cdn2.pchelpsoft.com

PC HelpSoft Labs Inc

Domain Information

The domain cdn2.pchelpsoft.com registered by PC HelpSoft Labs Inc was initially registered in March of 2010 through GODADDY.COM, LLC. Currently this domain has been known to host various forms of malware. The hosted servers are located in New York City, New York within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Tuesday, March 30, 2010

Expires date:
Thursday, March 30, 2017

Updated date:
Thursday, March 31, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Malware distribution  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.SmartPCSolutions.O, Optional.PCHelpSoft.PCHelpSoftLabs.Installer.Meta (L), PUP.PC Utilities.Installer, PUP.PC Utilities.SmartPCSolutions.Installer (M), Optional.PCHelpSoft.Installer.Meta (L), Optional.PCHelpSoft (L)
76.09%

ESET NOD32
Win32/SpeedingUpMyPC (variant), Win32/AdWare.SpeedingUpMyPC (variant), Win32/Adware.SpeedingUpMyPC.AO (variant)
26.09%

Dr.Web
Program.Unwanted.54, Program.Unwanted.193, Threat.Undefined, Program.Unwanted.719, Program.Unwanted.975
17.39%

Baidu Antivirus
Win32.SpeedingUpMyPC, Adware.Win32.SpeedingUpMyPC
13.04%

Fortinet FortiGate
Riskware/SpeedingUpMyPC
13.04%

Trend Micro House Call
TROJ_FAKEALERT.BMH, Suspicious_GEN.F47V0125, Suspicious_GEN.F47V0216, Suspicious_GEN.F47V0612
10.87%

Avira AntiVirus
Adware/SpdUpMyPC.2013680, Adware/SpdUpMyPC.1721832, Adware/SpdUpMyPC.1704496, ADWARE/SpdUpMyPC.1931552, ADWARE/SpdUpMyPC.1931552.1
10.87%

Bkav FE
W32.HfsAdware
10.87%

Comodo Security
UnclassifiedMalware, ApplicUnwnt
8.70%

Agnitum Outpost
Riskware.Unwanted, PUA.SpeedingUpMyPC
8.70%

McAfee
Artemis!9B8B7BA964EB, Artemis!B9F8D4834440, Artemis!8C396AEA8751
6.52%

K7 Gateway Antivirus
Dialer , Adware
6.52%

McAfee Web Gateway
Artemis
6.52%

K7 AntiVirus
Adware
4.35%

Rising Antivirus
PE:Trojan.Win32.Generic.18F5184B!418715723, PE:Trojan.Win32.Generic.18F60388!418775944
4.35%

The domain cdn2.pchelpsoft.com has been seen to resolve to the following 358 IP addresses.

server-54-230-193-21.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-227.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-208.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-191.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-155.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-111.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-43.iad53.r.cloudfront.net
August 31, 2016

server-54-230-193-37.iad53.r.cloudfront.net
August 31, 2016

server-52-84-125-45.iad16.r.cloudfront.net
August 27, 2016

server-52-84-125-183.iad16.r.cloudfront.net
August 27, 2016

server-52-84-125-145.iad16.r.cloudfront.net
August 25, 2016

server-52-84-125-208.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-190.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-187.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-126.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-103.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-98.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-94.iad16.r.cloudfront.net
August 23, 2016

server-52-84-125-34.iad16.r.cloudfront.net
August 23, 2016

server-52-85-131-176.iad53.r.cloudfront.net
July 18, 2016

server-52-85-131-43.iad53.r.cloudfront.net
July 18, 2016

server-52-85-131-20.iad53.r.cloudfront.net
July 18, 2016

server-52-85-131-13.iad53.r.cloudfront.net
July 18, 2016

server-52-85-131-242.iad53.r.cloudfront.net
July 18, 2016

server-52-85-131-185.iad53.r.cloudfront.net
July 18, 2016

server-52-84-125-33.iad16.r.cloudfront.net
July 7, 2016

server-52-84-125-23.iad16.r.cloudfront.net
July 7, 2016

server-52-84-125-238.iad16.r.cloudfront.net
July 7, 2016

server-52-84-125-153.iad16.r.cloudfront.net
July 7, 2016

server-52-84-125-142.iad16.r.cloudfront.net
July 7, 2016

 
Showing 30 of 358 IP Addresses

File downloads found at URLs served by cdn2.pchelpsoft.com.

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../enhanced_uninstaller_3.exe  (a5a67680ed5719a5d2574944189214c9)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../Driver_Updater_4009.exe  (493e5262893c38665d38d4abaadf4bc8)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-5000.exe  (70be86a448101078a0e31f4c74e8a277)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4181.exe  (0ddf08f8c5ce690f74f7ed99927cd9c9)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4176.exe  (f9d8b78e321d2eba6517d392807dae5b)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../Driver_Updater_4013.exe  (af9b333a5a2bb2e58ac6816a66825310)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4184.exe  (079d2866083f05bf1e27f411fc093260)

1 / 68      (Malware)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4180.exe  (c5e6a8e257250eb0150af083709df9f5)

0 / 68

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4175.exe  (2e66cbb86c91e917acd3b512f7556609)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4179.exe  (45a4aac6a0940182ef8708238176375d)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4169.exe  (52976d6f4f866e8cad5d55c2659a589f)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4173.exe  (b7342ac70fa70c12b6aa58b42e22501e)

5 / 68      (PUP)
http://cdn2.pchelpsoft.com/.../pc-cleaner-347.exe  (5a338e6f05d0d77522245954a2da606d)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4159.exe  (f2d80095eb804eafc81d2c825295c61b)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../Driver_Updater_4014.exe  (4e8a8406f8120a90ba09d8a5b7b28183)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4171.exe  (b71a943827c0a633fc548e013573d33f)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4172.exe  (76b467f47792c076b8df7d8ae03409c4)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4168.exe  (5cccb9858643d95c452cb44553461174)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4157.exe  (51d52471976df15e7041b66200c66c5f)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4160.exe  (88229e1cc6287ecedba96f07c68e2847)

0 / 68
http://cdn2.pchelpsoft.com/.../pc-cleaner-411.exe  (3085b739cab97a75b844acd2f3577967)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4143.exe  (99939253c06de7fd61b98f82275711ee)

1 / 68      (PUP)
http://cdn2.pchelpsoft.com/.../hardware-helper-128.exe  (af7b7c8b823042c64773d9c76406d7ce)

1 / 68

0 / 68
http://cdn2.pchelpsoft.com/.../photo-recovery-win.exe  (111cb6c961119ada451379cb04e35d4c)

5 / 68      (PUP)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4120.exe  (f738ab4da088435eadd31d820a2ac864)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4142.exe  (31445a6c1dba0749244e1ec36d13fd41)

1 / 68      (Malware)
http://cdn2.pchelpsoft.com/.../pc-cleaner-4150.exe  (bf5cb9b3c3fa3b4b5a7dc4ca2ca32ac7)

 
Latest 30 of 93 download URLs

The following 223 files have been seen to comunicate with cdn2.pchelpsoft.com in live environments.

 
Latest 20 of 440 files

URL:
http://cdn2.pchelpsoft.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3