ids.sourceforgecdn.com

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain ids.sourceforgecdn.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Remove Malware from ids.sourceforgecdn.com - Powered by Reason Core Security
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Thursday, July 25, 2013

Expires date:
Monday, July 25, 2016

Updated date:
Sunday, June 28, 2015

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.ironSource, PUP.Optional.Installer, Win32.Generic.Installer, Threat.Installer.ICForge, Win32.Generic.Installer.Meta, PUP.installCore.Installer, Win32.Generic.ICForge.Installer.Meta, PUP.installCore.ExtendedSetup.Installer (M), PUP.installCore.MaxSetup.Installer (M), PUP.installCore.WorldSetup.Installer (M)
94.00%

VIPRE Antivirus
InstallCore.b, Threat.4788237, Threat.4150696, Threat.4786018
40.00%

Sophos
Install Core, Install Core Click run software, PUA 'Install Core Click run software', PUA 'Install Core', PUA.Install Core Click run software
40.00%

Dr.Web
Trojan.Packed.24524, Trojan.MulDrop5.10078, Trojan.InstallCore.37
38.00%

G Data
Win32.Application.InstallCore, Win32.Application.InstallCore.CZ, Trojan.Dropper.RSA
34.00%

Vba32 AntiVirus
Downware.InstallCore, Malware-Cryptor.InstallCore.gen
34.00%

K7 Gateway Antivirus
Unwanted-Program , Adware , Trojan
32.00%

K7 AntiVirus
Unwanted-Program , Trojan
32.00%

ESET NOD32
Win32/InstallCore.OY potentially unwanted application, Win32/InstallCore.BY potentially unwanted application, Win32/Injected.F trojan
32.00%

F-Prot
W32/A-dbe1ec51, W32/A-2d45491d, W32/InstallCore.AG.gen
30.00%

Avira AntiVirus
ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen7, Adware/InstallCore.OK.1, Adware/InstallCore.A.114, ADWARE/InstallCore.Gen9
30.00%

AVG
MalSign.Generic, Adware InstallCore.Gen, Win.Threat.Medium, Adware InstallCore.LA
30.00%

NANO AntiVirus
Riskware.Win32.InstallCore.dcnbnm, Riskware.Win32.InstallCore.dfgori, Riskware.Win32.InstallCore.dmiyjv, Riskware.Win32.InstallCore.dfgovk
30.00%

herdProtect (fuzzy)
a variant of ce3260f2e73ea20e4db38bd52a331782fb7fdcea, a variant of 78a2c1122fa96673f91e7bf9f8172d0dae7228d9, a variant of 22940ecc0c590fbffdb53dc50dd49c7895fd8652
26.00%

Bkav FE
W32.HfsAdware
24.00%

The domain ids.sourceforgecdn.com has been seen to resolve to the following 8 IP addresses.

unallocated.barefruit.co.uk
May 5, 2015

ec2-50-112-109-91.us-west-2.compute.amazonaws.com
June 26, 2014

ec2-50-112-245-153.us-west-2.compute.amazonaws.com
June 26, 2014

search.dnsassist.verizon.net
March 14, 2014

ec2-54-244-250-146.us-west-2.compute.amazonaws.com
February 14, 2014

ec2-54-245-236-241.us-west-2.compute.amazonaws.com
February 8, 2014

ec2-46-137-170-100.eu-west-1.compute.amazonaws.com
January 26, 2014

ec2-54-245-88-227.us-west-2.compute.amazonaws.com
December 26, 2013

File downloads found at URLs served by ids.sourceforgecdn.com.

1 / 68      (PUP)
http://ids.sourceforgecdn.com/  (filezilla_3.8.1_win32-setup.exe)

The following 183 files have been seen to comunicate with ids.sourceforgecdn.com in live environments.

 
Latest 20 of 183 files

Facebook:
Shares:  2

Statistics are for the previous month.

Remove Malware from ids.sourceforgecdn.com - Powered by Reason Core Security