www.winstally.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.winstally.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the CariNet, Inc. network.
Remove Malware from www.winstally.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Tuesday, May 21, 2013

Expires date:
Saturday, May 21, 2016

Updated date:
Sunday, May 17, 2015

ASN:
AS10439 CARINET - CariNet, Inc.

Root domain:

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadAdmin.Y, PUP.Installer.DownloadAdmin.W, PUP.Installer.DownloadAdmin.S, PUP.Installer.DownloadAdmin.O, PUP.Installer.DownloadAdmin.M, PUP.Installer.DownloadAdmin.P, PUP.Installer.DownloadAdmin.R, PUP.Installer.Tightrope, PUP.Tightrope.Zoobam.Bundler (M), PUP.Tightrope.DownloadAdmin.Bundler (M)
90.48%

Dr.Web
Adware.Downware.2220, Adware.InstallCore.133, Adware.DAdmin.151
66.67%

VIPRE Antivirus
DownloadAdmin, InstallCore.b, Threat.4783369
66.67%

ESET NOD32
Win32/OpenCandy, Win32/DownloadAdmin, Win32/InstallCore.FJ (variant)
42.86%

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.InstallCore.A, PUP.Optional.DownloadAdmin
42.86%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Win32.Downware.djahkt
38.10%

Trend Micro House Call
TROJ_GEN.F47V0327, TROJ_GEN.F47V1213, TROJ_GEN.F47V0325, Suspici.B577CD42, TROJ_GEN.F47V0101
33.33%

Avira AntiVirus
Adware/DownloadAdmin.G, APPL/Downloader.Gen, ADWARE/Adware.Gen
33.33%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application, Win32/DownloadAdmin.H potentially unwanted application
28.57%

McAfee Web Gateway
Artemis!8DE613DC0EF9, BehavesLike.Win32.Downloader.bc, BehavesLike.Win32.Downloader.cc, Artemis!A037F6217FDE
23.81%

K7 Gateway Antivirus
Trojan , Unwanted-Program
23.81%

Agnitum Outpost
Riskware.Agent
23.81%

AVG
Generic
23.81%

avast!
Win32:Rootkit-gen [Rtk], Win32:GenMalicious-AGF [Trj], Win32:DownloadAdmin-B [PUP]
19.05%

F-Secure
Adware:W32/WebInstallBundle
19.05%

The domain www.winstally.com has been seen to resolve to the following IP address.

March 14, 2014

File downloads found at URLs served by www.winstally.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

6 / 68      (Adware)

13 / 68    (Adware)

3 / 68      (PUP)

20 / 68    (Adware)

17 / 68    (Adware)

14 / 68    (Adware)

8 / 68      (Adware)

12 / 68    (Adware)

9 / 68      (Adware)

11 / 68    (Adware)

6 / 68      (Adware)

5 / 68      (Adware)

9 / 68      (Adware)

1 / 68      (Adware)

URL:
http://www.winstally.com/

Title:
“Winstally - Simplify software installation”

Web server:
Apache (PleskLin)

Facebook:
Likes:  219
Shares:  2
Comments:  1

Statistics are for the previous month.

Remove Malware from www.winstally.com - Powered by Reason Core Security