home

www.idg.pl

Domain Information

Server location:
Mazowieckie, Poland (PL)

ASN:
AS25443 IDGPL-AS International Data Group Poland S.A.

Root domain:
idg.pl

Scanner detections:
Detections  (68% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/PCWorldPLoader (variant), Win32/PCWorldPLoader.A potentially unwanted (variant)
62.50%

Dr.Web
DLOADER.Trojan
50.00%

Sophos
Generic PUA PF, Mal/Generic-L, Sus/Delp-C, Generic PUA MG (PUA), Generic PUA JC (PUA)
50.00%

Reason Heuristics
PUP.InternationalDataGroupPolandSA, PUP.InternationalDataGroupPolandSA (M), Threat.Win.Reputation.IMP
50.00%

McAfee
Artemis!40F2D6191BEA, Artemis!00EEB303D1A5, Artemis!AD626257096D, Artemis!B4BFEB988E7C, Artemis!B9457D5AF226, Artemis!C700F1D47785
43.75%

avast!
Win32:SaliCode, Win32:PUP-gen [PUP], Win32:Malware-gen, Win32:Trojan-gen
43.75%

Baidu Antivirus
Trojan.Win32.PCWorldPLoader, Trojan.Win32.Agent, PUA.Win32.PCWorldPLoader
37.50%

Rising Antivirus
PE:Win32.KUKU.kt!1591113, PE:Malware.Generic(Thunder)!1.A1C4 [F]
37.50%

K7 AntiVirus
Trojan , Virus , Riskware
31.25%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4721115, Elex Installer
31.25%

IKARUS anti.virus
Trojan.SuspectCRC, AdWare.Gen2, Win32.SuspectCrc
31.25%

Comodo Security
TrojWare.Win32.TrojanDownloader.banload.ek3
31.25%

Trend Micro House Call
TROJ_GEN.R0CBOH0A614, PE_SALITY.RL
25.00%

Norman
Sality.ZHB, Suspicious_Gen4.EGQBE
25.00%

AhnLab V3 Security
Win32/Kashu.E, Downloader/Win32.Genome
25.00%

The domain www.idg.pl has been seen to resolve to the following IP address.

194.69.207.145
itbusiness.com.pl
March 27, 2014

File downloads found at URLs served by www.idg.pl.

5 / 68      (Malware)
http://www.idg.pl/ftp/downloader/.../23177.html  (downloader_25954_pc.exe)

10 / 68    (Malware)
http://www.idg.pl/ftp/downloader/.../23763.html  (kaspersky.rectordecryptor_idg_downloader_109537_pc.exe)

12 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../1458.html  (universal.simlock.remover_idg_downloader_7264_pc.exe)

5 / 68      (Malware)
http://www.idg.pl/ftp/downloader/.../29152.html  (downloader_25954_pc.exe)

10 / 68    (Malware)
http://www.idg.pl/ftp/downloader/.../9171.html  (kaspersky.rectordecryptor_idg_downloader_109537_pc.exe)

5 / 68      (Adware)
http://www.idg.pl/ftp/downloader/.../325.html  (mozilla.firefox.portable_idg_downloader_43307_pc.exe)

12 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../811.html  (universal.simlock.remover_idg_downloader_7264_pc.exe)

12 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../13153.html  (universal.simlock.remover_idg_downloader_7264_pc.exe)

2 / 68      (inconclusive)
http://www.idg.pl/ftp/downloader/.../29900.html  (downloader_27463_pc.exe)

13 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../13588.html  (fsecure.bagleaz.removal.tool_pcworld_downloader_3021_pc.exe)

12 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../10051.html  (universal.simlock.remover_idg_downloader_7264_pc.exe)

8 / 68      (PUP)
http://www.idg.pl/ftp/downloader/.../32747.html  (wbtexpress.free_idg_downloader_12630_pc.exe)

1 / 68      (Malware)
http://www.idg.pl/ftp/downloader/.../14127.html  (freestudio_idg_downloader_40103_pc.exe)

2 / 68      (inconclusive)
http://www.idg.pl/ftp/downloader/.../28121.html  (opera_idg_downloader_32329_pc.exe)

10 / 68    (Malware)
http://www.idg.pl/ftp/downloader/.../12699.html  (kaspersky.rectordecryptor_idg_downloader_109537_pc.exe)

13 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../835.html  (fsecure.bagleaz.removal.tool_pcworld_downloader_3021_pc.exe)

10 / 68    (Malware)
http://www.idg.pl/ftp/downloader/.../841.html  (kaspersky.rectordecryptor_idg_downloader_109537_pc.exe)

12 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../25220.html  (universal.simlock.remover_idg_downloader_7264_pc.exe)

13 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../2661.html  (wise.care.365_idg_downloader_61666_pc.exe)

1 / 68      (Malware)
http://www.idg.pl/ftp/downloader/.../1658.html  (mozilla.firefox_idg_downloader_22156_pc.exe)

5 / 68      (Adware)
http://www.idg.pl/ftp/downloader/.../18827.html  (croc.2_idg_downloader_483_gry.exe)

2 / 68      (inconclusive)
http://www.idg.pl/ftp/downloader/.../31082.html  (downloader_27463_pc.exe)

13 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../17053.html  (wise.care.365_idg_downloader_61666_pc.exe)

13 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../30172.html  (wise.care.365_idg_downloader_61666_pc.exe)

12 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../106977.html  (universal.simlock.remover_idg_downloader_7264_pc.exe)

7 / 68      (Adware)
http://www.idg.pl/ftp/downloader/.../219.html  (profesor.henry.business.english_idg_downloader_14121_pc.exe)

3 / 68      (inconclusive)
http://www.idg.pl/ftp/downloader/.../30755.html  (downloader_31213_pc.exe)

5 / 68      (Malware)
http://www.idg.pl/ftp/downloader/.../27525.html  (downloader_25954_pc.exe)

13 / 68    (Adware)
http://www.idg.pl/ftp/downloader/.../11721.html  (fsecure.bagleaz.removal.tool_pcworld_downloader_3021_pc.exe)

0 / 68
http://www.idg.pl/mirrors/mozilla/thunderbird/releases/11.0.1/win32/.../Thunderbird Setup 11.0.1.exe  (7ab7c286cb92dd302cf37e5ec2d55122)

 
Latest 30 of 64 download URLs

The following file have been seen to comunicate with www.idg.pl in live environments.

TCP » 194.69.207.145:443
browser.exe (Browser)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.