» free-softpc.info
Overview
Analysis
IPs Addresses (7)
Downloads (25)
Network (16)
Website Detail

free-softpc.info

Privacy Protection Service INC d/b/a PrivacyProtect.org (Proxy Registrant)

Domain Information

The domain free-softpc.info is registered by proxy through PDR Ltd. d/b/a PublicDomainRegistry.com. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.

Registrant:

Privacy Protection Service INC d/b/a PrivacyProtect.org

Registrar:

PDR Ltd. d/b/a PublicDomainRegistry.com

Server location:

Virginia, United States (US)

ASN:

AS14618 AMAZON-AES - Amazon.com, Inc.,US

Whois:

2 free-softpc.info records

Scanner detections:

Detections (88% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.InstallCore.Internet.Installer.Meta (M), PUP.NewMedia.Installer.installCore.Installer (M), PUP.InstallCore.RES (M), PUP.NewMedia.NMH.installCore.Installer (M), PUP.NewMedia.NMH (M)

90.91%

VIPRE Antivirus

Threat.4150696

9.09%

ESET NOD32

Win32/InstallCore.YL potentially unwanted application, Win32/InstallCore.ACZ potentially unwanted application

9.09%

avast!

Malware-gen

4.55%

K7 AntiVirus

Adware

4.55%

Agnitum Outpost

Trojan.Badur

4.55%

Avira AntiVirus

PUA/InstallCore.A.11

4.55%

herdProtect (fuzzy)

a variant of 5b27b4d9dd59bae1d281075e3da1cf4948402eca

4.55%

Trend Micro House Call

Suspicious_GEN.F47V0403

4.55%

Fortinet FortiGate

Riskware/InstallCore

4.55%

AVG

Adware InstallCore.ARF

4.55%

Malwarebytes

PUP.Optional.InstallCore

4.55%

Comodo Security

Application.Win32.InstallCore.DCS

4.55%

Vba32 AntiVirus

Malware-Cryptor.InstallCore.gen

4.55%

Qihoo 360 Security

HEUR/QVM06.1.Malware.Gen

4.55%

The domain free-softpc.info has been seen to resolve to the following 7 IP addresses.

209.99.40.219

209-99-40-219.fwd.datafoundry.com

September 13, 2016

54.84.143.69

ec2-54-84-143-69.compute-1.amazonaws.com

July 23, 2015

52.7.132.182

ec2-52-7-132-182.compute-1.amazonaws.com

July 23, 2015

107.23.203.23

ec2-107-23-203-23.compute-1.amazonaws.com

July 23, 2015

54.209.232.94

ec2-54-209-232-94.compute-1.amazonaws.com

May 6, 2015

54.84.140.114

ec2-54-84-140-114.compute-1.amazonaws.com

May 6, 2015

54.236.147.238

ec2-54-236-147-238.compute-1.amazonaws.com

May 6, 2015

File downloads found at URLs served by free-softpc.info.

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=ATa4OZawNj7dAw==&osos=VdluDrW3cw==&chnl=b_sa_ch&dr=cHaWck1jIHvJ KLm2r0Wc32lDXiyvENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1VLyDj rcWDK4m7z0RvmiWAkDjIKiWXzi1AZMzOZMFASDPDdlChV8wAZnwAja4ATiy&pd=2323UExJck1EIXDlUmNJ i==&campaignId=9jn0AzaRAjAyAZMq (googlechromesetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=AzM1Nzn3OZL0Nw==&osos=VdluDrW3cw==&dr=cHaWck1wDr7tcmVPDrVyvExthXN3DKV0vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1vTQDj rcWDK4m7z0RvmiWAkDjIKiWXzL0Nz7yAZnFASDPDdlChV8yNZLFNTMdATaz&pd=2323Uml0UKD1 QFj d0=&campaignId=9jn0AjCdOZCdAZMq (pdfreadersetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&dr=cHaWck10 d10 d0tIrWtDSD0 T1z2dVl2Zamc3aW7mcmIT1zvm2yIKiWvmREhKVuvmNjhVVTvmNBDz1l QDjhTnmDZ0wvmNpDZ1fNjadNZnzATiRvm5EIKiWXzcROTaFAZARAZA=&pd=2323UmxJ2dFB d5C KW0ISFj d0=&campaignId=9jn0AjLyNT7yAZMq (tomtom homesetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=Ajg4NzcyAZgzAw==&osos=VdluDrW3cw==&dr=cHaWck1jIHvJ KLm2r0Wc32lDXiyvENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1HiQDj rcWDK4m7z0RvmiWAkDjIKiWXzMdAZMzOZMFASDPDdlChV81OZawAja4ATiy&pd=2323UExJck1EIXDlUmNJ i==&campaignId=9jn0Ajg0AjCdAZMq (googlechromesetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=ATnFNZLRNTCdAM==&osos=VdluDrW3cw==&dr=cHaWck1w 32lcEsJIKF0UXDpDX2lcQD0 T1z2dVl2ZLmc3aW7mcmIT1zvm2yIKiWvmREhKVuvmNjhVVTvmNBDz1l QDjhTnmDZ0wvmNpDZ1fOTLFAjnFAZCRvm5EIKiWXziFNTazAjAwAjA=&pd=2323Um2l2k11cdLu7dWt&campaignId=9jn0AjC1NzgwAZMq (powerpointviewersetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=NzL4AjgRNZn0&osos=VdluDrW3cw==&chnl=b_sa_ch&dr=cHaWck1j 3Vu2rVyUXN0cmlGDS1J mRp mLm2r0Wc32lDXiFvENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1VLyDj rcWDK4m7z0RvmiWAkDjIKiWXz7dAzi1AZnFASDPDdlChV8dNzc3NzM4ATaz&pd=2323Um2yDK50UKtp miu7dWt&campaignId=9jn0AzLwATiwAZMq (counterstrikesetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=Ajg4NzcRNzg0Ni==&osos=VdluDrW3cw==&dr=cHaWck1jIHvJ KLm2r0Wc32lDXiyvENyhKvEvmCWcyDEcmlChSDBDz1w2kDj7z1kLQDj rcWcHim7z0RvmiWAkDjIKiWXz7zNjazOZMFASDPDdlChV83NTiwNzA4ATiy&pd=2323UExJck1EIXDlUmNJ i==&campaignId=9jn0Ajg3OTgdAZMq (googlechromesetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=Ajg4NzcyAZC1Ni==&osos=VdluDrW3cw==&dr=cHaWck1tIKFl73vPDEim2r0Wc32lDXi1vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1VLyDj rcWDK4m7z0RvmiWAkDjIKiWXznyATgFOZMFASDPDdlChV8wATMwAjczAjiy&pd=2323UmRlDdVuDrVyeS1PcHszUmNJ i==&campaignId=9jn0AjgRNzcdAZMq (minecraftsetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=ATAFNjLzOTi4OM==&osos=VdluDrW3cw==&dr=cHaWck1jIHvJ KLm2r0Wc32lDXiyvENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z15LyDj rcWDK4m7z0RvmiWAkDjIKiWXz7zAzAzOZMFASDPDdlChV84OZgyNzA4ATiy&pd=2323UExJck1EIXDlUmNJ i==&campaignId=9jn0AznRNzgyAZMq (googlechromesetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=Ajg4NzcRNZAdAi==&osos=VdluDrW3cw==&dr=cHaWck1tIKFl73vPDEim2r0Wc32lDXi0vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1NKkDj rcWDK4m7z0RvmiWAkDjIKiWXzC4OTi1OZMFASDPDdlChV8yOZAwOTcFATiy&pd=2323UmRlDdVuDrVyeS1PcHszUmNJ i==&campaignId=9jn0AjCwNTiyAZMq (minecraftsetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=AzawAjawNjg3Ag==&osos=VdluDrW3cw==&dr=cHaWck1wDr7tcmVPDrVyvExthXN3DKV0vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1sLQDj rcWDK4m7z0RvmiWAkDjIKiWXzA0Nz7yAZnFASDPDdlChV84NZM4NTMdATaz&pd=2323Uml0UKD1 QFj d0=&campaignId=9jn0Azn0AzCyAZMq (pdfreadersetup.exe)

0 / 68

http://free-softpc.info/?dl=1&pi=Azn1OTARNZi3Ni==&osos=VdluDrW3cw==&chnl=b_sa_ch&dr=cHaWck1C7KVt d4t2rWJ HAm2r0Wc32lDXidvENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z15LyDj rcWDK4m7z0RvmiWAkDjIKiWXzLzNZn1OTMFASDPDdlChV8dNj7zOTcdAZaz&pd=2323Um2J ditIKFz2r5B kFj d0=&campaignId=9jn0AzaFAZ7yAZMq (209243.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=Azc1Ajg1NTg3Ag==&osos=VdluDrW3cw==&chnl=b_sa_ch&dr=cHaWck1wDr7tcmVPDrVyvExthXN3DKV0vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1vTQDj rcWDK4m7z0RvmiWAkDjIKiWXzL0Nz7yAZnFASDPDdlChV80AZAFNTMdATaz&pd=2323Uml0UKD1 QFj d0=&campaignId=9jn0AziFAjcdAZMq (pdfreadersetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=ATM0NT7yOTM0Nw==&osos=VdluDrW3cw==&chnl=&dr=c3aW7mcm2r0Wc32lDXimcHaWck1q7XDPvmCWcyDEcmlChSDBDz1lcyDj7z15LyDj rcWDXAm7z0RvmiWAkDjIKiWXz7RNZidOTMFASDPDdlChV8RNZidAZA3AZaz&pd=2323UmxJ2d4tDdV0UmNJ i==&campaignId=9jn0AziFNjCwAZMq (javaruntimeenvironmentsetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=AzL4ATMdNTayOM==&osos=VdluDrW3cw==&dr=cHaWck1Q HVlc3xP7dtzvExthXN3DKV0NkDzcj1QDyDphXAmD3vpDZ0m rcWDK4m7dAWL0Lm7dREhKVuvmAWASDChTMm7dlChV8RAjL4NzgwOTnm7K2pDZ1fNTcdOTa4ATa0Ag==&pd=2323Um5wcHAt mV3UmNJ i==&campaignId=9jn0AjC3AZiwAZMq (bluestackssetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=Ajg4NzcRNZi1OM==&osos=VdluDrW3cw==&dr=cHaWck1tIKFl73vPDEim2r0Wc32lDXiyvENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1HiQDj rcWDK4m7z0RvmiWAkDjIKiWXzL1OTCyOZMFASDPDdlChV8dOZ70ATa4ATiy&pd=2323UmRlDdVuDrVyeS1PcHszUmNJ i==&campaignId=9jn0AjgwNZC4AZMq (minecraftsetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=ATgdOZiwAZgdNg==&osos=VdluDrW3cw==&chnl=b_sa_sign_win8&dr=cHaWck1jIHvJ KLm2r0Wc32lDXi1vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1vTQDj rcWDK4m7z0RvmiWAkDjIKiWXzLyAzgFOZMFASDPDdlChV8wAzL0AZgzAjiy&pd=2323UExJck1EIXDlUmNJ i==&campaignId=9jn0AzLyAZg0AZMq (googlechromesetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=Azn3AznRNTn0Ag==&osos=VdluDrW3cw==&dr=cHaWck1z7KDPcmCm2r0Wc32lDXimc3aW7mcmIT1zvm2yIKiWvmREhKVuvmNjhLvSvmNBDz1l QDjhTnmDZ0wvmNpDZ1fATc3NZgFAZCRvm5EIKiWXz74OT73AznRAjA=&pd=2323Umluc3xP rRw 3Mu7dWt&campaignId=9jn0AzMyNZiwAZMq (safarisetup.exe)

0 / 68

http://free-softpc.info/?dl=1&pi=ATiwOTazNTA4Ng==&osos=VdluDrW3cw==&chnl=b_sa_ch&dr=c3aW7mcm2r0Wc32lDXimcHaWck1z2rVP SDphXAmD3vpDZ0m rcWDK4m7dAWL0Lm7dREhKVuvmAWASDChTMm7dlChV83AZ7dNjCwOTnm7K2pDZ1fOZM4ATidNzMyAw==&pd=2323UmxJ2d4t7XswcyFj d0=&campaignId=9jn0AzAdATAdAZMq (steamsetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=AjM1OZM1AZiwOM==&osos=VdluDrW3cw==&chnl=b_sa_chwin8&dr=cHaWck13IKFC 32zUK1J2mllUK1PIdVyvExthXN3DKV0vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1vTQDj rcWDK4m7z0RvmiWAkDjIKiWXzMwOZ7dOTMFASDPDdlChV8yOTMdOZ73AZaz&pd=2323UmxJ2d4tcdWm2H2PcmLu7dWt&campaignId=9jn0AziwAjayAZMq (windowsmoviemakersetup.exe)

1 / 68 (Adware)

http://free-softpc.info/?dl=1&pi=ATC3NzAFAjg1NM==&osos=VdluDrW3cw==&chnl=b_sa_sign_win8&dr=cHaWck1Q HVlc3xP7dtzvExthXN3DKV0NkDzcj1QDyDphXAmD3vpDZ0m rcWDK4m7dAWSL4m7dREhKVuvmAWASDChTMm7dlChV8zNjL4NzgwOTnm7K2pDZ1fOZiwAji4ATa0Ag==&pd=2323Um5wcHAt mV3UmNJ i==&campaignId=9jn0AzLzAjL0AZMq (bluestackssetup.exe)

0 / 68

http://free-softpc.info/?dl=1&pi=ATi4OTM3Nji3NM==&osos=VdluDrW3cw==&chnl=b_sa_ch&dr=cHaWck1w 3sj 3vuUXxp KLm2r0Wc32lDXimc3aW7mcmIT1zvm2yIKiWvmREhKVuvmNjhLDvvmNBDz1l QDjhTnmDZ0wvmNpDZ1fNTczNjC4AZCRvm5EIKiWXzcwNZCzNTAyNZa=&pd=2323Um2JDd8t2XsB d5CUmNJ i==&campaignId=9jn0AzL0NZMdAZMq (popcorn timesetup.exe-setup.website)

7 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=ATn4ATCFAZMdNM==&osos=VdluDrW3cw==&chnl=b_sa_chwin8&dr=cHaWck13IKFC 32zUK1J2mllUK1PIdVyvExthXN3DKV0vENyhKvEvmCWcyDEcmlChSDBDz1l QDj7z1VLyDj rcWDK4m7z0RvmiWAkDjIKiWXzMROZ7dOTMFASDPDdlChV8dAZAdOT73AZaz&pd=2323UmxJ2d4tcdWm2H2PcmLu7dWt&campaignId=9jn0AzA0NZi0AZMq (windowsmoviemakersetup.exe)

1 / 68 (PUP)

http://free-softpc.info/?dl=1&pipi=Ajg4NzcRNzg0Ni==&osos=VdluDrW3cw==&dr=cHaWck1z7KDPcmCm2r0Wc32lDXimc3aW7mcmIT1zvm2yIKiWvmREhKVuvmNjhVVTvmNBDz1l QDjhTnmDZ0wvmNpDZ1fOZLyNTgyATiRvm5EIKiWXzARAzcFAjg0OZa=&pd=2323UENJDEit2XsB d5CUmNJ i==&campaignId=9jn0Aj7dATLyAZMq (safarisetup.exe)

9 / 68 (PUP)

http://free-softpc.info/?dl=1&pi=Ajg4NzcRNzg0Ni==&osos=VdluDrW3cw==&dr=cHaWck1w 32lcEsJIKF0UXDpDX2lcQD0 T1z2dVl2Zamc3aW7mcmIT1zvm2yIKiWvmREhKVuvmNjhVVTvmNBDz1l QDjhTnmDZ0wvmNpDZ1fOTCzNZA4AZCRvm5EIKiWXzA1NZnRNTgRNZa=&pd=2323Um2l2k11cdLu7dWt&campaignId=9jn0AjgwAzn4AZMq (powerpointviewersetup.exe)

The following 16 files have been seen to comunicate with free-softpc.info in live environments.

TCP » 209.99.40.219:80

DownloadInjectionSQL.exe

TCP » 209.99.40.219:80

UnLoad.exe

TCP » 209.99.40.219:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.219:80

UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.219:80

minecraft.exe (Minecraft Launcher)

TCP » 209.99.40.219:80

Minecraft.exe (Minecraft Launcher)

TCP » 209.99.40.219:443

UCBrowser.exe (UC Browser by UCWeb)

TCP » 209.99.40.219:80

DeleteWebkitCookie.exe

TCP » 209.99.40.219:80

online-guardian-v2.0.9.exe

TCP » 209.99.40.219:80

instatime.exe

TCP » 209.99.40.219:80

onlineguardian-v2.exe

TCP » 209.99.40.219:80

InstallerOrion.exe

TCP » 209.99.40.219:80

ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 209.99.40.219:80

InstallMoney.exe

TCP » 54.84.143.69:80

WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

TCP » 54.84.143.69:80

notifier64.exe (Notifications)

TCP » 54.84.143.69:80

ContentFinder.exe (ContentFinder by ContentFinder Company)

URL:

http://free-softpc.info/

Title:

“File-Opener”

Network:

Amazon Web Services (AWS), running an EC2 instance

Web server:

nginx/1.4.7

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.