FOR WEBMASTERS & BLOGGERS
If you own a Website or a Blog and are affiliated with Google AdSense, in order to your own Reputation, should block the Domain www.pchelpsoft.com in your AdSense Dashboard. The Site lets your Visitors download and install persistant ADWARE or other Malware like in this case a variant of Win32/SpeedingUpMyPC. See the following Report:
MALICIOUS ADvertiser & HIDDEN IFRAMES
 |
| Screenshot with only SOME of the detected Hidden IfRames |
DOMAIN:
http://www.pchelpsoft.com/
- https://www.virustotal.com/de/url/5c3edae4e373ca3e00b12d47e8cca063d95788ce51bf2231183583fb09c410fe/analysis/1396709017/
W32.HfsIframe
- https://www.virustotal.com/de/file/5423ccf2d362c574dd92ee16048771654c0c147615e30969708287e823e86d14/analysis/
http://googleads.g.doubleclick.net/aclk?sa=l&ai=C_5YSLfY_U477Oaf97QbKlYCICo_WvewF95Pew5MBwI23ARABII7AlCNQ59rJ-fr_____AWC7A6AByYS85gPIAQGpArbIwK_Uja4-qAMByAPDBKoEhAFP0DaVh04U04otA5RC7LkKN6Bb_76Gi-a6KPMQvyX3m8F19ghuSsCTgBc7cUAPAstOz7czutL_m7MOzFOIkKzeFLZ3UN9ZUEOlz4xXwJPPBb5gK8G6YxHi-4h_mZg4uzJ7soJ9bRaeuP_OZ2MIq7zyOqfZY3eePfaxuKdr22MRIEQwDEuAB5_7wxk&num=1&sig=AOD64_3jGSApnWn_Emx9WI29PpLZtrEk6Q&client=ca-pub-5585202032329389&adurl=http://www.pchelpsoft.com/pc-cleaner/lp1-ms/%3Ftracking%3DPH_EN_PP_GO_CO_ROW_PCC%26keyword%3D%26campaignID%3DADWORDS&nm=39&mb=2&bg=!A0Q9TCHak0v0HwIAAABKUgAAADcqAOG1EZitqUzYO4cdHgIIvh0nlm7oDd0knPeZUrYknpQ3F5-tZmBmXeKSHkPmRrr_CHVhEUhzRoOlThSLBgrs5fJLBrB5bES3Cg3gSdBl8Q6gTAGIzXrrfFYMCH9BIYOWLOuS7dqRqWoHQHEer0wQaFUVg8VOCK9FOIlzVHnwhGYzDu54619Pr81rBHDv7mscitGvxqSMzZirAzqRJipFcOzj4t9u__q1EYkusciy23n30yN3jgPeP_Ps4igDQY2IWVDYlesicGJKIgCoclKMhqQuga9DgkcUZAewYWXsVZknShE
VT ANALYSIS:
- https://www.virustotal.com/de/url/aaa0b4defa15863722a5a1f3a972cb1b5ae58782a51ee2ddf099479d13401a25/analysis/
W32.HfsIframe
- https://www.virustotal.com/de/file/97297c8b5512bf9630a4785d5efc8b1fa8c0ed256a259f41f2e420dd7ab75f3f/analysis/
http://www.pchelpsoft.com/pc-cleaner/lp1-ms/?tracking=PH_EN_PP_GO_CO_ROW_PCC&keyword=&campaignID=ADWORDS&gclid=COLyicasyb0CFcU-Mgod9WIAFg
- https://www.virustotal.com/de/url/b812f343e219878f936a148c61d82ee7b868b62f126c33035034c30558cff252/analysis/
W32.HfsIframe
- https://www.virustotal.com/de/file/33e518a1049cacd6ad92fcb4dc8cc4276a7def88a673ec8f8b6730169c874399/analysis/1396709347/
http://webtools.pchelpsoft.com/download.cfm?tracking=PH_EN_PP_GO_CO_ROW_PCC&keyword=&campaignID=ADWORDS&gclid=CJi1oOCsyb0CFcx9OgodfGkAVg&go=http://cdn2.pchelpsoft.com/pch_downloads/pc-cleaner-3248.exe
- https://www.virustotal.com/de/url/1ac047af6364f4d0b32c39cc39916c2f2c20126ac9084b34a8e37fc243575e3a/analysis/1396710143/
Win32/SpeedingUpMyPC
- https://www.virustotal.com/de/file/61825b61802647f122a2faf60ed2b06d4d139939c2305f421557ba7aadeaca8d/analysis/1396709870/
http://cdn2.pchelpsoft.com/pch_downloads/pc-cleaner-3248.exe
- https://www.virustotal.com/de/url/695aac7dd7c803f95c1ff3fb22114a8c07710377c1f761360b4919703dde422d/analysis/
- https://www.virustotal.com/de/file/61825b61802647f122a2faf60ed2b06d4d139939c2305f421557ba7aadeaca8d/analysis/1396709870/
SEE AS WELL:
Scam
Misleading claims or unethical
Poor customer experience
- https://www.mywot.com/en/scorecard/pchelpsoft.com
- http://hosts-file.net/?s=pchelpsoft.com
http://107.6.189.44/ (Chicago, U.S.A.)
- https://www.virustotal.com/de/url/500ee0900e907eb3ec6ddfa941715422ba0d629117bd78a11abfc425e792f55a/analysis/1396710479/
- https://www.virustotal.com/de/ip-address/107.6.189.44/information/
http://217.195.25.241/ (Le Pecq, FRANCE)
- https://www.virustotal.com/de/url/2fcdb898c3033fa329006d6ad7a857426898b76c36d4031015e80c74b1bcdc0e/analysis/1396710659/
- https://www.virustotal.com/de/ip-address/217.195.25.241/information/
http://205.251.253.160/ (Seattle, U.S.A.)
- https://www.virustotal.com/de/url/69651f27754573792bde992f0a5bdbb08107d6477da0e85a9f383504ced67cad/analysis/1396710819/
- https://www.virustotal.com/de/ip-address/205.251.253.160/information/
- https://www.projecthoneypot.org/ip_205.251.253.160
Keine Kommentare:
Kommentar veröffentlichen