d1.windows8downloads.com

WebSys, s.r.o.

Domain Information

The domain d1.windows8downloads.com registered by WebSys, s.r.o. was initially registered in January of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Bratislava, Bratislava within Slovakia which resides on the RIPE Network Coordination Centre network.
Remove Malware from d1.windows8downloads.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Bratislava, Slovakia (SK)

Create date:
Monday, January 11, 2010

Expires date:
Friday, January 11, 2019

Updated date:
Wednesday, December 04, 2013

ASN:
AS35419 PRIMANET-AS Primanet, spol. s r.o.

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WebSyssro.BB, PUP.Installer.WebSyssro.T, PUP.Installer.WebSyssro.Z, PUP.Installer.WebSyssro.b, PUP.Installer.WebSyssro.EE, PUP.Installer.WebSyssro.FF, PUP.Installer.WebSyssro.X, PUP.Installer.WebSyssro.Q, PUP.Installer.WebSyssro.S, PUP.Installer.WebSyssro.l, PUP.Installer.WebSyssro.M, PUP.Installer.WebSyssro.BB, PUP.Installer.WebSyssro.g, PUP.Installer.ISfreemium.AA, PUP.Installer.ironSource, PUP.installCore.ISfreemium.Installer (M), PUP.installCore.WebSyssro.Installer (M)
93.88%

Avira AntiVirus
ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen9, APPL/InstallCore.AX.1
93.88%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.WebSys, PUP.Optional.Websys, PUP.Optional.Freemium.A, PUP.Optional.InstallCore.A
91.84%

K7 Gateway Antivirus
Unwanted-Program
91.84%

VIPRE Antivirus
InstallCore.b, Adware.Win32.InstallCore.ba, Threat.4837543, Threat.4788237, Threat.4150696, Threat.5063361, Adware.InstallCore
91.84%

Sophos
Install Core Click run software, PUA.Install Core Click run software, PUA 'Install Core Click run software'
91.84%

K7 AntiVirus
Unwanted-Program
89.80%

AVG
MalSign.InstallC, Trojan horse Ransomer.DBB
81.63%

Dr.Web
Trojan.MulDrop5.10078, Trojan.Packed.24524, Adware.InstallCore.133
55.10%

Comodo Security
Application.Win32.Installcore.IS, Application.Win32.InstallCore.BWAN, Application.Win32.InstallCore.BWAM, Application.Win32.InstallCore.KAX
44.90%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
38.78%

ESET NOD32
Win32/InstallCore.LW (variant), Win32/InstallCore.JE.gen (variant), Win32/InstallCore.NE (variant), Win32/InstallCore.FJ (variant)
30.61%

Vba32 AntiVirus
Downware.InstallCore
28.57%

ESET NOD32
Win32/Injected.F trojan, Win32/InstallCore.JE.gen potentially unwanted application, Win32/InstallCore.NE potentially unwanted application
24.49%

Antiy Labs AVL
Trojan/Win32.SGeneric, Trojan/Win32.TSGeneric
18.37%

The domain d1.windows8downloads.com has been seen to resolve to the following IP address.

m5.websys.sk
December 18, 2013

File downloads found at URLs served by d1.windows8downloads.com.

1 / 68      (PUP)

URL:
http://d1.windows8downloads.com/

Web server:
Apache/2.2.9 (Fedora)

Remove Malware from d1.windows8downloads.com - Powered by Reason Core Security