download-servers.com

Domain Privacy Service FBO Registrant.  (Proxy Registrant)

Domain Information

The domain download-servers.com is registered by proxy through DOMAIN.COM, LLC and was originally registered in December of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the FDCservers.net network.
Registrar:
DOMAIN.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Tuesday, December 20, 2011

Expires date:
Wednesday, December 20, 2017

Updated date:
Friday, November 21, 2014

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.CMI.J, PUP.Installer.AnySendProClickMeIn.K, PUP.Installer.ConvertAd, PUP.Installer.AnySendProClickMeIn.J, PUP.ConvertAd, Threat.Win.Reputation.IMP, Adware.ConvertAd.Meta, PUP.Installer.ironSource, Win32.Generic, Adware.ConvertAd.Meta (M), PUP.OffToUp (M), PUP (M)
85.42%

Qihoo 360 Security
HEUR/Malware.QVM06.Gen, HEUR/QVM10.1.Malware.Gen, HEUR/QVM42.0.Malware.Gen
37.50%

Dr.Web
Adware.Downware.3737, Adware.Downware.5929, Adware.ClickMeIn.17, Adware.ClickMeIn.474, Trojan.DownLoader12.51329, Trojan.Siggen6.33552, Win32.Sector.30
33.33%

AVG
Generic, Adware Generic_c, Adware Generic6.DAW, PSW.Agent, Adware Generic6.AGMD, Win32/Sality
33.33%

Trend Micro House Call
TROJ_GEN.F47V0519, Suspici.D6982586, Suspicious_GEN.F47V0720, Suspicious_GEN.F47V1119, Suspicious_GEN.F47V1203, Suspicious_GEN.F47V1227
31.25%

Baidu Antivirus
Trojan.Win32.VOPackage, Adware.Win32.VOPackage, Trojan.Win32.AnyProtect, Adware.Win32.ConvertAd, Trojan.Win32.Staser, Adware.Win32.AdService
31.25%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Win32.Malware!Drop, Adware.AdService
31.25%

McAfee Web Gateway
BehavesLike.Win32.BadFile.jc, BehavesLike.Win32.AdwareFavoritnetwork.jc, BehavesLike.Win32.AdwareLollipop.jc, BehavesLike.Win32.AdwareSweet.jc, BehavesLike.Win32.Downloader.dc, BehavesLike.Win32.Downloader.qh, BehavesLike.Win32.BrowseFox.tc
31.25%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Riskware , Adware
27.08%

McAfee
Trojan.Artemis!ED0BD6712E41, Artemis!DD65481E018B, Artemis!D7F049C339CE, Artemis!0D3E7FB7F35F, Artemis!99F6D9C5477C, Artemis!7098E4916966, Program.Artemis!BD1C506AB795
25.00%

avast!
Dropper-gen [Drp], Malware-gen [Trj], NSIS:Malware-gen [Trj], Win32:Rootkit-gen [Rtk], Win.Threat.Undefined, Adware-CPO [PUP]
25.00%

K7 AntiVirus
Unwanted-Program , Riskware , Adware
22.92%

G Data
NSIS.Application.AnyProtect, Trojan.GenericKD.2055426, Application.Generic.1077554, Gen:Variant.Application.Graftor.175106
22.92%

Kaspersky
not-a-virus:AdWare.NSIS.AnProt, UDS:DangerousObject.Multi.Generic, Trojan.Win32.Staser, not-a-virus:AdWare.Win32.ConvertAd
22.92%

Sophos
ClickMeIn Installer, Generic PUA FF, Generic PUA CH, Generic PUA CN, Generic PUA MD, Generic PUA PF, Generic PUA HF, PUA 'ConvertAd' (of type Adware)
20.83%

The domain download-servers.com has been seen to resolve to the following 22 IP addresses.

May 5, 2015

May 5, 2015

May 5, 2015

May 5, 2015

dl13.clickmein.com
May 30, 2014

dl16.clickmein.com
May 30, 2014

dl14.clickmein.com
May 30, 2014

dl18.clickmein.com
May 30, 2014

dl17.clickmein.com
May 30, 2014

dl21.clickmein.com
May 30, 2014

dl15.clickmein.com
May 30, 2014

dl23.clickmein.com
May 30, 2014

dl22.clickmein.com
May 30, 2014

dl12.clickmein.com
May 30, 2014

dl8.clickmein.com
January 16, 2014

dl7.clickmein.com
January 16, 2014

dl1.clickmein.com
December 25, 2013

dl6.clickmein.com
December 25, 2013

dl4.clickmein.com
December 13, 2013

dl5.clickmein.com
December 13, 2013

dl3.clickmein.com
December 13, 2013

dl2.clickmein.com
December 13, 2013

File downloads found at URLs served by download-servers.com.

1 / 68      (PUP)
http://download-servers.com/.../ConvertAdSetup.exe  (eb94cf5d5d35703f7793496b3770960b)

2 / 68      (PUP)

1 / 68      (Malware)
http://download-servers.com/.../CASrv.exe  (a71c343115dd1d002cfdc767203b000f)

1 / 68      (PUP)
http://download-servers.com/.../carunasu.exe  (09bdf4ca4360c2dbf0522f59ff2950d8)

10 / 68    (Infected)
http://download-servers.com/.../Validate.exe  (f965f3bce0b6621efb9907f8df01c9f3)

8 / 68      (Adware)
http://download-servers.com/.../VOPackage.exe  (550297ba3ce0a0c4aed41d091fc35166)

The following 1379 files have been seen to comunicate with download-servers.com in live environments.

 
Latest 20 of 1,532 files

December 13, 2013

URL:
http://download-servers.com/

Google Analytics:
UA-21120979

Title:
“Download Servers”

Web server:
nginx/1.8.1

Facebook:
Likes:  1
Shares:  4
Comments:  2

Statistics above are for the previous month of June 2017.