home

updatesoft.org

Ivan Zaycev

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GoDaddy.com, LLC (R91-LROR)

Server location:
Arizona, United States (US)

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Whois:
2 updatesoft.org records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InformationTechnologySystems.R, PUP.InformationTechnologySystems.Installer (M), PUP.installCore.InformationTechnologySystems.Installer (M), PUP.installCore.Informat.Installer (M), PUP.installCore.OOOProfi.Installer (M), PUP.installCore (M), PUP.ProfitServis (M)
100.00%

Dr.Web
Trojan.Packed.28409
11.11%

VIPRE Antivirus
Threat.4150696
11.11%

avast!
Installer-AS [PUP]
11.11%

ESET NOD32
Win32/InstallCore.QH potentially unwanted application, Win32/InstallCore.UE potentially unwanted application, Win32/InstallCore.UQ potentially unwanted application
11.11%

Kaspersky
not-a-virus:AdWare.Win32.InstallCore
11.11%

nProtect
Trojan-Clicker/W32.InstallCore.781048
11.11%

Malwarebytes
Trojan.Downloader
11.11%

K7 AntiVirus
Trojan
11.11%

NANO AntiVirus
Riskware.Text.Drop.deoyhb
11.11%

Total Defense
Win32/Tnega.XfHcLeB
11.11%

Comodo Security
Application.Win32.Installcore.QH
11.11%

Zillya! Antivirus
Adware.InstallCore.Win32.241
11.11%

Avira AntiVirus
Adware/InstallCore.QH.3
11.11%

AVG
Generic
11.11%

The domain updatesoft.org has been seen to resolve to the following 2 IP addresses.

50.63.202.37
ip-50-63-202-37.ip.secureserver.net
January 19, 2015

207.244.85.68
October 9, 2014

File downloads found at URLs served by updatesoft.org.

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=8507419251409191013&pubid=172546&c=da45c19910b63f2697f4253bc667e971&v_id=49d1b8e0d3291c82e89cf6479de921bf  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=13097443511409170208&pubid=289736&c=da45c19910b63f2697f4253bc667e971&v_id=d8b8e67f287c5befbc18af51b3883ca3  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=28893583841409175812&pubid=199526&c=da45c19910b63f2697f4253bc667e971&v_id=49ca9b3087a67f157b8eef41d00bbebf  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=34974480521409160386&pubid=121299&c=da45c19910b63f2697f4253bc667e971&v_id=9b030e1d732d0edbbec9599efff23a00  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=8476317841409188417&pubid=298135&c=da45c19910b63f2697f4253bc667e971&v_id=311adc20bbe357b8a6969f5c158ed462  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=15708456891409160852&pubid=114010&c=da45c19910b63f2697f4253bc667e971&v_id=eb2dbfe3e84aef145682b46bd3fed0e1  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=14543997311409164895&pubid=50726&c=da45c19910b63f2697f4253bc667e971&v_id=7ad8d715c840b3acee83327854d7e828  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=18040020891409186845&pubid=157132&c=da45c19910b63f2697f4253bc667e971&v_id=d9b95122bce86f1e635a38aa97712588  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=31641220821409167516&pubid=187035&c=da45c19910b63f2697f4253bc667e971&v_id=58d5d935560bf40fe471d7c91020b138  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=8457269001409163965&pubid=289736&c=da45c19910b63f2697f4253bc667e971&v_id=f4e1ff24b1714d4fc8f6339d4f4c040a  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=28893552351409193446&pubid=199526&c=da45c19910b63f2697f4253bc667e971&v_id=1ad1d73d58d0877f9306bec2ae9062f5  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=18158235441409182182&pubid=125512&c=da45c19910b63f2697f4253bc667e971&v_id=310d8618c00423305776c79c2a63f3e7  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=4148243441409193831&pubid=113240&c=da45c19910b63f2697f4253bc667e971&v_id=694d33208223e01f5522853adf12adcb  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=11338483961409196796&pubid=172546&c=da45c19910b63f2697f4253bc667e971&v_id=bd1dfacb60b3fc7f9f5eea1957376405  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=8393878231409188979&pubid=44011&c=da45c19910b63f2697f4253bc667e971&v_id=a81e66d683bd3c8db3ff2ad74cbbf479  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=u57da0e6652dac76c4d0e29c0a5&pubid=187023&c=da45c19910b63f2697f4253bc667e971&v_id=02199424c4c5ee726893391e0d277ca7  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=29061999521409179044&pubid=249772&c=da45c19910b63f2697f4253bc667e971&v_id=6c13f72e224cdaff856a4479917ba36e  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=15448205951409164831&pubid=84933&c=da45c19910b63f2697f4253bc667e971&v_id=7ad8d715c840b3acee83327854d7e828  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=13094710331409164558&pubid=156874&c=da45c19910b63f2697f4253bc667e971&v_id=12118786ef9c575ba1f249b4bab069b8  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=u865303535368008697f98dfd31&pubid=241875&c=da45c19910b63f2697f4253bc667e971&v_id=4bea75431a312fae9077353fc3c283de  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=4056559061409188611&pubid=74870&c=da45c19910b63f2697f4253bc667e971&v_id=311adc20bbe357b8a6969f5c158ed462  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=12452226131409178584&pubid=159151&c=da45c19910b63f2697f4253bc667e971&v_id=51ab9522bc8aec32f85ea59f89dc22a0  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=15220365891409173200&pubid=158409&c=da45c19910b63f2697f4253bc667e971&v_id=e4bc4631846e2d78cfe4e9324e76ebbf  (adobe_flash_setup.exe)

1 / 68      (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=10409128761409178434&pubid=241934&c=da45c19910b63f2697f4253bc667e971&v_id=9ffed010a1bf7924702cf6ecc49a516b  (adobe_flash_setup.exe)

18 / 68    (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=16189914811409191086&pubid=244427&c=da45c19910b63f2697f4253bc667e971&v_id=aa9b5b8f50616df735868f7a7d6fc668  (adobe_flash_setup.exe)

19 / 68    (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=29047390531409160753&pubid=264348&c=da45c19910b63f2697f4253bc667e971&v_id=eb2dbfe3e84aef145682b46bd3fed0e1  (adobe_flash_setup.exe)

16 / 68    (Adware)
http://updatesoft.org/download.php?site_id=260&app_id=4&lp_id=371&v=ico&dist_id=125&channel=acpopf100&src=ac&cid=7854085531409172344&pubid=175182&c=da45c19910b63f2697f4253bc667e971&v_id=bc757092fd2f1d561732d6d890e04550  (adobe_flash_setup.exe)

The following 52 files have been seen to comunicate with updatesoft.org in live environments.

TCP » 50.63.202.37:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.37:80
cinemaxme 1.1-codedownloader.exe (CinemaxMe 1.1 by SBG)

TCP » 50.63.202.37:80
7eee43c9-a15d-470e-a476-663b4882a258-7.exe (videos+ MediaPlayer+ by enter)

TCP » 50.63.202.37:80
ukgjf.exe (videos+ MediaPlayer+ by enter)

TCP » 50.63.202.37:80
afe89f50-18bb-41ed-8628-02e89ebb2ba9-11.exe (CinemaxMe 1.1 by SBG)

TCP » 50.63.202.37:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 50.63.202.37:80
8072a446-0201-4ff7-98a3-ad5df9c6ba67-11.exe (iWebar)

TCP » 50.63.202.37:80
totalplus01-3.1v18.09-codedownloader.exe (TotalPlus01-3.1V18.09 by HDPlus-01TotalV18.09)

TCP » 50.63.202.37:80
zkc.exe (videos+ MediaPlayer+ by enter)

TCP » 50.63.202.37:80
videos+ mediaplayer+-codedownloader.exe (videos+ MediaPlayer+ by enter)

TCP » 50.63.202.37:80
afe89f50-18bb-41ed-8628-02e89ebb2ba9-4.exe (CinemaxMe 1.1 by SBG)

TCP » 50.63.202.37:80
totalplus01-3.1v17.09-codedownloader.exe (TotalPlus01-3.1V17.09 by HDPlus-01TotalV17.09)

TCP » 50.63.202.37:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.37:80
421d9f17-4908-41f7-acd2-1dedfa410be7-5.exe (TheHDvid-Codec V10 by home)

TCP » 50.63.202.37:80
afe89f50-18bb-41ed-8628-02e89ebb2ba9-5.exe (CinemaxMe 1.1 by SBG)

TCP » 50.63.202.37:80
iwebar-codedownloader.exe (iWebar)

TCP » 50.63.202.37:80
3567a708-84f1-4a73-a80d-0765fed5a2d6-5.exe (iWebar)

TCP » 50.63.202.37:80
onlineguardian-v2.exe

TCP » 50.63.202.37:80
8072a446-0201-4ff7-98a3-ad5df9c6ba67-4.exe (iWebar)

TCP » 50.63.202.37:80
3567a708-84f1-4a73-a80d-0765fed5a2d6-11.exe (iWebar)

 
Latest 20 of 52 files

URL:
http://updatesoft.org/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

downloadsoft.co

irfsoft.com

0108online.info

bearshare-project.com

compressionfree.com

d0wnpzivrubajjui.net

downloaddart.com

downownfiles.com

drop1226.info

droveexpert.info

farming2013mods.com

fileanddown.com

freeinstallsetup.com

getafilefast.net

installssource.com

mipcapps.mx

mousetelegraph.info

pagedownload.info

panelfeature.info

pocogather.com

preciousinterface.info

removewindowsspyware.com

rivalchoice.com

sourcemap.info

synergycompile.info

warenetworks.info

wirelesslaptop.info

ytdvideodownloader.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.