updatesoftware.checkupdatenow.com
Privacy Protection Service INC d/b/a PrivacyProtect.org (Proxy Registrant)
Domain Information
The domain updatesoftware.checkupdatenow.com is registered by proxy through REGISTRAR OF DOMAIN NAMES REG.RU LLC and was originally registered in January of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrant:
Privacy Protection Service INC d/b/a PrivacyProtect.org
Registrar:
REGISTRAR OF DOMAIN NAMES REG.RU LLC
Server location:
Quebec, Canada (CA)
Create date:
Friday, January 30, 2015
Expires date:
Saturday, January 30, 2016
Updated date:
Thursday, September 17, 2015
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
Threat.installCore.Installer, PUP.installCore.OOOProfitAdverts.Installer (M), PUP.installCore.OOOAdver.Installer (M), PUP.installCore (M)
100.00%
Avira AntiVirus
PUA/InstallCore.A.2387, PUA/InstallCore.IH
40.00%
Dr.Web
Trojan.InstallCore.206, Trojan.InstallCore.508
40.00%
ESET NOD32
Win32/InstallCore.YM potentially unwanted application, Win32/InstallCore.ZC potentially unwanted application
40.00%
K7 AntiVirus
Trojan , Adware
40.00%
AVG
InstallCore, Generic
40.00%
Comodo Security
Application.Win32.InstallCore.DWT
20.00%
herdProtect (fuzzy)
a variant of 5869b72ab510c09b7e2a5482d56cb20bb6e5c486
20.00%
VIPRE Antivirus
Threat.4150696
20.00%
Bkav FE
W32.HfsAdware
20.00%
Vba32 AntiVirus
Malware-Cryptor.InstallCore.gen
20.00%
The domain updatesoftware.checkupdatenow.com has been seen to resolve to the following IP address.
ns513839.ip-167-114-156.net
May 24, 2016
File downloads found at URLs served by updatesoftware.checkupdatenow.com.
The following 36 files have been seen to comunicate with updatesoftware.checkupdatenow.com in live environments.
