downloader.downloadster.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain downloader.downloadster.net is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Remove Malware from downloader.downloadster.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Tuesday, March 15, 2011

Expires date:
Wednesday, March 15, 2017

Updated date:
Saturday, May 02, 2015

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

F-Prot
W32/InstallCore.W.gen, W32/InstallCore.S.gen, W32/InstallCore.R.gen
100.00%

Sophos
Install Core, PUA 'Install Core'
100.00%

Dr.Web
Adware.InstallCore.86, Adware.InstallCore.122
100.00%

VIPRE Antivirus
InstallCore, Threat.4786018
100.00%

Avira AntiVirus
ADWARE/InstallCore.Gen, ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen
100.00%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, PE:Malware.InstallCore!6.4
100.00%

McAfee
Artemis!2DDD9860F6B8, Artemis!ABE3789D4272, Trojan.GenericR-DGW!06295330F53F
75.00%

Trend Micro House Call
TROJ_GEN.RCBH1CO, TROJ_GEN.F47V0218, TROJ_GEN.F47V0720
75.00%

McAfee Web Gateway
Artemis!2DDD9860F6B8, BehavesLike.Win32.Obfuscated.th, GenericR-DGW!06295330F53F
75.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
75.00%

Comodo Security
UnclassifiedMalware, ApplicUnwnt
75.00%

K7 AntiVirus
Unwanted-Program, Unwanted-Program
75.00%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly
50.00%

ESET NOD32
Win32/InstallCore.AZ (variant), Win32/InstallCore.BL
50.00%

IKARUS anti.virus
SoftwareBundler, Backdoor.Hupigon
50.00%

The domain downloader.downloadster.net has been seen to resolve to the following 4 IP addresses.

August 12, 2014

August 12, 2014

February 7, 2014

February 7, 2014

File downloads found at URLs served by downloader.downloadster.net.

URL:
http://downloader.downloadster.net/

SSL certificate subject:
CN=sni28240.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Remove Malware from downloader.downloadster.net - Powered by Reason Core Security