installm.net
Domains By Proxy, LLC (Proxy Registrant)
Domain Information
The domain installm.net is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beauharnois, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Quebec, Canada (CA)
Create date:
Friday, October 26, 2012
Expires date:
Wednesday, October 26, 2016
Updated date:
Wednesday, October 7, 2015
ASN:
AS16276 OVH OVH SAS,FR
Scanner detections:
Detections (90% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.SILICOMINTERNET, PUP.SILICOMINTERNET.Installer (M), PUP.installCore.SILICOMINTERNET (M), PUP.installCore.SILICOMI (M), PUP.installCore (M)
95.74%
Dr.Web
Trojan.Packed.24524, Trojan.MulDrop6.4686
8.51%
VIPRE Antivirus
Adware.Win32.InstallCore.ba
6.38%
Malwarebytes
PUP.Optional.InstallCore
6.38%
K7 AntiVirus
Unwanted-Program
6.38%
NANO AntiVirus
Riskware.Win32.InstallCore.dcnbna
6.38%
Agnitum Outpost
PUA.InstallCore
6.38%
Comodo Security
Application.Win32.Installcore.SS
6.38%
Sophos
Install Core Click run software
6.38%
herdProtect (fuzzy)
a variant of c3bc3bf631185e795366f80e8244ae6c9d9ecfdb, a variant of 679b287f4780d1d6641f71129d014d9636ff59d0
6.38%
ESET NOD32
Win32/InstallCore.NE potentially unwanted application
4.26%
XVirus List
Win.Detected
2.13%
Clam AntiVirus
Win.Adware.Installcore-510
2.13%
Bkav FE
W32.HfsAdware
2.13%
F-Prot
W32/A-18fe8ff6
2.13%
The domain installm.net has been seen to resolve to the following 4 IP addresses.
ns506226.ip-192-99-2.net
October 9, 2014
184.172.109.170-static.reverse.softlayer.com
March 3, 2014
File downloads found at URLs served by installm.net.
Latest 30 of 133 download URLs
Web server:
nginx/1.4.6 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)
