home

iframe.applicationsforeveryy.asia

applicationsforeveryy.asia

Domain Information

The domain iframe.applicationsforeveryy.asia registered by applicationsforeveryy.asia was initially registered in May of 2013 through PDR Ltd. d/b/a PublicDomainRegistry.com R28-ASIA (303). This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
PDR Ltd. d/b/a PublicDomainRegistry.com R28-ASIA (303)

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Wednesday, May 1, 2013

Expires date:
Thursday, May 1, 2014

Updated date:
Friday, February 21, 2014

Root domain:
applicationsforeveryy.asia

Whois:
1 applicationsforeveryy.asia record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer.F, Adware.WebPick.Installer.DD, Adware.AdInjector.Installer.WebPick, Adware.WebPick.Installer (M), Adware (M)
100.00%

Bkav FE
HW32.CDB, W32.FamVT.AntiFWK.Trojan, W32.HfsAdware
37.50%

MicroWorld eScan
Application.Generic.605580, Trojan.Generic.9471195, Gen:Variant.Application.Bundler.InstallRex.2
37.50%

McAfee
PUP-FHQ!0EF93B7D23C2, Program.PUP-FHQ
37.50%

Malwarebytes
PUP.Optional.Installex
37.50%

avast!
Win32:InstalleRex-U [PUP], Win32:InstalleRex-X [PUP]
37.50%

Kaspersky
not-a-virus:AdWare.Win32.Agent
37.50%

Bitdefender
Application.Generic.605580, Trojan.Generic.9471195, Gen:Variant.Application.Bundler.InstallRex.2
37.50%

NANO AntiVirus
Riskware.Win32.Agent.crfilp, Riskware.Win32.Agent.crfila
37.50%

SUPERAntiSpyware
PUP.InstallRex/Variant, Adware.InstalleRex/Variant
37.50%

Sophos
InstallRex, PUA 'InstallRex'
37.50%

Comodo Security
Application.Win32.InstalleRex.KG
37.50%

F-Secure
Application.Generic.605580, Trojan.Generic.9471195, Gen:Variant.Application.Bundler
37.50%

Dr.Web
Adware.Downware.1166
37.50%

VIPRE Antivirus
Installerex/WebPick, Threat.4753027, Threat.4150696
37.50%

The domain iframe.applicationsforeveryy.asia has been seen to resolve to the following IP address.

92.242.140.21
unallocated.barefruit.co.uk
May 28, 2015

File downloads found at URLs served by iframe.applicationsforeveryy.asia.

1 / 68      (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1375353001&id=23074594374750480&r=http://.../v726?product_name=Need.For.Speed.Shift.RELOADED&installer_file_name=Need.For.Speed.Shift.RELOADED  (need.for.speed.shift.reloaded.exe)

1 / 68      (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1373543839&id=4383931988084613168&r=http://.../v726?product_name=WWE Raw vs Smackdown 2007 PC GAME.rar&installer_file_name=WWE Raw vs Smackdown 2007 PC GAME.rar  (wwe raw vs smackdown 2007 pc game.rar.exe)

1 / 68      (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1375395336&id=23075304645588064&r=http://.../v726?product_name=taboo 18.360p&installer_file_name=taboo 18.360p  (taboo 18.360p.exe)

1 / 68      (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1374004652&id=0465293086582908487&r=http://.../v726?product_name=Skins Season 1&installer_file_name=Skins Season 1  (skins season 1.exe)

1 / 68      (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1375211396&id=1139695581900649434&r=http://.../v726?product_name=Grown.Ups.2010.SWESUB.DVDRip.XviD-ReGeN&installer_file_name=Grown.Ups.2010.SWESUB.DVDRip.XviD-ReGeN  (grown.ups.2010.swesub.dvdrip.xvid-regen.exe)

33 / 68    (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1375464851&id=23076470908391408&r=http://.../v726?product_name=Ebooks Setje 6 DutchReleaseTeam&installer_file_name=Ebooks Setje 6 DutchReleaseTeam  (ebooks setje 6 dutchreleaseteam.exe)

31 / 68    (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1374222180&id=2218086248515380688&r=http://.../v726?product_name=Civilization.V.Brave.New.World.CHS&installer_file_name=Civilization.V.Brave.New.World.CHS  (civilization.v.brave.new.world.chs.exe)

27 / 68    (Adware)
http://iframe.applicationsforeveryy.asia/lpo/dl.php?t=1375816791&id=23082375484247461&r=http://.../v726?product_name=Lorde&installer_file_name=Lorde  (lorde.exe)

The following 230 files have been seen to comunicate with iframe.applicationsforeveryy.asia in live environments.

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
marini.exe (Marini)

TCP » 92.242.140.21:443
client.exe (ClientWrapper)

TCP » 92.242.140.21:80
thebrowser.exe (TheBrowser by Goobzo)

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:443
WindowService.exe (WindowService)

TCP » 92.242.140.21:443
ciuninstall.exe

TCP » 92.242.140.21:1866
jutched.exe

TCP » 92.242.140.21:443
dca-monitoring.exe (Compete DCA Monitoring Tool by Compete)

TCP » 92.242.140.21:80
masterupdater.exe

TCP » 92.242.140.21:80
pricemeterexpress.crx

TCP » 92.242.140.21:80
chrome.crx

TCP » 92.242.140.21:80
app-center.crx

TCP » 92.242.140.21:80
ntp.crx

TCP » 92.242.140.21:80
3dayinvite.crx

TCP » 92.242.140.21:80
twitter.crx

TCP » 92.242.140.21:80
viewlater.crx

TCP » 92.242.140.21:80
rss.crx

TCP » 92.242.140.21:80
datapump.crx

 
Latest 20 of 230 files

URL:
http://iframe.applicationsforeveryy.asia/

Web server:
nginx/1.0.15

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.