home

down.shmehao.com

Tao Jian

Domain Information

The domain down.shmehao.com registered by Tao Jian was initially registered in August of 2011 through GODADDY.COM, LLC. The hosted servers are located in Absecon, New Jersey within the United States which resides on the Linode network.
Registrar:
GODADDY.COM, LLC

Server location:
New Jersey, United States (US)

Create date:
Wednesday, August 10, 2011

Expires date:
Wednesday, August 10, 2016

Updated date:
Monday, April 27, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:
shmehao.com

Whois:
3 shmehao.com records

Google Safe Browsing:
unwanted

Scan engine
Details
Detections

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
93.75%

McAfee
Artemis!CFBADD147A71, Artemis!569CACE929D6, Artemis!B2BCB8C1C217, Artemis!B21A09EF52B8, Artemis!7573CDDE617B, Artemis!70FA3F4319DD, Artemis!EBF466EB55CD, Artemis!7D02571D02EF
81.25%

Kaspersky
Trojan.Win32.StartPage
75.00%

Baidu Antivirus
Trojan.Win32.StartPage
75.00%

Trend Micro House Call
TROJ_GEN.R021H07JQ14, TROJ_GEN.R08NH07EG15, TROJ_GEN.R02SH05BG15, TROJ_GEN.F47V0721, TROJ_GEN.R047C0OKF14, TROJ_GEN.R08NH07EK15, Suspicious_GEN.F47V1029
68.75%

Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF, PE:Trojan.Win32.Generic.17973110!395784464, PE:Malware.Generic/QRS!1.9E2D [F]
56.25%

avast!
Win32:Malware-gen, Win32:Rootkit-gen [Rtk], Win32:Dropper-gen [Drp]
50.00%

Quick Heal
Trojan.StartPage.g5
37.50%

ViRobot
Trojan.Win32.A.StartPage.5314098[h], Trojan.Win32.A.StartPage.1962183[h], Trojan.Win32.A.StartPage.2184434[h], Trojan.Win32.A.StartPage.1793949[h]
37.50%

Norman
Suspicious_Gen4.IBMEG, Troj_Generic_2.HABN, Suspicious_Gen4.HGOER, Suspicious_Gen4.HEEKW, Suspicious_Gen4.HOFIZ
31.25%

Avira AntiVirus
TR/Agent.1962183, TR/Agent.2184434, TR/Agent.3000770, TR/Agent.1793949, TR/Agent.2251213
31.25%

K7 AntiVirus
Riskware
25.00%

Trend Micro
TROJ_GEN.R047C0OKF14, TROJ_GEN.R0C1C0OA515, TROJ_GEN.R02SC0EKB14
25.00%

Qihoo 360 Security
Win32/Trojan.10b, Win32/RootKit.Rootkit.7e5, Win32/Trojan.384
18.75%

VIPRE Antivirus
Trojan.Win32.Generic
18.75%

The domain down.shmehao.com has been seen to resolve to the following 4 IP addresses.

68.64.161.230
January 30, 2016

23.234.14.213
September 16, 2015

23.239.28.186
li724-186.members.linode.com
October 20, 2014

69.163.240.188
apache2-dap.amunet.dreamhost.com
December 25, 2013

File downloads found at URLs served by down.shmehao.com.

0 / 68
http://down.shmehao.com/egypt-warriors.exe  (ea107d70784fbb7e77abce21b40ec203)

0 / 68
http://down.shmehao.com/viking-war.exe  (f58e5c8f54e639756a989f27375b3849)

7 / 68      (Malware)
http://down.shmehao.com/hurry-up-bob-2.exe  (7d02571d02ef1e3550021fb6bf1b93e9)

11 / 68    (Malware)
http://down.shmehao.com/fruit-mario.exe  (4e2b851cd09c7759ebd0aecff5232ac4)

13 / 68    (Malware)
http://down.shmehao.com/stick-master.exe  (fd3144cfbb6d029fe2b1a7a850c75325)

1 / 68
http://down.shmehao.com/pick-and-dig.exe  (8bf677d87e04579089c0b11167594e3c)

1 / 68
http://down.shmehao.com/bike-mania-arena-3.exe  (a3bf8f50d7bb66416b7c5c1924af4329)

9 / 68      (Malware)
http://down.shmehao.com/papas-freezeria.exe  (141497529487124-papas_freezeria.exe)

7 / 68      (Malware)
http://down.shmehao.com/papas-pizzeria.exe  (b2bcb8c1c2175ae836e23f238b1b97a6)

12 / 68    (Malware)
http://down.shmehao.com/grand-prix-tycoon.exe  (b21a09ef52b877e00375c7bb3730b75d)

6 / 68      (Malware)
http://down.shmehao.com/tower-machines.exe  (cfbadd147a718b810e2c66569021c72d)

0 / 68
http://down.shmehao.com/papas-pancakeria.exe  (90c1e7407995b05e536db8aa6bb0cb2d)

13 / 68    (Malware)
http://down.shmehao.com/vehicles.exe  (ee8b21f6ff98eb0410059a05c585deee)

11 / 68    (Malware)
http://down.shmehao.com/gravity-duck-2.exe  (ebf466eb55cd289d10f962eef506c821)

10 / 68    (Malware)
http://down.shmehao.com/gemollection.exe  (2c4754c703051851ae6bcacbdbcaafa1)

5 / 68      (Malware)
http://down.shmehao.com/new-angry-birds.exe  (3e607e6ae43886739f53227a311b62ba)

11 / 68    (Malware)
http://down.shmehao.com/this-only-level-3.exe  (70fa3f4319dde590e2b9ef09baa8c859)

8 / 68      (Malware)
http://down.shmehao.com/cube-mayhem.exe  (7573cdde617b4efe734974987e61452f)

0 / 68
http://down.shmehao.com/grand-prix-go.exe  (0c52b9d2222505e637140f04f7120910)

0 / 68
http://down.shmehao.com/ms-pacman.exe  (247a377ec398d7f750c7bd5cdee1b445)

1 / 68
http://down.shmehao.com/desert-bike-ride.exe  (4b7ab61b5405c0bb28c0ef0256647cac)

0 / 68
http://down.shmehao.com/bulldozer-mania.exe  (cbf40d206deecdd67ac24384bc0c678d)

0 / 68
http://down.shmehao.com/mega-dump-truck.exe  (9fdaf98ab8d66f7102b4654360aee74d)

0 / 68
http://down.shmehao.com/bike-mania-arena-3.exe  (b9090f1a5f6aa5f2ad9c1fd6a1f2a2c1)

0 / 68
http://down.shmehao.com/gloomy-truck.exe  (8934553bb8216823b1d0fb6064015cb8)

0 / 68
http://down.shmehao.com/ben-10-moto-ride.exe  (52f554f694daef0dd5d27328d0b62299)

0 / 68
http://down.shmehao.com/mass-mayhem-3.exe  ({blocked}.exe)

0 / 68
http://down.shmehao.com/spark-chess.exe  (9dab8e15b94353481f682af32fa6a452)

0 / 68
http://down.shmehao.com/angry-chicken.exe  (cf65849d044391c03cfaf26ed6ebdf6d)

0 / 68
http://down.shmehao.com/infectonator-2.exe  (b35f261183302b0488511941b1294a22)

 
Latest 30 of 30 download URLs

URL:
http://down.shmehao.com/

Title:
“什么搜索 - 干净、安全、可信任的网页搜索引擎”

Description:
“什么搜索是一个干净无竞价排名广告的网页搜索引擎,为您快速查找信息!”

Web server:
Microsoft-IIS/7.5 (PHP/5.2.17,ASP.NET)

eplaybus.com

filesauce.com

feeplay.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.