files4.playfin.com

Download Admin  (via a Proxy Registrant)

Domain Information

"Playfin.net uses DownloadAdmin to install your software. The software distributed on our site may be available for free elsewhere." The software bundle includes offers from ALOT, WeatherBug, PriceGong and IAC (Ask.com). The portal is run by Tightrope Interactive. The domain files4.playfin.com is registered by proxy through WILD WEST DOMAINS, LLC and was originally registered in August of 2006. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the Akamai Technologies, Inc. network. The domain is associated with the publisher Download Admin who is located in SAN FRANCISCO, California in the United States.
Remove Malware from files4.playfin.com - Powered by Reason Core Security
Registrar:
WILD WEST DOMAINS, LLC

Server location:
Texas, United States (US)

Create date:
Wednesday, August 30, 2006

Expires date:
Wednesday, August 30, 2017

Updated date:
Thursday, November 08, 2012

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadAdmin.CC, PUP.Installer.DownloadAdmin.X, PUP.Installer.DownloadAdmin.U, PUP.Installer.DownloadAdmin.BB, PUP.Installer.DownloadAdmin.p, PUP.Installer.DownloadAdmin.m, PUP.Installer.DownloadAdmin.R, PUP.Installer.DownloadAdmin.O, PUP.Installer.DownloadAdmin.AA, PUP.Installer.DownloadAdmin.Q, PUP.Installer.Tightrope, PUP.Bundler.Tightrope, PUP.TomorrowSoftware.Installer.Installer.Meta (M), PUP.TomorrowSoftware.SKUNKDOGMEDIA.Bundler (M), PUP.TomorrowSoftware.GOLDENBANNERS.Installer (M), PUP.Tightrope.DownloadAdmin.Bundler (M), PUP.TomorrowSoftware.TrustedInstallSoftware.Installer (M), PUP.CBS.WebInstall.Installer (M)
100.00%

VIPRE Antivirus
DownloadAdmin, Threat.4783369, Threat.4150696, Trojan.Win32.Generic
54.76%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt, Trojan.Win32.DAdmin.djhtdm, Riskware.Nsis.Downware.dlgjls
45.24%

Sophos
Download Admin, PUA 'Download Admin'
45.24%

Dr.Web
Adware.Downware.2220, Adware.DAdmin.151, Adware.Downware.411, Adware.Downware.238
45.24%

herdProtect (fuzzy)
a variant of 891abcb5e10441d20ac0a5f582fa3b9519327ff1, a variant of 3df10759dc7eb20ab69c04e8ced008d1fc508bee, a variant of a9a182a69f5a593ca2b4208bde80862379dbb76b
40.48%

Malwarebytes
PUP.Optional.DownloadAdmin, PUP.DownloadAdmin, PUP.Optional.FlashPro
40.48%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
40.48%

ESET NOD32
Win32/DownloadAdmin
35.71%

AVG
MultiBundle, Skodna.Bundle, Generic, Adware Skodna.Bundle.AU
28.57%

McAfee Web Gateway
Artemis!27C9F55AE7E3, Artemis!5726256FCFA7, Artemis!3F6F722A0021, BehavesLike.Win32.Downloader.bc, BehavesLike.Win32.Downloader.cc
28.57%

Avira AntiVirus
ADWARE/Adware.Gen9, Adware/DownAdmin.D
26.19%

McAfee
Artemis!27C9F55AE7E3, Artemis!5726256FCFA7, Artemis!3F6F722A0021
19.05%

K7 AntiVirus
Unwanted-Program , Adware
19.05%

Trend Micro House Call
TROJ_GEN.F47V0223, Suspicious_GEN.F47V0706, TROJ_GEN.F47V0512, HV_DOWNADMIN_CA222831.TOMC
19.05%

The domain files4.playfin.com has been seen to resolve to the following 35 IP addresses.

a23-220-148-33.deploy.static.akamaitechnologies.com
February 12, 2016

a23-220-148-8.deploy.static.akamaitechnologies.com
February 12, 2016

a23-15-7-120.deploy.static.akamaitechnologies.com
February 1, 2016

a23-15-7-105.deploy.static.akamaitechnologies.com
February 1, 2016

a184-51-126-90.deploy.static.akamaitechnologies.com
January 5, 2016

a184-51-126-105.deploy.static.akamaitechnologies.com
January 5, 2016

September 1, 2015

September 1, 2015

a96-6-113-59.deploy.akamaitechnologies.com
May 4, 2015

a96-6-113-112.deploy.akamaitechnologies.com
May 4, 2015

a173-223-204-11.deploy.static.akamaitechnologies.com
May 4, 2015

a173-223-204-18.deploy.static.akamaitechnologies.com
May 4, 2015

a23-67-243-59.deploy.static.akamaitechnologies.com
May 3, 2015

a96-6-113-145.deploy.akamaitechnologies.com
May 3, 2015

a96-6-113-193.deploy.akamaitechnologies.com
May 3, 2015

a96-6-113-153.deploy.akamaitechnologies.com
May 3, 2015

a23-0-160-74.deploy.static.akamaitechnologies.com
September 5, 2014

a184-51-126-18.deploy.static.akamaitechnologies.com
September 5, 2014

a184-51-126-50.deploy.static.akamaitechnologies.com
September 5, 2014

a184-50-229-177.deploy.static.akamaitechnologies.com
September 5, 2014

a184-50-229-137.deploy.static.akamaitechnologies.com
September 5, 2014

a23-0-160-65.deploy.static.akamaitechnologies.com
September 5, 2014

a23-0-160-72.deploy.static.akamaitechnologies.com
September 5, 2014

a23-0-160-11.deploy.static.akamaitechnologies.com
September 5, 2014

a184-51-126-56.deploy.static.akamaitechnologies.com
September 5, 2014

a184-51-126-32.deploy.static.akamaitechnologies.com
September 5, 2014

a23-62-6-59.deploy.static.akamaitechnologies.com
September 5, 2014

a23-62-6-66.deploy.static.akamaitechnologies.com
September 5, 2014

a184-29-106-82.deploy.static.akamaitechnologies.com
August 17, 2014

a184-29-106-59.deploy.static.akamaitechnologies.com
August 17, 2014

 
Showing 30 of 35 IP Addresses

File downloads found at URLs served by files4.playfin.com.

1 / 68      (Adware)

 
Latest 30 of 83 download URLs

The following 189 files have been seen to comunicate with files4.playfin.com in live environments.

 
Latest 20 of 194 files

Remove Malware from files4.playfin.com - Powered by Reason Core Security