www1.installsfiles.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www1.installsfiles.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Studio City, California within the United States which resides on the netDNA network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Tuesday, February 12, 2013

Expires date:
Sunday, February 12, 2017

Updated date:
Saturday, February 13, 2016

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.CoolMirage.V, PUP.CoolMirage.M, PUP.CoolMirage.Q, PUP.CoolMirage.N, PUP.CoolMirage.J, PUP.CoolMirageltd.J, PUP.CoolMirage.R, PUP.CoolMirageltd.Q, PUP.CoolMirage.T, PUP.CoolMirageltd.T, PUP.CoolMirage (M), PUP.CoolMirage.VASSANAK (M)
100.00%

VIPRE Antivirus
CoolMirage Ltd
87.88%

Dr.Web
Adware.Downware.1263, Adware.Yontoo.25, Adware.Downware.1403, Adware.Downware.625, Adware.Downware.902, Adware.Downware.2031
51.52%

avast!
Win32:Downloader-TPG [PUP], Win32:PUP-gen [PUP], Win32:Downloader-UHI [PUP], Win32:Oneclick-I [PUP]
39.39%

Trend Micro House Call
TROJ_GEN.F47V0801, Suspicious_GEN.F47V1210, TROJ_GEN.F47V0409, TROJ_GEN.F47V0605, TROJ_GEN.F47V0830, TROJ_GEN.F47V1226, TROJ_GEN.F47V0327
30.30%

Avira AntiVirus
Adware/1ClickDownload.AC.22, Adware/1ClickDownload.K, Adware/1ClickDownload.AA.19, APPL/CoolMirage.bti, Adware/1ClickDownload.AA.56
27.27%

IKARUS anti.virus
AdWare.1ClickDownload, not-a-virus:AdWare.Yontoo
27.27%

Malwarebytes
PUP.Optional.CoolMirage.A, PUP.Optional.DealPly.A, PUP.Optional.Downware
24.24%

Comodo Security
ApplicUnwnt, Application.Win32.MCool.B, UnclassifiedMalware, Application.Win32.MCool.A
21.21%

Agnitum Outpost
PUA.Yontoo, PUA.Downware
21.21%

Kaspersky
not-a-virus:AdWare.NSIS.Yontoo
21.21%

AVG
Generic
21.21%

Panda Antivirus
Generic Suspicious, Adware/MultiToolbar, PUP/MultiToolbar.A
18.18%

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen, Win32/Virus.Adware.7c6
18.18%

herdProtect (fuzzy)
a variant of 57703d51babaa7292afac8113fd355db46976fdb, a variant of eef9df0fca0fd9def4ede809cf9c245f78e1562f, a variant of b37ba8abdaba4f9f67aa283554a046faeb57fa70
9.09%

The domain www1.installsfiles.com has been seen to resolve to the following IP address.

November 16, 2013

File downloads found at URLs served by www1.installsfiles.com.

2 / 68      (Adware)
http://www1.installsfiles.com/Movie2KDownloader.exe  (2fe359b0f917f8154204ddeb3d2f3e4d)

1 / 68      (Adware)

1 / 68      (Adware)
http://www1.installsfiles.com/FTDownloader.exe  (ffb70d6949fdd663086fce9e2afb3a58)

12 / 68    (Adware)
http://www1.installsfiles.com/FirstRowSportApp.exe  (abad1fa625902ad31d132f8d534e3fc9)

1 / 68      (Malware)
http://www1.installsfiles.com/torntvdownloader.exe  (05ff41a1e1a74e30e7d4e20af783aa90)

12 / 68    (Adware)
http://www1.installsfiles.com/Feed2AllApp.exe  (e19eab8ee5e4f51ed1748d0e68f4440c)

6 / 68      (Adware)
http://www1.installsfiles.com/IlemiTVApp.exe  (cf9c9fdd76d662463d3f6e3b9649f9a6)

3 / 68      (Adware)
http://www1.installsfiles.com/PutLockerDownloader.exe  (8c0e99d9a046c047abea29c57e4dce63)

6 / 68      (Adware)

2 / 68      (Adware)

5 / 68      (Adware)
http://www1.installsfiles.com/VipBoxSportsApp.exe  (fbafe9383f7641c9f74d33f3f9aaaf84)

16 / 68    (Adware)
http://www1.installsfiles.com/TornTVApp.exe  (c6cc74b46e94f23866439c8e39ce0279)

5 / 68      (Adware)
http://www1.installsfiles.com/Movie2KDownloader4.exe  (c99d9afdd0fc5c341c3868e48385609e)

2 / 68      (Adware)
http://www1.installsfiles.com/PutLockerDownloaderv2.exe  (1a910d6219471c816e86d0ae92b426e1)

3 / 68      (Adware)
http://www1.installsfiles.com/FTDownloader4.exe  (4570942f7821646f73b4d575c27ae4d7)

5 / 68      (Adware)

4 / 68      (Adware)