www.carifred.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.carifred.com is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Los Angeles, California within the United States which resides on the InMotion Hosting, Inc. network.
Remove Malware from www.carifred.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Friday, December 04, 2009

Expires date:
Sunday, December 04, 2016

Updated date:
Friday, November 27, 2015

ASN:
AS22611 IMH-WEST - InMotion Hosting, Inc.

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AlfredoAnibalsantossilva.Q, PUP.AlfredoAnibalsantossilva.O, PUP.AlfredoAnibalsantossilva.L, PUP.AlfredoAnibalsantossilva.K, PUP.Installer.AlfredoAnibalsantossilva, Threat.Installer.AlfredoAnibalsantossilva, Threat.AlfredoAnibalsantossilva, PUP.AlfredoAnibalsantossilva.Installer (M), PUP.AlfredoAnibalsantossilva (M)
100.00%

Jiangmin
TrojanDownloader.Genome.aikn
17.02%

Clam AntiVirus
Win.Trojan.Autoit-1372, Win.Trojan.Agent-908782
17.02%

Zillya! Antivirus
Trojan.Zapchast.Win32.20154, Trojan.Cossta.Win32.8444
14.89%

CMC Antivirus
Trojan.Win32.Generic!O
14.89%

AVG
unknown virus
14.89%

Trend Micro House Call
TROJ_GEN.F47V0321, TROJ_GEN.F47V0330, TROJ_GEN.F47V0418, Suspicious_GEN.F47V0310, Suspicious_GEN.F47V0304
14.89%

NANO AntiVirus
Trojan.Win32.Autoit.dbiolu
14.89%

Qihoo 360 Security
Malware.QVM10.Gen, HEUR/QVM41.1.Malware.Gen
14.89%

Fortinet FortiGate
W32/Autoit.AJE!tr
12.77%

Antiy Labs AVL
Trojan[Dropper]/Win32.FrauDrop
12.77%

Rising Antivirus
PE:Backdoor.Win32.DarkKomet.b!1075356506
12.77%

Total Defense
Win32/Tnega.AVVX
12.77%

herdProtect (fuzzy)
a variant of 4bcb55a22e8305ac24e3beb9f609a40b03be6ced, a variant of b6b6b05c4b624b4b5a4ccd2cd353e07db88a5cc2, a variant of 17727ffceadc0eee62f549021190848c136d1c2b
10.64%

Comodo Security
TrojWare.Win32.AutoIT.CHR
10.64%

The domain www.carifred.com has been seen to resolve to the following IP address.

biz141.inmotionhosting.com
December 22, 2013

File downloads found at URLs served by www.carifred.com.

0 / 68
http://www.carifred.com/.../TechToolStore.exe  (4bbe02c12aeb9413c96f3dbe9c79955a)

0 / 68
http://www.carifred.com/.../2Browse.exe  (b08517d8f03191b769bd6cf79f7ae865)

1 / 68      (PUP)
http://www.carifred.com/.../RecentFileSeeker.exe  (29da6125450385700da2370ff106c7ce)

1 / 68      (PUP)
http://www.carifred.com/.../ExeFixer.exe  (b67015d70dd71c6148b4b5d0cfc49fe2)

3 / 68      (PUP)
http://www.carifred.com/.../UVKPortable.exe  (b790554ec8e38463735a52cc8588814e)

1 / 68      (PUP)
http://www.carifred.com/.../UltraAdwareKiller.exe  (ultra adware killer 1.6.0.0 x64.exe)

2 / 68      (PUP)
http://www.carifred.com/.../UVKSetup.exe  (b9057efa2a5142013228ef5ea5b0727f)

1 / 68      (PUP)
http://www.carifred.com/uvk/.../UVKPortable.exe  (84521b6cad989538ab161886c3e4babe)

1 / 68      (PUP)
http://www.carifred.com/.../UltraAdwareKiller64.exe  (ultra adware killer 1.6.0.0 x64.exe)

16 / 68    (PUP)
http://www.carifred.com/uvk/.../UVKSetup.exe  (c08ce8df1f64020ac0d70fa7b4d57c4d)

1 / 68      (PUP)
http://www.carifred.com/.../Quick_Any2Ico.exe  (8cfa75e624d4d85df8572510e40f0e11)

1 / 68      (PUP)

2 / 68      (PUP)
http://www.carifred.com/.../QuickUserManager.exe  (ffdf85ac1120095db153436e2e29da0e)

The following 17 files have been seen to comunicate with www.carifred.com in live environments.

URL:
http://www.carifred.com/

Title:
“Carifred - Windows software”

Description:
“Free software UVK - Ultra Virus Killer. ExeFixer. Recent file seeker. FVIE - File Version Info Editor. Quick Any2Ico - Icon creation software. SHIcon - Hide desktop icons”

Web server:
Apache (PHP/5.3.29)

Facebook:
Likes:  3
Shares:  14
Comments:  1

Statistics are for the previous month.

Remove Malware from www.carifred.com - Powered by Reason Core Security