www.condinstalls.biz

Wired 2000 Corporation

Domain Information

The domain www.condinstalls.biz registered by Wired 2000 Corporation was initially registered in August of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Marietta, Georgia within the United States which resides on the NationalNet, Inc. network.
Registrar:
ENOM, INC.

Server location:
Georgia, United States (US)

Create date:
Wednesday, August 14, 2013

Expires date:
Saturday, August 13, 2016

Updated date:
Thursday, July 16, 2015

ASN:
AS22384 NATIONALNET-1 - NationalNet, Inc.,US

Root domain:

Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DownloadAdmin.K, (M), PUP.CashBuyerMedia.Installer (M), PUP.Vittalia.CashBuyerMedia.Bundler (M), PUP.TomorrowSoftware.SpiralMedia.Bundler (M), PUP.DownloadAdmin.RazorEdgeMedia.Installer (M), PUP.Tightrope.PourOverDigital.Bundler (M), PUP.Tightrope.Download.Bundler (M), PUP.TomorrowSoftware.UprightM.Installer (M), PUP.Tightrope.Zoobam.Bundler (M), PUP.DownloadAdmin.EbooksMe.Installer (M)
62.50%

VIPRE Antivirus
DownloadAdmin, Trojan.Win32.Generic, Threat.4150696
43.75%

ESET NOD32
Win32/WebDevAZ.C potentially unwanted application, Win32/AdWare.Primawega application, Win32/InstallMonetizer potentially unwanted application
37.50%

K7 AntiVirus
Trojan , Unwanted-Program , Adware , Riskware
28.13%

ESET NOD32
Win32/DownloadAdmin, Win32/DownWare, Win32/DownloadAdmin.I potentially unwanted (variant), Win32/WebDevAZ.C potentially unwanted
25.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent
25.00%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Trojan.Win32.XPACK.dprfbr, Riskware.Nsis.Downloader.dvsumk
21.88%

Trend Micro House Call
TROJ_GEN.F47V1025, TROJ_GEN.F47V0329, TROJ_SPNR.0CAS14, TROJ_GEN.F47V0526, Suspicious_GEN.F47V0213, Suspicious_GEN.F47V1227
18.75%

Dr.Web
Adware.Downware.644, Trojan.Inject1.36834, Adware.Downware.2220, Trojan.Vittalia.74, Trojan.DownLoader9.7523, Trojan.DownLoader12.24366
18.75%

Baidu Antivirus
Trojan.Win32.DownloadAdmin, Adware.Win32.DownWare, PUA.Win32.WebDevAZ, Hacktool.Win32.Agent, Adware.Win32.Primawega
18.75%

Qihoo 360 Security
HEUR/Malware.QVM06.Gen, HEUR/QVM42.1.Malware.Gen, HEUR/QVM42.0.Malware.Gen, HEUR/QVM10.1.Malware.Gen
18.75%

McAfee
Artemis!BEA44382C395, Artemis!79AC2739BB54, Artemis!8B2AD8F8BD9B, Artemis!B0CC4FCD5C98, Artemis!46C743271F9A
15.63%

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader, Adware.InstallMonetizer, Adware.Primawega/Variant, Trojan.Agent/Gen-Qbot
15.63%

AVG
Skodna.Bundle, Generic, Could be an adware AdInject
15.63%

Sophos
Download Admin, Mal/Generic-S, Generic PUA LP
12.50%

The domain www.condinstalls.biz has been seen to resolve to the following IP address.

February 21, 2016

File downloads found at URLs served by www.condinstalls.biz.

2 / 68      (PUP)
http://www.condinstalls.biz/.../BISetup.exe  (bc83af37f406cfc5347e7eadc18e3f68)

21 / 68    (PUP)
http://www.condinstalls.biz/.../SearchLatina.exe  (b0cc4fcd5c984d9eb5877c68af27ff50)

0 / 68
http://www.condinstalls.biz/.../p2p.exe  (d6cba0ea7ce9490713b1ef728cc86f67)

5 / 68      (PUP)
http://www.condinstalls.biz/.../w3iDownloader.exe  (f18ba08463ee2a58555452baee0c98c0)

12 / 68    (PUP)

11 / 68    (PUP)
http://www.condinstalls.biz/.../IMSetup.exe  (46c743271f9a78c645e2cf89feaeac99)

URL:
http://www.condinstalls.biz/

Title:
“Free Chat Rooms Online”

Web server:
Apache/2.2.22 (Debian)