home

v2.irismediainc.com

Kuan-Yin Tang

Domain Information

The domain v2.irismediainc.com registered by Kuan-Yin Tang was initially registered in March of 2013 through INTERNETWORX LTD. & CO. KG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
INTERNETWORX LTD. & CO. KG

Server location:
Bayern, Germany (DE)

Create date:
Thursday, March 21, 2013

Expires date:
Monday, March 21, 2016

Updated date:
Sunday, March 22, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online AG,DE

Root domain:
irismediainc.com

Whois:
2 irismediainc.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

McAfee
Adware-OpenCandy.dll, Trojan.Adware-OpenCandy.dll, Program.Adware-OpenCandy.dll
100.00%

Dr.Web
Adware.Downware.1329
80.00%

VIPRE Antivirus
Adware.Privitize, Threat.4773981, Threat.4150696
80.00%

ESET NOD32
Win32/Packed.ScrambleWrapper.C potentially unwanted application, Win32/OpenCandy potentially unsafe application
80.00%

F-Prot
W32/Trojan3.IUT (exact, not disinfectable)
60.00%

Kaspersky
not-a-virus:AdWare.Win32.Lyckriks
60.00%

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.OpenCandy.A
40.00%

K7 AntiVirus
Unwanted-Program
40.00%

Agnitum Outpost
Riskware.ScrambleWrapper, PUA.Lyckriks
40.00%

Trend Micro House Call
TROJ_GE.B74A031B, TROJ_GEN.R0CBH0AHN13
40.00%

avast!
NSIS:InstMonetizer-AE [PUP], Win.Threat.Undefined
40.00%

Sophos
Generic PUA LN, PUA 'OpenCandy'
40.00%

Comodo Security
Application.Win32.OpenCandy.~A
40.00%

F-Secure
Application:Java/Downlite
40.00%

Avira AntiVirus
Adware/OpenCandy.AK
40.00%

The domain v2.irismediainc.com has been seen to resolve to the following 3 IP addresses.

5.9.143.213
static.213.143.9.5.clients.your-server.de
March 1, 2016

78.46.106.170
static.170.106.46.78.clients.your-server.de
March 1, 2016

5.9.22.24
static.24.22.9.5.clients.your-server.de
April 14, 2014

File downloads found at URLs served by v2.irismediainc.com.

4 / 68      (PUP)
http://v2.irismediainc.com/index.php/.../The.Complete.Matrix.Trilogy.Bluray.1080p.BluRay.x264.anoXmous.exe  (200a1bbf947b713208b54a9af4c145b3)

7 / 68      (PUP)
http://v2.irismediainc.com/index.php/.../Love_and_Other_Impossible_Pursuits_2009_BRRip_XvidHD_720p-NPW.exe  (3e1121a4209b7717e8e0ae17e385242d)

5 / 68      (PUP)
http://v2.irismediainc.com/index.php/.../Love_and_other_impossible_pursuits_(2009)(dd5.1)(nl_subs)_TBS.exe  (love_and_other_impossible_pursuits_(dd5.1)(nl_subs)_tbs.exe)

25 / 68    (PUP)
http://v2.irismediainc.com/index.php/.../Maximum_The_Hormone_Discography.exe  (e9c60207a96420b069b0ebfa320afab9)

16 / 68    (PUP)
http://v2.irismediainc.com/index.php/.../Forrest_Gump_[HD-Rip_ITA_ENG_ESP__~_1080p][HDitaly].exe  (d396d823dd311ebb8273f5e3d195ab61)

URL:
http://v2.irismediainc.com/

Web server:
nginx (PHP/5.4.41-0+deb7u1)

siriomedia.com

downlite.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.