The domain download.mediaplayercodecpack.com registered by Cole Williams was initially registered in April of 2007 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Newark, New Jersey within the United States which resides on the Linode network.
Server location:
New Jersey, United States (US)
Create date:
Wednesday, April 18, 2007
Expires date:
Wednesday, April 18, 2018
Updated date:
Thursday, June 4, 2015
ASN:
AS8001 NET-ACCESS-CORP - Net Access Corporation,US
Scanner detections:
Detections (62% detected)
Scan engine
Details
Detections
Trend Micro House Call
TROJ_GE.44D467D2, HV_ZYX_BL130105.TOMC, TROJ_GEN.F47V0210, TROJ_GEN.F47V0519, Suspicious_GEN.F47V0705, Suspicious_GEN.F47V0814, HV_ZYX_.A632A135
59.26%
Reason Heuristics
PUP.Installer.ColeWilliams.DD, PUP.ColeWilliams.L, PUP.Win.Reputation, PUP.OpenCandy.Installer (L)
55.56%
ESET NOD32
Win32/OpenCandy, Win32/Toolbar.Widgi (variant), Win32/OpenCandy potentially unsafe, Win32/Toolbar.Widgi.N potentially unwanted (variant)
55.56%
Dr.Web
Adware.OpenCandy.4, Adware.Spigot.9, Adware.Spigot.67, Adware.OpenCandy.137, Threat.Undefined
55.56%
Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Malware.RDM.37!5.2B[F1]
40.74%
G Data
NSIS.Application.OpenCandy, NSIS.Adware.SoftBundled, Win32.Adware.OpenCandy, Win32.Adware.Spigot, Win32.Application.OpenCandy
37.04%
VIPRE Antivirus
Opencandy, Spigot, OpenCandy (PUA) (not malicious)
25.93%
K7 AntiVirus
Unwanted-Program , Adware , Riskware
25.93%
NANO AntiVirus
Riskware.Win32.OpenCandy.cxjcyz, Riskware.Win32.OpenCandy.ddwoan, Riskware.Win32.OpenCandy.dvwkdm, Riskware.Win32.Adware.dtdetw
22.22%
Fortinet FortiGate
W32/Spigot_Toolbar.N, Riskware/OpenCandy, Riskware/Widgi, Adware/Agent
22.22%
McAfee
Artemis!E8C4F5511D7F, Artemis!C426E3252DA1, Artemis!9D689D85045A, Artemis!2A69647E32A1
18.52%
Agnitum Outpost
Riskware.Agent, PUA.Toolbar.Widgi, PUA.Agent
14.81%
F-Prot
W32/A-c7e8dfc4, W32/OpenCandy.A2.gen
11.11%
avast!
Win32:Adware-gen [Adw]
11.11%
The domain download.mediaplayercodecpack.com has been seen to resolve to the following 10 IP addresses.
ip32.ip-149-56-65.net
March 3, 2016
ip31.ip-149-56-65.net
March 3, 2016
ip144.ip-167-114-11.net
January 4, 2016
ip28.ip-192-99-182.net
January 4, 2016
li362-65.members.linode.com
July 1, 2015
File downloads found at URLs served by download.mediaplayercodecpack.com.
URL:
http://download.mediaplayercodecpack.com/
Google Analytics:
UA-27079580
Title:
“Media Player Codec Pack for Microsoft Windows”
Web server:
Apache (PHP/7.0.4)