downlite.net

Linus Kolseth

Domain Information

The domain downlite.net registered by Linus Kolseth was initially registered in March of 2013 through INTERNETWORX LTD. & CO. KG. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Francisco, California within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Remove Malware from downlite.net - Powered by Reason Core Security
Registrar:
INTERNETWORX LTD. & CO. KG

Server location:
California, United States (US)

Create date:
Monday, March 18, 2013

Expires date:
Friday, March 18, 2016

Updated date:
Thursday, March 19, 2015

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Downware.1329
100.00%

VIPRE Antivirus
Adware.Privitize
100.00%

ESET NOD32
Win32/OpenCandy, Win32/DownLite, Win32/Toolbar.Montiera.I potentially unwanted
100.00%

Reason Heuristics
PUP.Installer.OOO.F, PUP.OOO.DD, PUP.Installer.OOO.O, PUP.OOO.d, PUP.OOO.p, PUP.OOO.h, PUP.Installer.OOO.t, PUP.OOO.i, PUP.Installer (M)
100.00%

Malwarebytes
PUP.Optional.BundleInstaller, PUP.Optional.OpenCandy, PUP.Optional.Opencandy
80.00%

K7 Gateway Antivirus
Unwanted-Program , Riskware, Trojan
80.00%

K7 AntiVirus
Unwanted-Program , Riskware, Adware , Trojan
80.00%

F-Prot
W32/OpenCandy.A
80.00%

Trend Micro House Call
TROJ_GEN.R0CBH0AI113, TROJ_SPNR.08JK13, TROJ_GEN.F47V0723, TROJ_SPNR.08LB13, TROJ_SPNR.09JM13, TROJ_GE.E218BDF9, TROJ_GEN.R0CBOH0L513
80.00%

avast!
Win32:PUP-gen [PUP], NSIS:Adware-LK [PUP], Win32:Malware-gen
80.00%

McAfee
Artemis!5ACE242BCE28, Artemis!E9E5059DD650, Artemis!5C62FC04727E, Artemis!E768474DDA31, Artemis!32FCA83CD54B, Artemis!F41A253A3EBC
70.00%

Sophos
OpenCandy
70.00%

McAfee Web Gateway
Artemis!5ACE242BCE28, Artemis!E9E5059DD650, Artemis!5C62FC04727E, Heuristic.BehavesLike.Win32.Suspicious-PKR.O, Artemis!32FCA83CD54B
70.00%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
70.00%

Bkav FE
W32.Clod46b.Trojan, W32.Clod108.Trojan, W32.Clod981.Trojan, W32.Clod782.Trojan, W32.Clodf11.Trojan, W32.HfsAdware
60.00%

The domain downlite.net has been seen to resolve to the following 9 IP addresses.

July 23, 2014

July 23, 2014

cf-173-245-61-128.cloudflare.com
May 13, 2014

cf-173-245-60-128.cloudflare.com
May 13, 2014

March 14, 2014

March 14, 2014

January 23, 2014

January 23, 2014

December 13, 2013

File downloads found at URLs served by downlite.net.

7 / 68      (Adware)
http://downlite.net/.../DownLite_Setup.exe  (d68819d460c74d66c0018ecc25a93b18)

23 / 68    (Adware)

17 / 68    (Adware)

28 / 68    (Adware)

28 / 68    (Adware)

14 / 68    (Adware)
http://downlite.net/download.php?c=oc&n=MS_OFFICE_2013_PRO_64_BIT&b=  (hape_kerkeling_-_ich_bin_dann_mal_weg_[h.exe)

28 / 68    (Adware)

28 / 68    (Adware)

16 / 68    (Adware)
http://downlite.net/.../MP3)&b=oca  (internet_download_manager_6.04_final_._crack-[hb].exe)

28 / 68    (Adware)

28 / 68    (Adware)

28 / 68    (Adware)

5 / 68      (Adware)

16 / 68    (Adware)
http://downlite.net/download.php?c=oca&n=Microsoft_Office_2010_full_dont_need_key&b=oca  (internet_download_manager_6.04_final_._crack-[hb].exe)

16 / 68    (Adware)
http://downlite.net/download.php?c=oca&n=Smashing_Pumpkins&b=oca  (internet_download_manager_6.04_final_._crack-[hb].exe)

19 / 68    (Adware)
http://downlite.net/.../Patch_ONLY_(x64_&b=occr  (the_elder_scrolls_v_skyrim_-_crack_.exe)

28 / 68    (Adware)

 
Latest 30 of 154 download URLs

December 13, 2013

September 18, 2014

URL:
http://downlite.net/

Title:
“DownLite - Free download manager!”

SSL certificate subject:
CN=sni69031.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Shares:  11

Statistics above are for the previous month of November 2016.

Remove Malware from downlite.net - Powered by Reason Core Security