home

www.antivirusfrancais.com

BERNEX APLICACIONES SL

Domain Information

The domain www.antivirusfrancais.com registered by BERNEX APLICACIONES SL was initially registered in June of 2014 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Madrid, Madrid within Spain which resides on the RIPE Network Coordination Centre network.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Madrid, Spain (ES)

Create date:
Saturday, June 28, 2014

Expires date:
Tuesday, June 28, 2016

Updated date:
Thursday, May 28, 2015

ASN:
AS57286 ASGIGAS GIGAS HOSTING S.L.,ES

Root domain:
antivirusfrancais.com

Whois:
2 antivirusfrancais.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.BERNEXAPLICACIONESSL.DD, PUP.BERNEXAPLICACIONES.Installer (M), Threat.Win.Reputation.IMP
100.00%

AVG
Generic
57.14%

Malwarebytes
PUP.SmsPay, PUP.Optional.Installcore
42.86%

K7 AntiVirus
JokeProgram , Unwanted-Program
42.86%

VIPRE Antivirus
Trojan.Win32.Generic
28.57%

Trend Micro House Call
Suspicious_GEN.F47V1027, Suspicious_GEN.F47V1024
28.57%

McAfee
Artemis!6EE99A48AA4C, Artemis!B675039A3F3D
28.57%

ESET NOD32
NSIS/Hoax.ArchSMS
28.57%

Sophos
Generic PUA HD
14.29%

Baidu Antivirus
Trojan.NSIS.ArchSMS
14.29%

ESET NOD32
NSIS/Hoax.ArchSMS.W application
14.29%

The domain www.antivirusfrancais.com has been seen to resolve to the following 3 IP addresses.

185.53.177.20
July 2, 2016

188.165.132.183
188-165-132-183.kimsufi.com
February 13, 2016

146.255.103.93
mail.phpriot.com
May 4, 2015

File downloads found at URLs served by www.antivirusfrancais.com.

1 / 68      (Adware)
http://www.antivirusfrancais.com/.../telechargerpandacloud.php  (panda_cloud_2014_en_setup.exe)

4 / 68      (Adware)
http://www.antivirusfrancais.com/.../telechargeravast.php  (avast_antivirus_2014_en_setup.exe)

1 / 68      (Adware)
http://www.antivirusfrancais.com/.../telechargeravast.php  (avast_antivirus_setup.exe)

2 / 68      (Malware)
http://www.antivirusfrancais.com/.../telechargeravast.php  (avast_antivirus_2014_fr_setup.exe)

4 / 68      (Adware)
http://www.antivirusfrancais.com/.../telechargeravira.php  (avira_antivirus_2014_en_setup.exe)

10 / 68    (Adware)
http://www.antivirusfrancais.com/.../telechargeravast.php  (avast_antivirus_2014_fr_setup.exe)

6 / 68      (Adware)
http://www.antivirusfrancais.com/.../telechargeravast.php  (avast_antivirus_2014_fr_setup.exe)

The following 26 files have been seen to comunicate with www.antivirusfrancais.com in live environments.

TCP » 185.53.177.20:80
fgs-1.1.0.65.crx

TCP » 185.53.177.20:80
fgs-1.1.0.26.crx

TCP » 185.53.177.20:80
fgs-1.1.0.41.crx

TCP » 185.53.177.20:80
fgs-1.1.0.16.crx

TCP » 185.53.177.20:80
fgs-1.1.0.36.crx

TCP » 185.53.177.20:80
fgs-1.0.0.1.crx

TCP » 185.53.177.20:80
fgs-1.0.0.9.crx

TCP » 185.53.177.20:80
fgs-1.1.0.0.crx

TCP » 185.53.177.20:80
fgs-1.1.0.55.crx

TCP » 185.53.177.20:80
fgs-1.1.0.38.crx

TCP » 185.53.177.20:80
fgs-1.1.0.30.crx

TCP » 185.53.177.20:80
fgs-1.1.0.29.crx

TCP » 185.53.177.20:80
fgs-1.1.0.61.crx

TCP » 185.53.177.20:80
fgs-1.1.0.32.crx

TCP » 185.53.177.20:80
smartkeywordsuggest.crx

TCP » 185.53.177.20:80
smartkeywordsuggest.crx

TCP » 185.53.177.20:80
fgs-1.1.0.33.crx

TCP » 185.53.177.20:80
fgs-1.1.0.21.crx

TCP » 185.53.177.20:80
fgs-1.1.0.57.crx

TCP » 185.53.177.20:80
fgs.crx

 
Latest 20 of 26 files

URL:
http://www.antivirusfrancais.com/

Title:
“Home | Australia VISA ETA”

Web server:
Apache/2.4.7 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)

logiciels-france.com

wizinstall.com

craftofgods.eu

dlhvit.com

downfiles.net

download-205.com

downloads205.com

driverplus.net

drivers-updater.com

esyncsoft.info

fansfile.biz

getmagnosoft.com

go-download.net

hektor.se

iq5download.com

kotf.com

linkriot.com

magnoft.com

magnotiler.com

nowvideo.ch

onlyro.com

ooopsvideo.com

p33r.com

pdfpro.org

repodepo4.com

repodepo5.com

ropedope3.com

skypemoticonscomplete.com

soft-es.net

soft-free-download.com

30 of 37 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.