home

atstools.net

Inbound Call Experts

Domain Information

The domain atstools.net registered by Inbound Call Experts was initially registered in September of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Las Vegas, Nevada within the United States which resides on the Qwest Communications Company, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Nevada, United States (US)

Create date:
Thursday, September 26, 2013

Expires date:
Monday, September 26, 2016

Updated date:
Sunday, September 27, 2015

ASN:
AS209 ASN-QWEST-US NOVARTIS-DMZ-US

Whois:
3 atstools.net records

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.ADVANCEDTECHSUPPORTCO.H, PUP.Optional.ADVANCEDTECHSUPPORTCO.P, PUP.Optional.ADVANCEDTECHSUPPORTCO.D
88.89%

Trend Micro House Call
TROJ_GEN.F47V1021, TROJ_GEN.F47V1115, Suspicious_GEN.F47V0709
33.33%

F-Prot
W32/Undefined.Threat
11.11%

Rising Antivirus
AU3SCRIPT:Malware.Banker!1.9DF6
11.11%

Dr.Web
Threat.Undefined
11.11%

McAfee
Artemis!005B813E219D
11.11%

Clam AntiVirus
Win.Trojan.Autoit-1372
11.11%

Kaspersky
not-a-virus:RemoteAdmin.Win32.Autoit
11.11%

NANO AntiVirus
Riskware.Win32.RemoteAdmin.zfqwn
11.11%

The domain atstools.net has been seen to resolve to the following 3 IP addresses.

63.156.143.204
63-156-143-204.dia.static.qwest.net
August 21, 2016

50.202.229.71
50-202-229-71-static.hfc.comcastbusiness.net
August 13, 2015

63.156.143.214
63-156-143-214.dia.static.qwest.net
February 12, 2014

File downloads found at URLs served by atstools.net.

1 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (d83a11b27fe72ce926724a60f27a61b2)

0 / 68
http://atstools.net/TK/.../avgtool64.exe  (avg_remover_stf_x64_2013_2706.exe)

0 / 68
http://atstools.net/TK/.../HitmanPro_x64.exe  (hitmanpro.exe)

0 / 68
http://atstools.net/TK/.../vcredist_x86.exe  (b936f0f378b9a35489353e878154e899)

1 / 68      (PUP)
http://atstools.net/.../save_pw.exe  (8c7bf8e92baf0941f06418bdc737ff21)

4 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (c2501224c8fdccce3fdd217e5038de7f)

1 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (a02dd086936045555d21ffba9680a8e5)

1 / 68      (PUP)
http://atstools.net/.../advancedtoolkit.exe  (c1c8b51f50fb6c96478b9f4a90a1875b)

1 / 68      (PUP)
http://atstools.net/.../save_pw.exe  (0cc1e5ad224af2572522451a085c328f)

1 / 68      (PUP)
http://atstools.net/.../save_pw.exe  (c01e27fcd7f38037cffa542bdafdfeed)

7 / 68      (PUP)
http://atstools.net/AEC.exe  (005b813e219dc66bce43469b24ee21d5)

1 / 68
http://atstools.net/AEC.exe  (98d8d6a356de055b58ae0f177de7a2fb)

October 9, 2014
getinfo.atstools.net

URL:
http://atstools.net/

Web server:
Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16 (PHP/5.4.16)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.