www.iainstalls.com

WIRED 2000 CORPORATION

Domain Information

The domain www.iainstalls.com registered by WIRED 2000 CORPORATION was initially registered in April of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Marietta, Georgia within the United States which resides on the NationalNet, Inc. network.
Registrar:
ENOM, INC.

Server location:
Georgia, United States (US)

Create date:
Friday, April 26, 2013

Expires date:
Wednesday, April 26, 2017

Updated date:
Tuesday, October 27, 2015

ASN:
AS22384 NATIONALNET-1 - NationalNet, Inc.,US

Root domain:

Scanner detections:
Detections  (84% detected)

Scan engine
Details
Detections

Reason Heuristics
(M), PUP.Fintech.N, PUP.Bundler.Tightrope, PUP.Installer.CashBuyerMedia, Threat.Win.Reputation.IMP, PUP.TomorrowSoftware.SpiralMedia.Bundler (M), PUP.DownloadAdmin.FilesInfo.Installer (M), PUP.DownloadAdmin.SafeInstallSoftware.Installer (M), PUP.Vittalia.CashBuyerMedia.Bundler (M), PUP.DownloadAdmin.EbooksMedia.Installer (M), PUP.DownloadAdmin.RazorEdgeMedia.Installer (M), PUP.DownloadAdmin.RedLightMedia.Installer (M), PUP.RazorEdge.Bundler.Installer.Meta (M)
56.00%

VIPRE Antivirus
DownloadAdmin, Threat.4783369, Trojan.Win32.Generic, Threat.4150696
48.00%

ESET NOD32
Win32/DownloadAdmin.I potentially unwanted application, Win32/WebDevAZ.C potentially unwanted application, Win32/InstallMonetizer potentially unwanted application
46.00%

Qihoo 360 Security
QVM42.0.Malware.Gen, HEUR/QVM10.1.Malware.Gen, HEUR/QVM42.0.Malware.Gen, HEUR/QVM42.1.Malware.Gen, HEUR/QVM42.0.0000.Malware.Gen
30.00%

ESET NOD32
Win32/DownloadAdmin, Win32/DownloadAdmin.I potentially unwanted (variant), Win32/DownloadAdmin.N potentially unwanted (variant), Win32/AdWare.Primawega
28.00%

AVG
Generic, AdInject, Could be an adware AdInject
28.00%

NANO AntiVirus
Riskware.Win32.Downware.crgjbr, Trojan.Win32.XPACK.dprfbr, Trojan.Win32.DownloAdmin.dxgjmo, Riskware.Nsis.Downloader.dvsumk, Trojan.Nsis.Startpage.dsmxsq
26.00%

Kaspersky
not-a-virus:Downloader.Win32.DownloAdmin, Trojan.Win32.Startpage, HEUR:Trojan-Downloader.Win32.Generic, Trojan.Win32.Pincav
24.00%

Vba32 AntiVirus
Downloader.Agent, SScope.Downware.DownloadAdmin, suspected of Trojan.Downloader.gen.h, TrojanDropper.Injector
22.00%

Dr.Web
Trojan.Inject1.36834, Adware.Downware.2220, Trojan.Vittalia.27, Trojan.Vittalia.74, Trojan.Vittalia.419, Trojan.Vittalia.517
20.00%

SUPERAntiSpyware
Adware.InstallMonetizer, Adware.Primawega/Variant, Trojan.Agent/Gen-Qbot
18.00%

McAfee
Artemis!22B0367A1830, Artemis!01F55319BE37, Artemis!2CFA7E4087B9, Artemis!2ABA762523B3, Artemis!ADA1DB3B280F, Artemis!688EA1BAB610, RDN/Generic Downloader.x!ki
18.00%

Baidu Antivirus
PUA.Win32.DownloadAdmin, PUA.Win32.WebDevAZ, Adware.Win32.Primawega, Trojan.Win32.Pincav
18.00%

G Data
Win32.Trojan.Agent.VE5J0V, Win32.Application.DownloadAdmin, Win32.Adware.DownloadAdmin, Gen:Variant.Application.Bundler.DownloadAdmin
16.00%

Fortinet FortiGate
Riskware/DownloadAdmin, PossibleThreat.P1, W32/Injector.JGDO!tr
16.00%

The domain www.iainstalls.com has been seen to resolve to the following IP address.

January 5, 2016

File downloads found at URLs served by www.iainstalls.com.

4 / 68      (PUP)
http://www.iainstalls.com/.../p2p.exe  (fdfe2a78ecc409a44914afa263b5ee0b)

13 / 68    (Malware)
http://www.iainstalls.com/.../w3iDownloader.exe  (14462852604e4fe224aebae8a126f902)

2 / 68      (PUP)
http://www.iainstalls.com/.../BISetup.exe  (bc83af37f406cfc5347e7eadc18e3f68)

27 / 68    (PUP)
http://www.iainstalls.com/.../netdownloader.exe  (ada1db3b280f696332c0448f69df0664)

21 / 68    (PUP)

5 / 68      (PUP)
http://www.iainstalls.com/.../IMSetup.exe  (9a2432eab8c1dc3ef0632eb6b70519be)

URL:
http://www.iainstalls.com/

Title:
“Free Chat Rooms Online”

Web server:
Apache/2.2.22 (Debian)