home

download.pchealthboost.com

Boost Software, Inc

Domain Information

The domain download.pchealthboost.com registered by Boost Software, Inc was initially registered in June of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter.
Registrar:
GODADDY.COM, LLC

Server location:
Dublin City, Ireland (IE)

Create date:
Wednesday, June 9, 2010

Expires date:
Tuesday, June 9, 2020

Updated date:
Tuesday, June 9, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
pchealthboost.com

Whois:
2 pchealthboost.com records

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

F-Prot
W32/A-42c63c6c, W32/InstallCore.R2.gen
66.67%

Dr.Web
Trojan.Packed.24814, Trojan.MulDrop5.10078, riskware program Program.Unwanted.733, Trojan.Packed.24814, riskware program Program.Unwanted.733, Trojan.MulDrop5.10078
66.67%

ESET NOD32
Win32/InstallCore.BY potentially unwanted application, Win32/InstallCore.BX potentially unwanted application, Win32/InstallCore.FN potentially unwanted application
66.67%

Reason Heuristics
PUP.installCore.Installer.Meta (M), PUP.Optional.Installer.T, Threat.Win.Reputation, Win32.Generic
55.56%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
55.56%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
44.44%

Vba32 AntiVirus
Signed-Riskware.PCHealthBoost
44.44%

G Data
Win32.Application.PCHealthBoost, Trojan.Generic.12892479
33.33%

Total Defense
Win32/InstallCore.A!generic
33.33%

K7 AntiVirus
Unwanted-Program , Adware
33.33%

Emsisoft Anti-Malware
Trojan.Generic.12892479, Gen:Variant.Strictor.103096
33.33%

ESET NOD32
Win32/InstallCore.BY (variant), Win32/InstallCore.FN
22.22%

Malwarebytes
PUP.Optional.InstallCore
22.22%

Avira AntiVirus
PUA/InstallCore.Gen9
22.22%

McAfee
Artemis!79CA2CAA2941
11.11%

The domain download.pchealthboost.com has been seen to resolve to the following 2 IP addresses.

54.72.76.187
ec2-54-72-76-187.eu-west-1.compute.amazonaws.com
May 28, 2014

54.246.197.31
ec2-54-246-197-31.eu-west-1.compute.amazonaws.com
May 28, 2014

File downloads found at URLs served by download.pchealthboost.com.

3 / 68      (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&tid=&tid3=15093&ver=2.3.1.807  (pchealthboost-setup.exe)

5 / 68      (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&chnl=&ver=2.3.1.807  (pchealthboost-setup.exe)

4 / 68      (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&tid=&ver=2.3.1.807  (pchealthboost-setup.exe)

11 / 68    (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&tid=&ver=1  (pchealthboost-setup.exe)

20 / 68    (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&chnl=&ver=2.3.1.807  (pchealthboost-setup.exe)

12 / 68    (inconclusive)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&chnl=&ver=2.3.1.807  (pchealthboost-setup.exe)

9 / 68      (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&tid=&tid3=16350&ver=2.3.1.807  (pchealthboost-setup.exe)

1 / 68      (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&tid=&ver=2.3.1.807  (icreinstall_pchealthboost-setup.exe)

4 / 68      (PUP)
http://download.pchealthboost.com/boost/gcp/.../?dl=1&bst=1&tid=&ver=12.2.15.26  (pchealthboost-setup.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.