action.aybank.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain action.aybank.net is registered by proxy through GODADDY.COM, LLC and was originally registered in June of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from action.aybank.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Sunday, June 12, 2011

Expires date:
Sunday, June 12, 2016

Updated date:
Monday, July 27, 2015

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.AppsInstallerSL.L, PUP.Installer.AppsInstallerSL.Q, PUP.Installer.Firseria.Q, PUP.Installer.Solimba, PUP.Solimba.AppsInstaller.Installer (M), Adware.Solimba.AppsInstaller.Installer (M)
100.00%

Malwarebytes
PUP.Optional.AppsInstaller, PUP.Optional.Firseria, PUP.Optional.PortalProgramas
81.82%

K7 AntiVirus
Trojan , Unwanted-Program
81.82%

Dr.Web
Adware.Downware.2488, Adware.Downware.3569, Adware.Downware.4802, Adware.Downware.4436, Trojan.DownLoader11.12561
81.82%

VIPRE Antivirus
DownloadMR, Threat.4150696, Threat.4782980, Trojan.Win32.Generic
81.82%

Avira AntiVirus
APPL/Firseria.A.12, APPL/Firseria.A.25, APPL/Bundler.Firseria.3, APPL/Downloader.Gen8, APPL/Bundler.Firseria.A.1, Adware/NSIS.Agent.bk
81.82%

G Data
Win32.Application.Morstar, Application.Bundler.Firseria, Gen:Variant.Application.Bundler.Firseria, Gen:Variant.Adware.Kazy.454673
81.82%

Vba32 AntiVirus
Downware.Morstar
81.82%

Agnitum Outpost
PUA.Firseria, PUA.Downware, PUA.Fiseria
81.82%

AVG
BundleApp, Adware BundleApp.DD, Solimba, Adware BundleApp.EP, Adware BundleApp.BZ
81.82%

K7 Gateway Antivirus
Trojan , Unwanted-Program
72.73%

Sophos
Solimba Installer, PUA 'Solimba Installer'
72.73%

avast!
Win32:Installer-AR [PUP], Win32:Adware-BQN [Trj], Win32:Firseria-C [PUP]
72.73%

Panda Antivirus
Trj/Genetic.gen, PUP/MultiToolbar.A, Generic Suspicious
72.73%

Comodo Security
Application.Win32.Firseria.EA, Application.Win32.Firseria.CJL, Application.Win32.Firseria.AAFX, Application.Win32.Firseria.AY
63.64%

The domain action.aybank.net has been seen to resolve to the following 2 IP addresses.

October 12, 2015

p3nlhg362c1362.shr.prod.phx3.secureserver.net
April 11, 2014

File downloads found at URLs served by action.aybank.net.

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

1 / 68      (Adware)
http://action.aybank.net/  (flv_media_player.exe)

26 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

33 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

37 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

33 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

32 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

36 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

21 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

23 / 68    (Adware)
http://action.aybank.net/  (flv_media_player.exe)

21 / 68    (Adware)
http://action.aybank.net/  (i2installer.exe)

The following file have been seen to comunicate with action.aybank.net in live environments.

URL:
http://action.aybank.net/

Title:
“aybank.net”

Web server:
Apache

Remove Malware from action.aybank.net - Powered by Reason Core Security