down.ruanmei.com

Zhangkai

Domain Information

The domain down.ruanmei.com registered by Zhangkai was initially registered in May of 2006 through 35 TECHNOLOGY CO., LTD. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Remove Malware from down.ruanmei.com - Powered by Reason Core Security
Registrar:
35 TECHNOLOGY CO., LTD

Server location:
Zhejiang, China (CN)

Create date:
Thursday, May 04, 2006

Expires date:
Thursday, May 04, 2017

Updated date:
Tuesday, March 25, 2014

ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street,CN

Root domain:

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.R, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.S, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.X, PUP.Installer.QingdaoRuanmeiNetworkTechnologyCoLtd.Q, PUP.QingdaoRuanmeiNetworkTechnology.Installer (M)
93.33%

Rising Antivirus
PE:Trojan.Win32.Generic.1293B169!311669097, PE:Worm.Autorun!1.9EE3, PE:Malware.XPACK/RDM!5.1
53.33%

McAfee
Artemis!83CE39AD3562, Artemis!A65FFC4B0913, Artemis!753032EC4D62, Artemis!0A237B244A59, Artemis!6C6B2676C944, Artemis!0E24B43D932B, Artemis!71D3CB1A708C
46.67%

Dr.Web
Trojan.Moky.19, Trojan.Carberp.1395, Trojan.Siggen4.45560, DLOADER.Trojan
40.00%

McAfee Web Gateway
Artemis!83CE39AD3562, Artemis!A65FFC4B0913, Artemis!753032EC4D62, Artemis!0A237B244A59
33.33%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, BScope.Trojan.Agent
26.67%

Trend Micro House Call
TROJ_GEN.F47V0527, Suspicious_GEN.F47V0330, Suspicious_GEN.F47V0419
20.00%

IKARUS anti.virus
Trojan.Win32.Agent, Virus.Win32.Sality
13.33%

NANO AntiVirus
Trojan.Win32.Stanit.cuckfy
6.67%

Sophos
Address Tool Bar
6.67%

G Data
Win32.Trojan.Agent.6YOJG1
6.67%

Bkav FE
W32.HfsAdware
6.67%

Zillya! Antivirus
Downloader.Agent.Win32.281665
6.67%

ESET NOD32
Win32/MyDesk.A potentially unwanted
6.67%

Fortinet FortiGate
Riskware/MyDesk
6.67%

The domain down.ruanmei.com has been seen to resolve to the following 7 IP addresses.

May 2, 2015

January 5, 2015

June 22, 2014

April 14, 2014

March 15, 2014

December 29, 2013

December 29, 2013

File downloads found at URLs served by down.ruanmei.com.

1 / 68      (Adware)
http://down.ruanmei.com/.../saayaasetup_3.36.exe  (8d2331c56503107af97099325d9fe56d)

8 / 68      (Adware)

5 / 68      (Adware)
http://down.ruanmei.com/.../tweakcubesetup_3.0.exe  (71d3cb1a708cc7b6fa3c9b61d23ae16d)

0 / 68
http://down.ruanmei.com/.../eicfg_removal_utility.zip  (7ca6a5172345dff8811c215850cb9c12)

2 / 68      (Adware)
http://down.ruanmei.com/.../win8mastersetup_1.08.exe  (9512c27d80469e4f60d88dfb1ebd7a45)

6 / 68      (Adware)

6 / 68      (Adware)
http://down.ruanmei.com/.../windows7mastersetup_1.80.exe  (6c6b2676c944e16a0f5d0ce1c7d83e69)

5 / 68      (Adware)

5 / 68      (Adware)
http://down.ruanmei.com/.../pcmastersetup_5.06_full.exe  (753032ec4d62c091159837953d4ee6a7)

3 / 68      (Adware)
http://down.ruanmei.com/.../pcmastersetup_5.05.exe  (2cd70c82f1e8d4f9cfa121ecd6412a52)

5 / 68      (Adware)

5 / 68      (Adware)
http://down.ruanmei.com/.../tweakcubesetup_3.39.exe  (83ce39ad3562e8fe0425881f7bf9ff2d)

1 / 68      (Adware)
http://down.ruanmei.com/.../windows7mastersetup_1.80.exe  (06bc0c45b8ab5b2f9cebf37f31129769)

2 / 68      (Adware)
http://down.ruanmei.com/.../pcmastersetup_5.08.exe  (b78d5d16d152e7920c78d367c2c5cf54)

2 / 68      (Adware)
http://down.ruanmei.com/.../pcmastersetup_5.02.exe  (80e1b747ed77bda4187d375423bef40c)

URL:
http://down.ruanmei.com/

Web server:
Microsoft-IIS/8.5 (ASP.NET)

Remove Malware from down.ruanmei.com - Powered by Reason Core Security