home

www.freemp3go.org

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain www.freemp3go.org is registered by proxy through Atomicdomainnames.com LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
Atomicdomainnames.com LLC

Server location:
Quebec, Canada (CA)

Root domain:
freemp3go.org

Whois:
2 freemp3go.org records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.h, Adware.WebPick.Installer (M), Adware (M)
84.62%

Dr.Web
Trojan.Crossrider.36550
23.08%

Emsisoft Anti-Malware
Gen:Variant.Adware.MPlug.16
15.38%

VIPRE Antivirus
Threat.5085665
15.38%

avast!
Win32:Xpaj-gen, Win32:Agent-AYLT [PUP]
15.38%

Lavasoft Ad-Aware
Gen:Variant.Adware.MPlug.16
15.38%

F-Secure
Gen:Variant.Adware.MPlug
15.38%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.MultiPlug
15.38%

AVG
Adware Generic_r.VD
15.38%

Norman
Gen:Variant.Adware.MPlug.16
15.38%

Sophos
PUA 'MultiPlug' (of type Adware)
15.38%

ESET NOD32
Win32/AdWare.MultiPlug.CT application
15.38%

McAfee
Program.MultiPlug-FRO
7.69%

Microsoft Security Essentials
Threat.Undefined
7.69%

The domain www.freemp3go.org has been seen to resolve to the following 3 IP addresses.

167.114.156.214
ns513839.ip-167-114-156.net
January 4, 2016

162.159.242.124
March 14, 2014

162.159.243.124
March 14, 2014

File downloads found at URLs served by www.freemp3go.org.

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Bebaskan By Marsha Milan Londoh&id=UldOZTdFdnZISzQ=  (bebaskan by marsha milan londoh.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Ethiopia - Gorebetamochu Sneak Peak Episode 9 - EBS Sitcom Comedy&id=RXN6cVpqR1Jxdms=  (ethiopia - gorebetamochu sneak peak episode 9 - ebs sitcom comedy.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Maral Maral Nadir Qafarzade Orijinal Remix 2013&id=cFRTRHVzZkdLbnM=  (maral maral nadir qafarzade orijinal remix 2013.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Weld El 15 - Wakef E Tharb &id=SGhLd0p5cmVXeVU=  (weld el 15 - wakef e tharb.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=I wana see My Darling - H20 - Prabhu Deva and Upendra Top Romantic Songs - Kannada Songs&id=RDRJZ0xRMnVTcU0=  (i wana see my darling - h20 - prabhu deva and upendra top romantic songs - kannada songs.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=H20 - Songs Collection - Prabhu Deva - Priyanka - Upendra - Kannada Songs&id=RHZGZ1dYVkpoUE0=  (h20 - songs collection - prabhu deva - priyanka - upendra - kannada songs.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=El Joker - Salma l ?????? - ????&id=QkVCNlJXRm5EeUk=  (el joker - salma l -.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=HERO FLUTE DJ KATAK MIX by (DjSymkhan)&id=LUNXU0k4M0tyQ3M=  (hero flute dj katak mix by (djsymkhan).exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Venga toda la Gente - Puedo dar amor&id=T1Y4MUppanlLd1k=  (venga toda la gente - puedo dar amor.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Mujeres Hombres y Viceversa Vol 5 Disco 1 (2014)&id=b0VSYmFLWjh6T0E=  (mujeres hombres y viceversa vol 5 disco 1.exe)

14 / 68    (PUP)
http://www.freemp3go.org/out.php?t=6&q=Quan H? Trên Thuy?n, Giá Van Cô Ðôi Thu?ng Ngàn&id=MldZUVFybkpSXzg=  (quan h tr n thuy n, gi v n c i th ng ng n.exe)

11 / 68    (PUP)
http://www.freemp3go.org/.../2&id=a3dEZFFHTTAza28=  (h t quan h tr n thuy n - p1 2.exe)

1 / 68      (Adware)
http://www.freemp3go.org/out.php?t=6&q=Grigore Gherman - Grigoras din Bucovina&id=SlNfTXRoMmlZb0E=  (grigore gherman - grigoras din bucovina.exe)

The following 36 files have been seen to comunicate with www.freemp3go.org in live environments.

TCP » 167.114.156.214:3333
webproxy.exe

TCP » 167.114.156.214:80
setup_info.exe

TCP » 167.114.156.214:80
tencent.exe (by Tencent)

TCP » 167.114.156.214:80
rs.exe

TCP » 167.114.156.214:80
loader.exe (Updater by SOFTWARE AGILITY LIMITED)

TCP » 167.114.156.214:80
win.exe (SendStat Module)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80
ProxyFinder.EXE (Proxy Finder Enterprise Edition Application)

TCP » 167.114.156.214:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 167.114.156.214:80
deamon.exe

TCP » 167.114.156.214:80
run_css.exe

TCP » 167.114.156.214:1177
pirater facebook v1.0.exe

TCP » 167.114.156.214:80
Updater.exe (Updater)

TCP » 167.114.156.214:80
internet tv.exe

TCP » 167.114.156.214:80
kingtranslatesetup.exe (KingTranslate by Bandoo Media Inc)

TCP » 167.114.156.214:80
kingtranslatesetup-r0-n-bc.exe (KingTranslate by Koyote-Lab)

TCP » 167.114.156.214:80
ContentFinder.exe (ContentFinder by DigitalSoftware Group)

TCP » 167.114.156.214:80
Updater.exe (Updater)

 
Latest 20 of 41 files

URL:
http://www.freemp3go.org/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.