The domain www1.installsfiles.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Studio City, California within the United States which resides on the netDNA network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
California, United States (US)
Create date:
Tuesday, February 12, 2013
Expires date:
Sunday, February 12, 2017
Updated date:
Saturday, February 13, 2016
ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.CoolMirage.V, PUP.CoolMirage.M, PUP.CoolMirage.Q, PUP.CoolMirage.N, PUP.CoolMirage.J, PUP.CoolMirageltd.J, PUP.CoolMirage.R, PUP.CoolMirageltd.Q, PUP.CoolMirage.T, PUP.CoolMirageltd.T, PUP.CoolMirage (M), PUP.CoolMirage.VASSANAK (M)
100.00%
VIPRE Antivirus
CoolMirage Ltd
87.88%
Dr.Web
Adware.Downware.1263, Adware.Yontoo.25, Adware.Downware.1403, Adware.Downware.625, Adware.Downware.902, Adware.Downware.2031
51.52%
avast!
Win32:Downloader-TPG [PUP], Win32:PUP-gen [PUP], Win32:Downloader-UHI [PUP], Win32:Oneclick-I [PUP]
39.39%
Trend Micro House Call
TROJ_GEN.F47V0801, Suspicious_GEN.F47V1210, TROJ_GEN.F47V0409, TROJ_GEN.F47V0605, TROJ_GEN.F47V0830, TROJ_GEN.F47V1226, TROJ_GEN.F47V0327
30.30%
Avira AntiVirus
Adware/1ClickDownload.AC.22, Adware/1ClickDownload.K, Adware/1ClickDownload.AA.19, APPL/CoolMirage.bti, Adware/1ClickDownload.AA.56
27.27%
IKARUS anti.virus
AdWare.1ClickDownload, not-a-virus:AdWare.Yontoo
27.27%
Malwarebytes
PUP.Optional.CoolMirage.A, PUP.Optional.DealPly.A, PUP.Optional.Downware
24.24%
Comodo Security
ApplicUnwnt, Application.Win32.MCool.B, UnclassifiedMalware, Application.Win32.MCool.A
21.21%
Agnitum Outpost
PUA.Yontoo, PUA.Downware
21.21%
Kaspersky
not-a-virus:AdWare.NSIS.Yontoo
21.21%
Panda Antivirus
Generic Suspicious, Adware/MultiToolbar, PUP/MultiToolbar.A
18.18%
Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen, Win32/Virus.Adware.7c6
18.18%
herdProtect (fuzzy)
a variant of 57703d51babaa7292afac8113fd355db46976fdb, a variant of eef9df0fca0fd9def4ede809cf9c245f78e1562f, a variant of b37ba8abdaba4f9f67aa283554a046faeb57fa70
9.09%
The domain www1.installsfiles.com has been seen to resolve to the following IP address.
File downloads found at URLs served by www1.installsfiles.com.
Related Domains