home

www.coolrecordedit.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain www.coolrecordedit.com is registered by proxy through ENOM, INC. and was originally registered in May of 2007. This domain has been known to host and distribute adware as well as other potentially unwanted software.
Registrar:
ENOM, INC.

Create date:
Thursday, May 31, 2007

Expires date:
Tuesday, May 31, 2016

Updated date:
Saturday, May 2, 2015

ASN:
AS21844 THEPLANET-AS - ThePlanet.com Internet Services, Inc.,US

Root domain:
coolrecordedit.com

Whois:
3 coolrecordedit.com records

Scanner detections:
Detections  (74% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.R, PUP.Bundler (L), PUP.Bundler.TsingsoftImaginationInformationTechnologyCo.Installer.Meta (L), PUP.Optional.Installer.U, PUP.Optional.TechEvolveGMBH.DD, Win32.Generic
88.89%

ESET NOD32
Win32/OpenCandy, Win32/Adware.RK.AO.Gen, Win32/Toolbar.Conduit, Win32/Adware.RK.AP, Win32/OpenCandy (variant), Win32/InstallCore.PY (variant)
83.33%

F-Prot
W32/InstallCore.AC.gen
27.78%

Comodo Security
ApplicUnwnt
16.67%

Trend Micro House Call
TROJ_GEN.F47V0524, Suspicious_GEN.F47V0301
16.67%

VIPRE Antivirus
InstallCore, Threat.4786018
16.67%

K7 AntiVirus
Unwanted-Program
16.67%

Norman
InstallCore.CERT
16.67%

NANO AntiVirus
Trojan.Win32.OpenCandy.cumjqq
11.11%

McAfee
Artemis!1F31879E9B8B, Artemis!787FFB025B61
11.11%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.Amonetize
11.11%

Avira AntiVirus
ADWARE/InstallCore.Gen9
11.11%

Bkav FE
HW32.Pedka
5.56%

Sophos
Generic PUA GK
5.56%

Fortinet FortiGate
Riskware/InstallCore
5.56%

The domain www.coolrecordedit.com has been seen to resolve to the following 2 IP addresses.

184.173.227.113
184.173.227.113-static.reverse.softlayer.com
May 5, 2015

174.123.129.100
64.81.7bae.static.theplanet.com
February 3, 2014

File downloads found at URLs served by www.coolrecordedit.com.

1 / 68      (PUP)
http://www.coolrecordedit.com/package/.../CoolRecordEditPro.php  (coolrecordeditpro.exe)

3 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (cfb8ca93eedf25af5d6a112e33931e74)

0 / 68
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (212352c4acf9a7be4ec390a2b4a97fa2)

0 / 68
http://www.coolrecordedit.com/CoolRecordEditPro.exe  (ccsetup509.exe)

2 / 68      (PUP)
http://www.coolrecordedit.com/CoolRecordEditPro.exe  (coolrecordeditpro-v8-7-10.exe)

4 / 68      (PUP)
http://www.coolrecordedit.com/CoolRecordEditPro.exe  (787ffb025b610eb6717033c95e5aeebf)

3 / 68      (PUP)
http://www.coolrecordedit.com/CoolRecordEditPro.exe  (1ce4ce7fc8612773a7174fb1b9f9cb24)

0 / 68
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (ccsetup509.exe)

9 / 68      (PUP)
http://www.coolrecordedit.com/package/.../FreeSoundRecorder.php  (freesoundrecorder.exe)

2 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (da2b5198edf6862d695d108348e3bc03)

0 / 68
http://www.coolrecordedit.com/CoolRecordEditPro.exe  (9b854d7b098b8f91d02770a39eee41f8)

2 / 68      (PUP)
http://www.coolrecordedit.com/CoolBurningStudio.exe  (cf6569cc05f4040a5ee996a44f7e076e)

2 / 68      (PUP)
http://www.coolrecordedit.com/WMAWorkshopPlus.exe  (3b20634e25ccec0c8361623714e6abef)

2 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (f38f72469506a90cbb77e670b15f071d)

6 / 68      (PUP)
http://www.coolrecordedit.com/package/.../FreeSoundRecorder.php  (icreinstall_freesoundrecorder.exe)

6 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (icreinstall_freesoundrecorder.exe)

12 / 68    (PUP)
http://www.coolrecordedit.com/package/.../FreeSoundRecorder.php  (freesoundrecorder.exe)

12 / 68    (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (1f31879e9b8b82505be535f9d27f8973)

9 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (4927fab768b51e5917707bc9b1518c45)

0 / 68
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (freesoundrecorder-9.2.7.exe)

2 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (2308a8b8a245cb96d4ca22caa05db977)

5 / 68      (inconclusive)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (e1c8c1c5f53deba7e5d50eee546fad2a)

3 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (c6e8aabea4abb042c7eed6d63524f622)

2 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (42eefde72c7cc49c957042c4f557a87a)

0 / 68
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (5b0618d66d347597a2a4e916801f71ae)

3 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (00ff1175978af76433562c41af1440da)

2 / 68      (PUP)
http://www.coolrecordedit.com/FreeSoundRecorder.exe  (9657cd7158e31f574816f7ca0b3297dd)

The following 15 files have been seen to comunicate with www.coolrecordedit.com in live environments.

TCP » 184.173.227.113:80
goup.exe

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
goup.exe

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
freemore-avi-wmv-mp4-mpeg-divx-video-converter.exe

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 184.173.227.113:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

URL:
http://www.coolrecordedit.com/

Google Analytics:
UA-10766450

Title:
“CoolMedia Software - Cool Record Edit Pro - Cool Record Edit Pro Software”

Description:
“Cool Record Edit Pro - Record and Edit Audio Files.”

Web server:
Apache/2.4.7 (PHP/5.5.9-1ubuntu4.14)

Facebook:
Likes:  2
Shares:  59
Comments:  2

Statistics are for the previous month.

audio-recording.net

audioeditor.info

audiorecorders.us

free-audio-editor.com

free-sound-editor.com

wav-editor.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.