install.version-upgrades.com

Corp New Ventures Services

Domain Information

The domain install.version-upgrades.com registered by Corp New Ventures Services was initially registered in June of 2014 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Redwood City, California within the United States which resides on the SKYE network.
Registrar:
DOMAINROYALE.COM LLC

Server location:
California, United States (US)

Create date:
Saturday, June 21, 2014

Expires date:
Tuesday, June 21, 2016

Updated date:
Tuesday, September 22, 2015

ASN:
AS26008 NOMINUM-SKYE1 - SKYE

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PaymentsInteractiveSL.F, PUP.Installer.WARPINSTALLER.G, DownloadManager.AirSoftware.G, PUP.Air Software.AirSoftware.Bundler (M), PUP.Amonitize.Installer (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Air Software (M)
100.00%

AVG
Adware Skodna.Bundle_r.Y, AdPlugin, Adware Generic_r.JG, Generic5
50.00%

avast!
PUP-gen [PUP], Win32:IBryte-DB [PUP], Win32:Adware-CAH [PUP], Adware-gen [Adw]
50.00%

Quick Heal
AdWare.MSIL.r3 (Not a Virus), Adware.iBryte.DK4, Adware.AirAdInstaller.I5, Adware.AirAdInstaller.C5
50.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4778314, Threat.4782985, AirInstaller
50.00%

K7 AntiVirus
Unwanted-Program , Adware
50.00%

K7 Gateway Antivirus
Unwanted-Program , Adware
50.00%

NANO AntiVirus
Trojan.Win32.DomaIQ.ctadmg, Trojan.Win32.Agent.cxjjsz, Riskware.Win32.Downware.cwfgel, Riskware.Win32.AirAdInstaller.cwscxy
50.00%

F-Prot
W32/DomaIQ.D3.gen, W32/DomaIQ.G2.gen, W32/AirInstall.A.gen
50.00%

Comodo Security
Application.Win32.DomaIQ.URT, Application.Win32.iBryte.WRP, Application.Win32.AirAdInstaller.A, Application.Win32.Agent.AJ
50.00%

Dr.Web
Trojan.DownLoader9.21779, Trojan.Packed.26508, Adware.Downware.1116, Adware.Downware.10718, Adware.Downware.1167, Adware.Downware.897
50.00%

Avira AntiVirus
APPL/DomaIQ.Gen, ADWARE/Adware.Gen7, Adware/AirInst.2556, Adware/Airinstall.J
50.00%

Jiangmin
AdWare/MSIL.aij, Adware/iBryte.gtzh, AdWare/AirAdInstaller.g, AdWare/AirAdInstaller.fz, AdWare/AirAdInstaller.w
50.00%

Antiy Labs AVL
GrayWare[AdWare:not-a-virus]/MSIL.DomaIQ, Trojan[:HEUR]/Win32.AGeneric, GrayWare[AdWare:not-a-virus]/Win32.AirAdInstaller
50.00%

G Data
Gen:Variant.Application.Bundler.DomaIQ, Win32.Adware.Ibryte, Win32.Adware.Airadinstaller
50.00%

The domain install.version-upgrades.com has been seen to resolve to the following 5 IP addresses.

July 25, 2016

May 17, 2016

October 20, 2015

August 16, 2014

search.dnsassist.verizon.net
May 21, 2014

File downloads found at URLs served by install.version-upgrades.com.

1 / 68      (Adware)

1 / 68      (Adware)

 
Latest 30 of 30 download URLs

The following 49 files have been seen to comunicate with install.version-upgrades.com in live environments.

 
Latest 20 of 49 files

URL:
http://install.version-upgrades.com/

Google Analytics:
UA-2249740

Title:
“version-upgrades.com”

Description:
“Find Cash Advance, Debt Consolidation and more at Version-Upgrades.com. Get the best of Insurance or Free Credit Report, browse our section on Cell Phones or learn about Life Insurance. Version-Upgrades.com is the site for Cash Advance.”

Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

30 of 685 related domains