download-servers.com

Domain Privacy Service FBO Registrant.  (Proxy Registrant)

Domain Information

The domain download-servers.com is registered by proxy through DOMAIN.COM, LLC and was originally registered in December of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the FDCservers.net network.
Remove Malware from download-servers.com - Powered by Reason Core Security
Registrar:
DOMAIN.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Tuesday, December 20, 2011

Expires date:
Wednesday, December 20, 2017

Updated date:
Friday, November 21, 2014

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.AnySendProClickMeIn.K, PUP.Installer.ClickMeInLimited.P, PUP.Installer.CMILimited.K, PUP.Installer.ConvertAd, Threat.Win.Reputation.IMP, Adware.ConvertAd.Meta, PUP.Installer.ironSource, PUP.Bundler.installCore, PUP.OffToUp (M), PUP.InstallCore (M), Win32.Generic, Adware.ConvertAd.Meta (M), PUP.OffToUp.Installer (M)
89.80%

Qihoo 360 Security
HEUR/Malware.QVM06.Gen, HEUR/QVM10.1.Malware.Gen, Win32/Application.f08, HEUR/QVM42.0.Malware.Gen, HEUR/QVM42.1.Malware.Gen
32.65%

AVG
Adware Generic_c.WX, PSW.Agent, Adware Generic6, Win32/Sality
28.57%

Kaspersky
not-a-virus:AdWare.Win32.AnProt, UDS:DangerousObject.Multi.Generic, Trojan.Win32.Reconyc, Virus.Win32.Sality
24.49%

Dr.Web
Adware.Downware.5929, Threat.Undefined, Adware.ClickMeIn.1405, Adware.ClickMeIn.474, Adware.Downware.5929, Win32.Sector.30
22.45%

G Data
Application.Agent.FF, NSIS.Application.AnyProtect, Trojan.GenericKD.2055426, Trojan.Generic.12877911, Gen:Variant.Graftor.180599
20.41%

McAfee Web Gateway
BehavesLike.Win32.BadFile.jc, BehavesLike.Win32.AdwareFavoritnetwork.hc, BehavesLike.Win32.AdwareFavoritnetwork.jc, BehavesLike.Win32.Downloader.jc, BehavesLike.Win32.Downloader.tc
20.41%

Baidu Antivirus
Trojan.Win32.AnyProtect, Adware.Win32.AnProt, Adware.Win32.ConvertAdSa, PUA.Win32.VOPackage, PUA.Win32.Agent
20.41%

Emsisoft Anti-Malware
Application.Agent.FF, Trojan.GenericKD.2055426, Trojan.Generic.12877911, Gen:Variant.Graftor.180599, Trojan.GenericKD.2439633, Win32.Sality
18.37%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic, Win32.Malware!Drop, Threat.4721115
18.37%

McAfee
Artemis!468E57610375, Artemis!3B7AB2FC8AEF, Artemis!276E6BAD150C, Artemis!010BD274010C, Artemis!0D3E7FB7F35F, Artemis!D1FC620CAAF8
18.37%

Trend Micro House Call
TROJ_GE.BB197D36, Suspicious_GEN.F47V0720, TROJ_SPNR.11GA14, Suspicious_GEN.F47V1227, Suspicious_GEN.F47V0106, Suspicious_GEN.F47V0109, Suspicious_GEN.F47V0209
18.37%

IKARUS anti.virus
not-a-virus:AdWare.AnProt, PUA.AnyProtect, Trojan.SuspectCRC, PUA.Vopackage, PUA.ConvertAd
18.37%

MicroWorld eScan
Application.Agent.FF, Trojan.GenericKD.2055426, Trojan.Generic.12877911, Gen:Variant.Graftor.180599, Trojan.GenericKD.2439633
16.33%

Bitdefender
Application.Agent.FF, Trojan.GenericKD.2055426, Trojan.Generic.12877911, Gen:Variant.Graftor.180599, Trojan.GenericKD.2439633
16.33%

The domain download-servers.com has been seen to resolve to the following 22 IP addresses.

May 5, 2015

May 5, 2015

May 5, 2015

May 5, 2015

dl13.clickmein.com
May 30, 2014

dl16.clickmein.com
May 30, 2014

dl14.clickmein.com
May 30, 2014

dl18.clickmein.com
May 30, 2014

dl17.clickmein.com
May 30, 2014

dl21.clickmein.com
May 30, 2014

dl15.clickmein.com
May 30, 2014

dl23.clickmein.com
May 30, 2014

dl22.clickmein.com
May 30, 2014

dl12.clickmein.com
May 30, 2014

dl8.clickmein.com
January 16, 2014

dl7.clickmein.com
January 16, 2014

dl1.clickmein.com
December 25, 2013

dl6.clickmein.com
December 25, 2013

dl4.clickmein.com
December 13, 2013

dl5.clickmein.com
December 13, 2013

dl3.clickmein.com
December 13, 2013

dl2.clickmein.com
December 13, 2013

File downloads found at URLs served by download-servers.com.

2 / 68      (PUP)

15 / 68    (Malware)
http://download-servers.com/.../CASrv.exe  (082402717467cc86f5a5f37adfcbbee9)

5 / 68      (PUP)
http://download-servers.com/.../carunasu.exe  (c222d03c1933fd8196316721f2221f62)

1 / 68      (PUP)
http://download-servers.com/.../Validate.exe  (3588887397a83f5155cedde176a769a0)

4 / 68      (Adware)

The following 167 files have been seen to comunicate with download-servers.com in live environments.

 
Latest 20 of 218 files

December 13, 2013

URL:
http://download-servers.com/

Google Analytics:
UA-21120979

Title:
“Download Servers”

Web server:
nginx/1.8.0

Facebook:
Likes:  1
Shares:  4
Comments:  2

Statistics above are for the previous month of November 2016.

Remove Malware from download-servers.com - Powered by Reason Core Security