download.yes-messenger.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.yes-messenger.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2007. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Brussels, Brussels Hoofdstedelijk Gewest within Belgium which resides on the RIPE Network Coordination Centre network.
Remove Malware from download.yes-messenger.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Brussels Hoofdstedelijk Gewest, Belgium (BE)

Create date:
Monday, March 12, 2007

Expires date:
Saturday, March 12, 2016

Updated date:
Monday, March 10, 2014

ASN:
AS56693 TWOTOWN TwoTown Belgique Sarl

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.RentabiliwebBelgique.Installer (M), Optional.Rentabiliweb.Messanger.Installer.Meta (L)
71.43%

Trend Micro House Call
HV_ZYX_BK083B96.TOMC, HV_ZYX_CA225632.TOMC, HV_ZYX_CA222852.TOMC
69.39%

Dr.Web
Trojan.DownLoader9.21390, Trojan.DownLoader13.3542
67.35%

Rising Antivirus
NS:Malware.Install!1.9F62
65.31%

Avira AntiVirus
ADWARE/Adware.Gen, W32/Virut.Gen
57.14%

McAfee Web Gateway
BehavesLike.Win32.Suspicious.ch
55.10%

F-Secure
Riskware.Gen:Variant.Application.Zusy
2.04%

AVG
AdInject.Yessenger
2.04%

Clam AntiVirus
Win.Adware.Agent-59030
2.04%

The domain download.yes-messenger.com has been seen to resolve to the following IP address.

vip1.2town.net
December 26, 2013

File downloads found at URLs served by download.yes-messenger.com.

6 / 68      (PUP)

1 / 68      (Malware)

6 / 68      (PUP)

6 / 68      (PUP)

1 / 68      (Malware)

6 / 68      (PUP)

1 / 68      (Malware)

6 / 68      (PUP)

1 / 68      (Malware)
http://download.yes-messenger.com/25095/.../plansculs.exe  (a7ea285956b74f75d3d3f7142dfe01ce)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

1 / 68      (Malware)

5 / 68      (PUP)

5 / 68      (PUP)

5 / 68      (PUP)

1 / 68      (Malware)

 
Latest 30 of 49 download URLs

The following 5 files have been seen to comunicate with download.yes-messenger.com in live environments.

URL:
http://download.yes-messenger.com/

Google Analytics:
UA-2813150

Title:
“(1) Nouveau message - Rencontres et dials en webcam”

Web server:
Apache

Remove Malware from download.yes-messenger.com - Powered by Reason Core Security