The domain vzbucket.maxrevinstaller.com registered by LiveSoftAction SRL was initially registered in March of 2014 through GANDI SAS. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Jose, California within the United States which resides on the CDNetworks Inc. network.
Registrant:
LiveSoftAction SRL
Server location:
California, United States (US)
Create date:
Monday, March 10, 2014
Expires date:
Friday, March 10, 2017
Updated date:
Friday, January 29, 2016
ASN:
AS36408 CDNETWORKSUS-02 - CDNetworks Inc.,US
Scanner detections:
Detections (78% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.SearchProtect.Conduit.M, PUP.PriceGong.J, PUP.Installer.LocalWeather.Z, PUP.SuperDownloads.F, PUP.Optional.SafeDownloadLimited.n, Threat.Conduit.Installer, PUP.HefeiZhimingxingtongSoftwareTechnologyCo.K, PUP.Installer.SoftBrainTechnologies, PUP.SpeedChecker.Optional.Installer.Meta (L), PUP.PC Utilities.SmartPCSolutions.Installer (M)
75.00%
Dr.Web
Adware.Conduit.6, Adware.Shopper.327, Adware.Searcher.2542, Adware.Mutabaha.48, Trojan.Triosir.1, Trojan.Triosir.4, Adware.Downware.4151, Adware.Shopper.423
47.22%
Trend Micro House Call
TROJ_GEN.F47V0209, TROJ_GEN.F47V1203, TROJ_GEN.F47V0122, TROJ_GEN.F47V0221, TROJ_GEN.F47V0328, TROJ_GEN.F47V0326, Suspicious_GEN.F47V0630, Suspicious_GEN.F47V0729, Suspicious_GEN.F47V0226
47.22%
ESET NOD32
Win32/Toolbar.Conduit, Win32/Toolbar.Conduit (variant), Win32/Wajam, Win32/Speedchecker (variant), Win32/ELEX.AF (variant)
41.67%
McAfee
Artemis!CDC339910694, Artemis!973D254428E9, Artemis!E783ABC8FA3D, Artemis!EAE451558E67, Artemis!0CE24C8F9A1C, Artemis!F3CA39820854, Artemis!F4D6DCDD0C4C, Artemis!C42C8E67DADC
36.11%
VIPRE Antivirus
Conduit, Wajam, InfoAtoms, Trojan.Win32.Generic, Crossrider, Montiera
33.33%
G Data
Win32.Application.ConduitBrothersoftTB, Script.Adware.EZYoutubeVideoDownloader, Gen:Variant.Kazy.461155, Gen:Trojan.Heur.DP.oN1@a0O7WFdO
33.33%
Emsisoft Anti-Malware
Adware.Win32.PriceGong.AMN, Gen:Variant.Kazy.461155, Gen:Trojan.Heur.DP.oN1@a0O7WFdO, Trojan.GenericKD.2015090, Adware.BrowseFox.BN
27.78%
Qihoo 360 Security
HEUR/Malware.QVM06.Gen, HEUR/QVM42.0.Malware.Gen, Win32/Virus.Adware.219, Win32/Virus.Adware.80e, Win32/Virus.Adware.f45
27.78%
AVG
Installium, Generic, BrowseFox.H, Generic6, AddLyrics_r, Paybyads
27.78%
Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.Wajam, PUP.Optional.SkyTech.A, PUP.Optional.CrossRider.A, PUP.Optional.BPlug, PUP.Optional.CoupSeek.A
25.00%
Sophos
FuYu, V-Bates, Generic PUA AD, Generic PUA KD, Generic PUA JO, Generic PUA BO, MultiPlug, Generic PUA PL, PayByAds
25.00%
MicroWorld eScan
Gen:Variant.Kazy.461155, Gen:Trojan.Heur.DP.oN1@a0O7WFdO, Trojan.GenericKD.2015090, Adware.BrowseFox.BN, Adware.Downloader.BA, Gen:Variant.Adware.Graftor.174225, Trojan.GenericKD.2167949, Adware.BrowseFox.BE
25.00%
Bitdefender
Gen:Variant.Kazy.461155, Gen:Trojan.Heur.DP.oN1@a0O7WFdO, Trojan.GenericKD.2015090, Adware.BrowseFox.BN, Adware.Downloader.BA
25.00%
Lavasoft Ad-Aware
Gen:Variant.Kazy.461155, Gen:Trojan.Heur.DP.oN1@a0O7WFdO, Trojan.GenericKD.2015090, Adware.BrowseFox.BN, Adware.Downloader.BA
25.00%
The domain vzbucket.maxrevinstaller.com has been seen to resolve to the following 33 IP addresses.
Showing 30 of 33 IP Addresses
File downloads found at URLs served by vzbucket.maxrevinstaller.com.
Latest 30 of 40 download URLs
The following 84 files have been seen to comunicate with vzbucket.maxrevinstaller.com in live environments.
URL:
http://vzbucket.maxrevinstaller.com/