home

downloader.downloadster.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain downloader.downloadster.net is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Strasbourg, Alsace within France which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Alsace, France (FR)

Create date:
Tuesday, March 15, 2011

Expires date:
Wednesday, March 15, 2017

Updated date:
Saturday, May 2, 2015

ASN:
AS8972 PLUSSERVER-AS PlusServer AG,DE

Root domain:
downloadster.net

Whois:
2 downloadster.net records

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

F-Prot
W32/InstallCore.W.gen, W32/InstallCore.S.gen, W32/InstallCore.R.gen
100.00%

Sophos
Install Core, PUA 'Install Core'
100.00%

Dr.Web
Adware.InstallCore.86, Adware.InstallCore.122
100.00%

VIPRE Antivirus
InstallCore, Threat.4786018
100.00%

Avira AntiVirus
ADWARE/InstallCore.Gen, ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen
100.00%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, PE:Malware.InstallCore!6.4
100.00%

McAfee
Artemis!2DDD9860F6B8, Artemis!ABE3789D4272, Artemis!203F7D011B8C, Trojan.GenericR-DGW!06295330F53F
80.00%

Trend Micro House Call
TROJ_GEN.RCBH1CO, TROJ_GEN.F47V0218, TROJ_GEN.F47V0720
80.00%

Comodo Security
UnclassifiedMalware, ApplicUnwnt
80.00%

K7 AntiVirus
Unwanted-Program, Unwanted-Program
80.00%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly
60.00%

ESET NOD32
Win32/InstallCore.AZ (variant), Win32/InstallCore.BL
60.00%

IKARUS anti.virus
SoftwareBundler, Backdoor.Hupigon
60.00%

NANO AntiVirus
Riskware.Win32.InstallCore.dfglnt, Riskware.Win32.InstallCore.czmmhy
60.00%

Vba32 AntiVirus
Downware.InstallCore
60.00%

The domain downloader.downloadster.net has been seen to resolve to the following 5 IP addresses.

62.75.207.166
static-ip-62-75-207-166.inaddr.ip-pool.com
February 22, 2016

104.28.27.124
August 12, 2014

104.28.26.124
August 12, 2014

198.41.249.66
February 7, 2014

162.159.240.67
February 7, 2014

File downloads found at URLs served by downloader.downloadster.net.

26 / 68    (Adware)
http://downloader.downloadster.net/?id=b4761bffbb5f131801c2d0c9933ec754c3693655&ts=1370033309&r=L3ZsYy1tZWRpYS1wbGF5ZXIvP2t3PXZsY3BsYXllcitkb3dubG9hZCZzdWJpZD1EU1RWTEVYMSZjdXN0PXZsY3BsYXllcitkb3dubG9hZCZ0eXBlPXZsYyZscHR5cGU9MyZtZXQ9YiZnY2xpZD1DT2UxaWVXYndiY0NGVTBkM2dvZGRXMEE1QSZ1dG1fY2FtcGFpZ249RFNUVkxFWDEmZndkPTE=  (icreinstall_vlc-2.0.5.exe)

26 / 68    (Adware)
http://downloader.downloadster.net/?id=b4761bffbb5f131801c2d0c9933ec754c3693655&ts=1370007962&r=L3ZsYy1tZWRpYS1wbGF5ZXIvP2t3PXZjbCttZWRpYStwbGF5ZXImc3ViaWQ9RFNUVkxFWDEmY3VzdD12Y2wrbWVkaWErcGxheWVyJnR5cGU9dmxjJmxwdHlwZT0zJm1ldD1iJmdjbGlkPUNPTHA1YTY5d0xjQ0ZVMlIzZ29kYzI4QXRRJnV0bV9jYW1wYWlnbj1EU1RWTEVYMSZmd2Q9MQ==  (icreinstall_vlc-2.0.5.exe)

26 / 68    (Adware)
http://downloader.downloadster.net/?id=b4761bffbb5f131801c2d0c9933ec754c3693655&ts=1368810860&r=L3ZsYy1tZWRpYS1wbGF5ZXIvP2t3PXZsY3BsYXllcitkb3dubG9hZCZzdWJpZD1EU1RWTEVYMSZjdXN0PXZsY3BsYXllcitkb3dubG9hZCZ0eXBlPXZsYyZscHR5cGU9MyZtZXQ9YiZnY2xpZD1DTHJCaE9qUm5iY0NGY2hlM2dvZDZFOEFUZyZ1dG1fY2FtcGFpZ249RFNUVkxFWDEmZndkPTE=  (icreinstall_vlc-2.0.5.exe)

26 / 68    (Adware)
http://downloader.downloadster.net/?id=b4761bffbb5f131801c2d0c9933ec754c3693655&ts=1365939514&r=L3ZsYy1tZWRpYS1wbGF5ZXIvP2t3PXZjbCttZWRpYStwbGF5ZXImc3ViaWQ9RFNUVkxFWDEmY3VzdD12Y2wrbWVkaWErcGxheWVyJnR5cGU9dmxjJmxwdHlwZT0zJm1ldD1iJmdjbGlkPUNQV1Z5WnVKeXJZQ0ZVekh0QW9kSlhVQVNRJnV0bV9jYW1wYWlnbj1EU1RWTEVYMSZmd2Q9MQ==  (icreinstall_vlc-2.0.5.exe)

14 / 68    (PUP)
https://downloader.downloadster.net/?id=af8bdff29c6a3194a4234361505ee1b97c000ef7&ts=1361573213&r=/.../?kw=free pdf reader&subid=DSTTDYUS&cust=sitelinkpdf&type=tidyview&gclid=CK2gn73_yrUCFWbZQgodjyAA6Q&utm_campaign=DSTTDYUS&fwd=1  (tidyview_pdf_reader.exe)

10 / 68    (Adware)
https://downloader.downloadster.net/?id=ce3112fd71a38ed55fcdf117394a24f1908b7c9d&ts=1358124441&r=/.../?kw=microsoft office starter&subid=DSTOO&cust=microsoft office starter&type=oo&gclid=CJOhg-fP5rQCFQ3nnAodQCgA2w&utm_campaign=DSTOO&fwd=1  (icreinstall_openoffice.exe)

25 / 68    (PUP)
https://downloader.downloadster.net/?id=ce3112fd71a38ed55fcdf117394a24f1908b7c9d&ts=1382781283&r=L29wZW4tb2ZmaWNlLXN1aXRlLz9rdz1vcGVuK29mZmljZS5vcmcmc3ViaWQ9RFNUT09GUiZjdXN0PW9wZW4rb2ZmaWNlLm9yZyZ0eXBlPW9vJmdjbGlkPUNJNncxNG1kdExvQ0ZTX0t0QW9kNXdjQWxBJnV0bV9jYW1wYWlnbj1EU1RPT0ZSJmZ3ZD0x  (openoffice.exe)

12 / 68    (PUP)
https://downloader.downloadster.net/?id=b4761bffbb5f131801c2d0c9933ec754c3693655&ts=1359566547&r=/.../?kw=windowsmediaplayer 12&subid=DSTVLSA&cust=windowsmediaplayer 12&type=vlc&lptype=3&met=b&gclid=CNm4iYfMkLUCFYLHtAod4ToAtQ&utm_campaign=DSTVLSA&fwd=1  (vlc-2.0.4.exe)

0 / 68
http://downloader.downloadster.net/?id=ce3112fd71a38ed55fcdf117394a24f1908b7c9d&ts=1380290089&r=L29wZW4tb2ZmaWNlLXN1aXRlLz9rdz1vcGVub2ZmaWNlKzMuNCZzdWJpZD1EU1RPTyZjdXN0PW9wZW5vZmZpY2UrMy40JnR5cGU9b28mZ2NsaWQ9Q0phdG51dmM2N2tDRlUyWTRBb2Q0RGdBZ2cmdXRtX2NhbXBhaWduPURTVE9PJmZ3ZD0x  (6544944_stp.exe)

0 / 68
https://downloader.downloadster.net/?id=ce3112fd71a38ed55fcdf117394a24f1908b7c9d&ts=1380290089&r=L29wZW4tb2ZmaWNlLXN1aXRlLz9rdz1vcGVub2ZmaWNlKzMuNCZzdWJpZD1EU1RPTyZjdXN0PW9wZW5vZmZpY2UrMy40JnR5cGU9b28mZ2NsaWQ9Q0phdG51dmM2N2tDRlUyWTRBb2Q0RGdBZ2cmdXRtX2NhbXBhaWduPURTVE9PJmZ3ZD0x  (6544944_stp.exe)

URL:
http://downloader.downloadster.net/

SSL certificate subject:
CN=sni28240.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.0.15 (PHP/5.3.3)

cmdpii.com.br

pcfixer.co

browsersinfo.com

downloadb.net

downloadbin.net

ez-downloads.com

fastdownloaders.com

freedownloaders.net

freeinstallsetup.com

pcupgradenow.com

savvydl.com

secure-fastfile.com

simple-get.net

updatenowpro.com

updatersoft.com

venturedownload.com

windownload.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.