home

www.softologicsd.com

Felix Leshno

Domain Information

The domain www.softologicsd.com registered by Felix Leshno was initially registered in October of 2012 through Moniker Online Services. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Toronto, Ontario within Canada which resides on the Managed Network Systems Inc. network.
Registrar:
Moniker Online Services

Server location:
Ontario, Canada (CA)

Create date:
Tuesday, October 30, 2012

Expires date:
Friday, October 30, 2015

Updated date:
Sunday, October 19, 2014

ASN:
AS13727 ND-CA-ASN - NEXT DIMENSION INC,CA

Root domain:
softologicsd.com

Whois:
4 softologicsd.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.Performersoft, PUP.Performersoft.WeCodeGood.Bundler (M), PUP.Performersoft.MediaTechSoft.Bundler (M), PUP.Performersoft.MediaTec.Bundler (M), PUP.Performersoft.WeCodeGo.Bundler (M), PUP.Performersoft.Bundler (M), PUP.Performersoft.YellowSo.Bundler (M), Threat.Win.Reputation.IMP, PUP.Performersoft (M)
100.00%

Dr.Web
Adware.Downware.1492, Adware.Downware.1425, Adware.Downware.1173, Adware.Downware.1295
12.00%

VIPRE Antivirus
InstallBrain
12.00%

Avira AntiVirus
APPL/InstallBrain.Gen, Adware/InstallBrain.H, APPL/InstallBrain.A
12.00%

Sophos
InstallBrain
12.00%

Microsoft Security Essentials
TrojanDownloader:Win32/Brantall.D, TrojanDownloader:Win32/Brantall.A, TrojanDownloader:Win32/Brantall.B
12.00%

Bitdefender
Application.Bundler.InstallBrain.A, Gen:Variant.Adware.Kazy.284891, Adware.InstallBrain.B
12.00%

SUPERAntiSpyware
PUP.InstallBrain/Variant, Adware.InstallBrain/Variant, Trojan.Agent/Gen-Downware
12.00%

Trend Micro
TROJ_GEN.USCK11ACN, TROJ_GEN.F0C2C00KR14, TROJ_SPNV.03KI13
12.00%

AhnLab V3 Security
Adware/Win32.BrainInst, Adware/Win32.InstallBrain
12.00%

Quick Heal
TrojanDownloader.Brantall.A5, TrojanDownloader.Brantall.b
10.00%

McAfee
Artemis!C70F08B87440, Artemis!2EAFBB2F9A53, RDN/Generic PUP.x!bpg
10.00%

Malwarebytes
Adware.InstallBrain, PUP.Optional.InstallBrain
10.00%

NANO AntiVirus
Riskware.Win32.BrainInst.crchst, Trojan.Win32.Downware.cqioyi, Riskware.Win32.BrainInst.cqvijx, Trojan.Win32.Downware.cqmhdj
10.00%

Total Defense
Win32/Tnega.NDWdWG, Win32/Tnega.ICFFLHD, Win32/Tnega.BRRKCQ
10.00%

The domain www.softologicsd.com has been seen to resolve to the following 12 IP addresses.

185.53.177.7
October 12, 2015

216.8.179.24
ptr-216-8-179-24.ptr.nextdimensioninc.com
February 16, 2015

216.8.179.23
ptr-216-8-179-23.ptr.nextdimensioninc.com
August 1, 2014

174.37.181.30
174.37.181.30-static.reverse.softlayer.com
April 11, 2014

173.192.190.226
173.192.190.226-static.reverse.softlayer.com
April 11, 2014

50.97.49.242
50.97.49.242-static.reverse.softlayer.com
April 11, 2014

50.97.44.130
50.97.44.130-static.reverse.softlayer.com
April 11, 2014

50.97.49.243
50.97.49.243-static.reverse.softlayer.com
January 24, 2014

50.97.44.131
50.97.44.131-static.reverse.softlayer.com
January 24, 2014

174.37.181.31
174.37.181.31-static.reverse.softlayer.com
January 24, 2014

173.192.190.227
173.192.190.227-static.reverse.softlayer.com
January 24, 2014

50.23.163.176
July 23, 2013

File downloads found at URLs served by www.softologicsd.com.

1 / 68      (Adware)
http://www.softologicsd.com/.../gkb0y?exename=77ZipSetup&cid=3867&lang=en  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$heMneZlscAdktx0Y?exename=PdfSpeedSetup&cid=3868&lang=pt-br&gclid=CLDykZ_FvrkCFWJp7AodZC0AJw  (pdfspeedsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$lewgf5lscAcpgRAS?exename=77ZipSetup&cid=3867&lang=en&gclid=COy08tjFsboCFYVc3godiHUAow  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$p MHbplscAcpvSMs?exename=77ZipSetup&cid=3867&lang=en&gclid=CM3op7DlhboCFSdo7AodnAQAbg  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/download/.../?exename=77ZipSetup&cid=3867&lang=pt&gclid=CLbykL2cg7oCFQqe4Aodyg4Amw  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$q8MESZlscAcpsg04?exename=77ZipSetup&cid=3867&lang=en&gclid=CL-dqOmclLoCFWZk7AodBSUAnQ  (77zipsetup.exe)

1 / 68      (Malware)
http://www.softologicsd.com/.../gkb0y?exename=77ZipSetup&cid=3867&lang=pt  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$utoafZlscAcpsAM7?exename=77ZipSetup&cid=3867&lang=en&gclid=CN_WlauurroCFTJp7AodklgAaQ  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$oOwHfZlscAcptgkd?exename=77ZipSetup&cid=3867&lang=en&gclid=CLnkkbmIkroCFYSd4AodryYA1Q  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/download/.../RZlscAcpqwYo?exename=77ZipSetup&cid=3867&lang=en&gclid=CLC946OukLoCFU-Z4AodaREAwQ  (77zipsetup.exe)

1 / 68      (PUP)
http://www.softologicsd.com/.../gkxcm?exename=Wall2GoSetup&cid=233&clickid=0018530572901733764&clickid=0018530572901733764&orig_client=BIDVERDISPLAY-1232951  (wall2gosetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$usQdY5lscAcpiwER?exename=77ZipSetup&cid=3867&lang=pt&gclid=CNm37ISbqboCFcid4AodhkMAIA  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$h8EDVJlscAcpqyMb?exename=77ZipSetup&cid=3867&lang=pt&gclid=CIupjs6KgroCFZKk4Aod5FUA8A  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/download/.../4ceZlscAdklDYJ?exename=PdfSpeedSetup&cid=3868&lang=en&gclid=CPTq2K_WgLoCFfMdtAodARAACg  (pdfspeedsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$jdcEQJlscAcprSoY?exename=77ZipSetup&cid=3867&lang=pt&gclid=CODs1vL2pboCFYqi4AodtE0AJg  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$ut0kWJlscAcpsAIz?exename=77ZipSetup&cid=3867&lang=en&gclid=CIeujejUg7oCFc6e4Aod-SMA7Q  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../gkxcm?exename=Wall2GoSetup&cid=233&clickid=0020267002676930107&clickid=0020267002676930107&orig_client=MONETIZOO-MZ67  (wall2gosetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$n9k4QplscAdkryAR?exename=PdfSpeedSetup&cid=3868&lang=pt-br&gclid=CNKu3enJiLoCFUOe4AodSS8ALw  (pdfspeedsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../gkb0y?exename=77ZipSetup&cid=3867&lang=fr  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$utQFWplscAcptQQR?exename=77ZipSetup&cid=3867&lang=pt&gclid=CJvmhOSIq7oCFdGe4Aod4gQAyQ  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$qek0WZlscAdkmj8L?exename=PdfSpeedSetup&cid=3868&lang=fr&gclid=CMrP5vKpyboCFWTHtAodfgwAfw  (pdfspeedsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$icUUZJlscAdkqCUT?exename=PdfSpeedSetup&cid=3868&lang=pt-br&gclid=CNzL88Hp_bgCFYyd4Aod0wcACA  (pdfspeedsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$h8UbY5lscAdkizQM?exename=PdfSpeedSetup&cid=3868&lang=en&gclid=CLOSzeSR7bkCFcmf4AodYBQAiA  (pdfspeedsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$p9gYQplscAcpvBMJ?exename=77ZipSetup&cid=3867&lang=en&gclid=CPKWm6-ul7oCFUVk7AodvBIA4A  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$iMklXplscAcprQ0z?exename=77ZipSetup&cid=3867&lang=pt&gclid=COC-xZ_n_7kCFY3m7AodbHgAiQ  (77zipsetup.exe)

1 / 68      (PUP)
http://www.softologicsd.com/.../gkb0y?exename=77ZipSetup&cid=3867&lang=fr&gclid=CP7KxK-NpbYCFaHHtAodsEkAeA  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$qtwKV5lscAcpuQMu?exename=77ZipSetup&cid=3867&lang=pt&gclid=CKSOkMDLpLoCFU9o7AoduXMA4Q  (77zipsetup.exe)

1 / 68      (Adware)
http://www.softologicsd.com/.../$oekhVJlscAdkvyY2?exename=PdfSpeedSetup&cid=3868&lang=en&gclid=CNG0u9Dn6bkCFUkS7Aodbg8AHw  (pdfspeedsetup.exe)

The following 30 files have been seen to comunicate with www.softologicsd.com in live environments.

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 50.97.49.242:80
UCBrowser.exe (by UCWeb)

TCP » 50.97.49.243:80
jet.exe (Jet by Performersoft)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
browser.exe (Browser)

TCP » 50.97.49.242:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.243:80
browser.exe (Browser)

TCP » 50.97.49.243:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (by UCWeb)

TCP » 50.97.49.243:80
UCBrowser.exe (by UCWeb)

TCP » 50.97.49.242:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 51 files

URL:
http://www.softologicsd.com/

Google Analytics:
UA-48689684

Title:
“softologicsd.com”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.