download.mediaplayercodecpack.com

Cole Williams

Domain Information

The domain download.mediaplayercodecpack.com registered by Cole Williams was initially registered in April of 2007 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Newark, New Jersey within the United States which resides on the Linode network.
Registrar:
GANDI SAS

Server location:
New Jersey, United States (US)

Create date:
Wednesday, April 18, 2007

Expires date:
Wednesday, April 18, 2018

Updated date:
Thursday, June 04, 2015

ASN:
AS8001 NET-ACCESS-CORP - Net Access Corporation,US

Scanner detections:
Detections  (62% detected)

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GE.44D467D2, HV_ZYX_BL130105.TOMC, TROJ_GEN.F47V0210, TROJ_GEN.F47V0519, Suspicious_GEN.F47V0705, Suspicious_GEN.F47V0814, HV_ZYX_.A632A135
59.26%

Reason Heuristics
PUP.Installer.ColeWilliams.DD, PUP.ColeWilliams.L, PUP.Win.Reputation, PUP.OpenCandy.Installer (L)
55.56%

ESET NOD32
Win32/OpenCandy, Win32/Toolbar.Widgi (variant), Win32/OpenCandy potentially unsafe, Win32/Toolbar.Widgi.N potentially unwanted (variant)
55.56%

Dr.Web
Adware.OpenCandy.4, Adware.Spigot.9, Adware.Spigot.67, Adware.OpenCandy.137, Threat.Undefined
55.56%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Malware.RDM.37!5.2B[F1]
40.74%

G Data
NSIS.Application.OpenCandy, NSIS.Adware.SoftBundled, Win32.Adware.OpenCandy, Win32.Adware.Spigot, Win32.Application.OpenCandy
37.04%

Kingsoft AntiVirus
VIRUS_UNKNOWN
33.33%

McAfee Web Gateway
Artemis!E8C4F5511D7F, BehavesLike.Win32.Suspicious.tc, BehavesLike.Win32.Suspicious.rc, BehavesLike.Win32.Suspicious.wc
29.63%

Antiy Labs AVL
Trojan[:HEUR]/Win32.AGeneric
29.63%

VIPRE Antivirus
Opencandy, Spigot, OpenCandy (PUA) (not malicious)
25.93%

K7 AntiVirus
Unwanted-Program , Adware , Riskware
25.93%

K7 Gateway Antivirus
Unwanted-Program , Adware , Riskware
25.93%

NANO AntiVirus
Riskware.Win32.OpenCandy.cxjcyz, Riskware.Win32.OpenCandy.ddwoan, Riskware.Win32.OpenCandy.dvwkdm, Riskware.Win32.Adware.dtdetw
22.22%

AVG
OpenCandy
22.22%

Fortinet FortiGate
W32/Spigot_Toolbar.N, Riskware/OpenCandy, Riskware/Widgi, Adware/Agent
22.22%

The domain download.mediaplayercodecpack.com has been seen to resolve to the following 10 IP addresses.

June 7, 2016

ip32.ip-149-56-65.net
March 3, 2016

ip31.ip-149-56-65.net
March 3, 2016

ip144.ip-167-114-11.net
January 4, 2016

ip28.ip-192-99-182.net
January 4, 2016

li362-65.members.linode.com
July 1, 2015

May 3, 2015

May 31, 2014

February 6, 2014

February 6, 2014

File downloads found at URLs served by download.mediaplayercodecpack.com.

15 / 68    (PUP)

15 / 68    (PUP)

8 / 68      (PUP)

4 / 68      (PUP)

2 / 68      (PUP)

8 / 68      (PUP)

6 / 68      (PUP)

3 / 68      (PUP)

4 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

URL:
http://download.mediaplayercodecpack.com/

Google Analytics:
UA-27079580

Title:
“Media Player Codec Pack for Microsoft Windows”

Web server:
Apache (PHP/7.0.4)