

TCP » 185.53.177.20:80
fgs-1.1.0.32.crx

TCP » 185.53.177.20:80
smartkeywordsuggest.crx

TCP » 185.53.177.20:80
smartkeywordsuggest.crx

TCP » 185.53.177.20:80
fgs-1.1.0.33.crx

TCP » 185.53.177.20:80
fgs-1.1.0.21.crx

TCP » 185.53.177.20:80
fgs-1.1.0.57.crx

TCP » 185.53.177.20:80
fgs.crx

 
Latest 20 of 26 files

January 1, 2015
www.antivirusfrancais.com

URL:
http://antivirusfrancais.com/

Title:
“Home | Australia VISA ETA”

Web server:
Apache/2.4.7 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)

logiciels-france.com

wizinstall.com

craftofgods.eu

dlhvit.com

downfiles.net

download-205.com

downloads205.com

driverplus.net

drivers-updater.com

esyncsoft.info

fansfile.biz

getmagnosoft.com

go-download.net

hektor.se

iq5download.com

kotf.com

linkriot.com

magnoft.com

magnotiler.com

nowvideo.ch

onlyro.com

ooopsvideo.com

p33r.com

pdfpro.org

repodepo4.com

repodepo5.com

ropedope3.com

skypemoticonscomplete.com

soft-es.net

soft-free-download.com

30 of 37 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.