home

1-vinstaller.com

wenjie chen

Domain Information

The domain 1-vinstaller.com registered by wenjie chen was initially registered in December of 2015 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
DOMAINTIMEMACHINE.COM LLC

Server location:
Victoria, Australia (AU)

Create date:
Tuesday, December 8, 2015

Expires date:
Thursday, December 8, 2016

Updated date:
Wednesday, December 9, 2015

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Whois:
5 1-vinstaller.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.SecureInstall.L, PUP.Installer.SecureInstall.K, PUP.Installer.InstallX.O, PUP.InstallX.Installer, PUP.InstallX.SecureInstall.Installer (M), PUP.InstallX.SafeInst.Installer (M), PUP.InstallX.SecureIn.Installer (M), Threat.Win.Reputation.IMP, PUP.InstallX.Installer (M), PUP.InstallX (M)
100.00%

Dr.Web
Adware.Downware.2512, Threat.Undefined, Adware.Downware.9371
16.33%

Malwarebytes
PUP.Optional.SafeInstall.A
14.29%

NANO AntiVirus
Riskware.Win32.Searcher.csnymk
14.29%

Sophos
DomainIQ pay-per install, InstallQ, PUA 'InstallQ'
14.29%

VIPRE Antivirus
InstallIQ Installer, Threat.4783689
14.29%

K7 AntiVirus
Unwanted-Program
14.29%

Fortinet FortiGate
Riskware/InstallIQ, Riskware/Agent
14.29%

G Data
Win32.Application.InstallIQ, Gen:Variant.Application.Bundler.Graftor.155902, Application.Bundler.InstallIQ
14.29%

AVG
MultiBundle, Generic_r, InstallIQ, Adware Generic_r.NT
14.29%

avast!
Win32:PUP-gen [PUP], Adware-CFF [PUP], Downloader-ABU [PUP], Win32:Adware-CLU [PUP]
14.29%

Kaspersky
not-a-virus:Downloader.NSIS.Agent
14.29%

Bitdefender
Application.Bundler.InstallIQ.A, Gen:Variant.Application.Bundler.Graftor.155902
14.29%

Lavasoft Ad-Aware
Application.Bundler.InstallIQ.A, Gen:Variant.Application.Bundler.Graftor.155902
14.29%

ESET NOD32
Win32/InstallIQ (variant)
12.24%

The domain 1-vinstaller.com has been seen to resolve to the following 5 IP addresses.

103.224.182.207
lb-182-207.above.com
May 15, 2016

103.224.182.243
lb-182-243.above.com
December 19, 2015

192.184.12.62
December 15, 2015

64.74.223.48
April 28, 2015

66.77.96.160
December 27, 2013

File downloads found at URLs served by 1-vinstaller.com.

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=14538&CampaignName=8yAhEi7ne&ShortName=frzfonts&trafficsrctype=ICN&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (frzfonts.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=3257&AccountId=13722&CampaignName=Grj7oYU4p&ShortName=tvshows&trafficsrctype=ICN&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (tvshows.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=6591&CampaignName=sxTFFJLnS&ShortName=audacity&trafficsrctype=ICN&clickid=sxTFFJLn&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (audacity.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=7378&CampaignName=fFeThQDze&ShortName=audacity&trafficsrctype=ICN  (audacity.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=7378&CampaignName=yjD8gFsi&ShortName=intunemp3&trafficsrctype=ICN&clickid=yjD8gFsi&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (intunemp3.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13834&CampaignName=ff&ShortName=applianflv&trafficsrctype=ICN&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (applianflv.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?accountid=14256&shortname=7zip_freely&campaignname=7zMS  (7zip_freely.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13722&CampaignName=sWCB2mXT&ShortName=musicpig&trafficsrctype=ICN  (musicpig.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13722&CampaignName=9GohsPh4b&ShortName=ssyoutubedownloader&trafficsrctype=ICN&clickid=9GohsPh4&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (ssyoutubedownloader.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=7378&CampaignName=Cuam7bkBe&ShortName=clipartcollection&trafficsrctype=ICN  (clipartcollection.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=14229&CampaignName=filewhiz3&ShortName=filewhiz&trafficsrctype=ICN  (filewhiz.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=14349&CampaignName=abiword_intyield2s&ShortName=abiword&trafficsrctype=ICN  (abiword.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?accountid=13230&shortname=libreoffice&campaignname  (libreoffice.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?accountid=13356&shortname=openfreely&campaignname=openfreely  (openfreely.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?accountid=14190&shortname=fileviewer&campaignname=fileinfo  (fileviewer.exe)

24 / 68    (Adware)
http://1-vinstaller.com/.../download?accountid=13187&shortname=freeopener&campaignname=FreeOpenerShell  (freeopener.exe)

30 / 68    (Adware)
http://1-vinstaller.com/.../download?accountid=13193&shortname=mplayer_freely&campaignname=MPlayer  (mplayer_freely.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13722&CampaignName=OPIpN0fVb&ShortName=infrarecorder&trafficsrctype=ICN&clickid=&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (infrarecorder.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=9061&CampaignName=&ShortName=wallpapers&trafficsrctype=ICN&ICNSessionId=7989b49b-8eb2-4261-bcfd-d6efea801dc3&ICNLastPageId=1043  (wallpapers.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13722&CampaignName=3zg384Vme&ShortName=freecordertorrent&trafficsrctype=ICN  (freecordertorrent.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=14229&CampaignName=24894122&ShortName=tvshows&trafficsrctype=ICN&servpixel=1418897183923_1418897180733_128_1763_4082484_1&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (tvshows.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=7378&CampaignName=Hs5KmAVr&ShortName=abiword&trafficsrctype=ICN&clickid=Hs5KmAVr&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (abiword.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?accountid=13230&shortname=pidgin&campaignname=pdg  (pidgin.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=14349&CampaignName=advertisedotcom_mpc_intyield&ShortName=mediaclassic&trafficsrctype=ICN  (mediaclassic_setup.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13722&CampaignName=rUB31iyK&ShortName=gimp&trafficsrctype=ICN&clickid=rUB31iyK&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (gimp.exe)

3 / 68      (PUP)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=8527&CampaignName=adobeflashplayer&ShortName=adobeflashplayer&trafficsrctype=ICN&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (adobeflashplayer.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?accountid=13313&shortname=mediaplayer&campaignname=mobit&context=ZhdXVpZD1lMWM4ZTNjOC05ZjBlLTQ2MGQtYjhmYS0wMWQyYTA0ZjhhNWQ  (mediaplayer.exe)

1 / 68      (Adware)
http://1-vinstaller.com/.../download?VersionId=-1&AccountId=13722&CampaignName=qHjJqstle&ShortName=tvshows&trafficsrctype=ICN&ICNSessionId=00000000-0000-0000-0000-000000000000&ICNLastPageId=0  (tvshows.exe)

23 / 68    (Adware)
http://1-vinstaller.com/.../download?accountid=13313&shortname=mediaplayer&campaignname=mobit&context=ZwdXVpZD02MzY5MjU5Ny1hYjJmLTRlYzEtOGNmYy02MTNmMDhiZWIwNWI  (mediaplayer.exe)

33 / 68    (Adware)
http://1-vinstaller.com/.../download?accountid=14412&shortname=musicoasis&campaignname=FX&pix=1955--1561--1399039942.4471  (musicoasis.exe)

 
Latest 30 of 638 download URLs

The following 22 files have been seen to comunicate with 1-vinstaller.com in live environments.

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80
pooface.exe (Ja)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
fuzezipsetup.exe (Fuze Zip by Koyote Soft)

TCP » 103.224.182.207:80
CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
emuletorrent.exe

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.243:587
www.exe

TCP » 103.224.182.207:443
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
BruteforceSaveData.exe (Bruteforce Save Data by 2014 by Aldo Vargas - http://www.aldostools.org)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.243:80
download.exe (Gerenciador de Download by ASSISTENTE DE DOWNLOAD)

TCP » 103.224.182.243:80
online-guardian-v2.0.9.exe

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
online-guardian.exe

TCP » 103.224.182.207:80
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

 
Latest 20 of 36 files

URL:
http://1-vinstaller.com/

Google Analytics:
UA-19309218

Title:
“1-vinstaller.com”

Description:
“This website is for sale! 1-vinstaller.com is your first and best source for information about 1-vinstaller . Here you will also find topics relating to issues of general interest. We hope you find what you are looking for!”

Web server:
Apache

123mplayer.com

7s9nzohf.com

ad131m.com

amateurporntubed.com

applicationcube.com

check-live.com

checkupdatenow.com

cloudbox03.com

cloudbox06.com

cloudbox40.com

coolsoftwaredownloads.com

datacardbar.info

datingsweater.com

dbtalk.net

deliciousgoldfish.com

differentdownload.com

downloadcobol.com

downloadcobra.com

downloadcocci.com

downloadd.org

downloadinator.com

ex-soft.net

extremetrucker.com

fastupdate24.com

fetch-files.com

flashupdatenow.com

freeapplocationdownloads.com

freedownloadbrushes.com

generaldownload.com

generallydownload.com

30 of 93 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.