files5.getgimp.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain files5.getgimp.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2010. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Remove Malware from files5.getgimp.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Texas, United States (US)

Create date:
Wednesday, September 22, 2010

Expires date:
Thursday, September 22, 2016

Updated date:
Wednesday, September 23, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadAdmin.K, PUP.DownloadAdmin.Bundler.Installer.Meta (M), PUP.Tightrope.DownloadAdmin.Bundler (M)
78.57%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt, Trojan.Win32.Agent.dtlegd
35.71%

Dr.Web
Adware.Downware.2220, Trojan.Vittalia.81
35.71%

VIPRE Antivirus
DownloadAdmin, Threat.4783369
28.57%

Sophos
Download Admin, PUA 'DownloadAdmin' (of type Adware)
28.57%

herdProtect (fuzzy)
a variant of b285913c2bf0813aee44fa6899961b3d37089961, a variant of cacaf219425f86d5abc5f8439c35d96304d2a659, a variant of 3582819f979c11a86650a01ede1c1db0f2045d4e
21.43%

Malwarebytes
PUP.Optional.DownloadAdmin
21.43%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application, Win32/DownloadAdmin.H potentially unwanted application
21.43%

K7 Gateway Antivirus
Unwanted-Program , Adware
21.43%

K7 AntiVirus
Unwanted-Program , Adware
21.43%

Comodo Security
Application.Win32.DownloadAdmin.TTK, Application.Win32.DownloadAdmin.ANGL
14.29%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
14.29%

ESET NOD32
Win32/DownloadAdmin
14.29%

avast!
Adware-OH [Adw], Malware-gen
14.29%

F-Secure
Adware:W32/WebInstallBundle
14.29%

The domain files5.getgimp.com has been seen to resolve to the following 4 IP addresses.

50.22.63.140-static.reverse.softlayer.com
December 1, 2014

50.22.63.138-static.reverse.softlayer.com
December 1, 2014

108.168.160.45-static.reverse.softlayer.com
April 30, 2014

50.97.63.217-static.reverse.softlayer.com
April 30, 2014

File downloads found at URLs served by files5.getgimp.com.

9 / 68      (PUP)

13 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

10 / 68    (Adware)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (Adware)

9 / 68      (PUP)

1 / 68      (Adware)

The following 60 files have been seen to comunicate with files5.getgimp.com in live environments.

 
Latest 20 of 63 files

30 of 45 related domains

Remove Malware from files5.getgimp.com - Powered by Reason Core Security