The domain www.winstally.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the CariNet, Inc. network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
New York, United States (US)
Create date:
Tuesday, May 21, 2013
Expires date:
Saturday, May 21, 2016
Updated date:
Sunday, May 17, 2015
ASN:
AS10439 CARINET - CariNet, Inc.
Scanner detections:
Detections (94% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.DownloadAdmin.Y, PUP.Installer.DownloadAdmin.W, PUP.Installer.DownloadAdmin.S, PUP.Installer.DownloadAdmin.O, PUP.Installer.DownloadAdmin.M, PUP.Installer.DownloadAdmin.P, PUP.Installer.DownloadAdmin.R, PUP.Installer.Tightrope, PUP.Tightrope.Zoobam.Bundler (M), PUP.Tightrope.DownloadAdmin.Bundler (M), PUP.InstallCore (M), PUP.Tightrope.Download.Bundler (M), PUP.Tightrope (M)
93.75%
Dr.Web
Adware.Downware.2220, Adware.InstallCore.133, Adware.DAdmin.151
50.00%
VIPRE Antivirus
DownloadAdmin, InstallCore.b, Threat.4783369
46.88%
ESET NOD32
Win32/OpenCandy, Win32/DownloadAdmin, Win32/InstallCore.FJ (variant)
31.25%
Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.InstallCore.A, PUP.Optional.DownloadAdmin
31.25%
Trend Micro House Call
TROJ_GEN.F47V0327, TROJ_GEN.F47V1213, TROJ_GEN.F47V0325, Suspici.B577CD42, TROJ_GEN.F47V1216, TROJ_GEN.F47V0101
25.00%
NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt
25.00%
Avira AntiVirus
Adware/DownloadAdmin.G, APPL/Downloader.Gen, ADWARE/Adware.Gen, ADWARE/InstallCore.Gen7
25.00%
ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application, Win32/DownloadAdmin.H potentially unwanted application, Win32/InstallCore.BX potentially unwanted application
21.88%
Agnitum Outpost
Riskware.Agent
15.63%
Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Malware.XPACK-LNR/Heur!1.5594
12.50%
F-Prot
W32/InstallCore.R.gen
12.50%
avast!
Win32:Rootkit-gen [Rtk], Win32:GenMalicious-AGF [Trj], Win32:DownloadAdmin-B [PUP]
12.50%
F-Secure
Adware:W32/WebInstallBundle
12.50%
The domain www.winstally.com has been seen to resolve to the following IP address.
File downloads found at URLs served by www.winstally.com.
URL:
http://www.winstally.com/
Title:
“Winstally - Simplify software installation”
Web server:
Apache (PleskLin)
Facebook:
Likes: 219
Shares: 2
Comments: 1
Statistics are for the previous month.