home

freedownloadmanager-removal-tool.software.informer.com

Domain Information

Server location:
Texas, United States (US)

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:
informer.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/SecurityStronghold (variant)
100.00%

Reason Heuristics
PUP.Optional.SecurityStronghold.U
100.00%

The domain freedownloadmanager-removal-tool.software.informer.com has been seen to resolve to the following 6 IP addresses.

173.192.1.36
January 23, 2015

74.86.185.148
January 23, 2015

74.86.185.147
January 23, 2015

74.86.185.146
January 23, 2015

173.192.1.38
January 23, 2015

173.192.1.37
January 23, 2015

File downloads found at URLs served by freedownloadmanager-removal-tool.software.informer.com.

2 / 68      (PUP)
http://freedownloadmanager-removal-tool.software.informer.com/.../  (spyhunterremovaltool.exe)

The following 14 files have been seen to comunicate with freedownloadmanager-removal-tool.software.informer.com in live environments.

TCP » 173.192.1.37:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.148:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.147:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.146:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.38:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.147:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.148:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.148:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.38:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.147:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.38:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 74.86.185.148:80
browser.exe (Browser)

TCP » 173.192.1.37:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.36:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.146:80
browser.exe (Browser)

TCP » 173.192.1.38:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 173.192.1.37:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 74.86.185.146:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 38 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.