geo.downloads-center.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain geo.downloads-center.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Remove Malware from geo.downloads-center.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Tuesday, February 28, 2012

Expires date:
Sunday, February 28, 2016

Updated date:
Tuesday, April 28, 2015

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.

Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Avira AntiVirus
W32/Sality.AT, APPL/Downloader.Gen6, ADWARE/Adware.Gen, TR/Dropper.Gen, ADWARE/Adware.Gen7, TR/Trash.Gen, APPL/Solimba.Gen
85.71%

Dr.Web
Win32.Sector.21, Adware.InstallCore.43, Adware.Zugo.105, Trojan.DownLoader11.28135, Adware.Downware.336, Adware.Siggen.26340, Adware.Downware.229
80.95%

avast!
Win32:Adware-gen [Adw], NSIS:Bundlore-B [Adw], Win32:Dropper-gen [Drp], PUP-gen [PUP], NSIS:Bundlore-C [Adw], Win32:OutBrowse-CA [PUP]
71.43%

VIPRE Antivirus
Click run software, Trojan.Win32.Generic, Threat.4783235, Bundlore, AirInstaller, Threat.4782985
71.43%

McAfee Web Gateway
RDN/Generic PUP.x!bhn, Socrydo, Generic Malware.nl!ats, BehavesLike.Win32.LiveSoftAction.tc, RDN/Generic PUP.x!b2y, Artemis!9F436F82023A
66.67%

ESET NOD32
Win32/InstallCore (variant), Win32/Adware.Bundlore, Win32/Systweak, Win32/DownWare.I potentially unwanted
66.67%

Vba32 AntiVirus
Adware.InstallCore.gen, suspected of Trojan.Downloader.gen.h, AdWare.AirAdInstaller
61.90%

McAfee
RDN/Generic PUP.x!bhn, Socrydo, Generic Malware.nl!ats, RDN/Generic PUP.x!b2y, Artemis!9F436F82023A, RDN/Generic PUP.x!bfb
57.14%

Trend Micro House Call
TROJ_SPNR.0CIL12, TROJ_GEN.RCBC8IS, TROJ_GEN.R08NC0EAU14, TROJ_SPNR.14EE12, TROJ_GEN.R006H06JG13, TROJ_GEN.R42B1EF, TROJ_GEN.R0CBC0OEP14
52.38%

Fortinet FortiGate
W32/SPNR.0CIL12!tr, Riskware/Bundlore, W32/Malware_nl.ATS!tr
52.38%

Panda Antivirus
PUP/MultiToolbar.A, Trj/Genetic.gen, Trj/CI.A, Adware/AirInstaller, Generic Malware, Trj/OCJ.A
52.38%

Sophos
Install Core Click run software, SoftPulse, AirInstaller, vGrabber, Mal/Generic-S, Solimba Installer
47.62%

NANO AntiVirus
Trojan.Win32.SoftPulse.ddzwdt, Riskware.Nsis.Downware.yrefc, Riskware.Win32.AirAdInstaller.cxhlas, Trojan.Win32.SMSSend.cwbmjp
47.62%

Trend Micro
TROJ_SPNR.0CIL12, TROJ_GEN.RCBC8IS, TROJ_GEN.R08NC0EAU14, TROJ_SPNR.14EE12, TROJ_GEN.RCBCOEG, TROJ_GEN.R0CBC0OEP14, TROJ_GEN.RFFC8FD
42.86%

Reason Heuristics
PUP.Installer.Clickrunsoftware.F, PUP.Installer.DigitalPluginSl.F, DownloadManager.AirSoftware.F, PUP.Optional.Installer.I, DownloadManager.Bundler.Air Software, Win32.Generic, PUP.Tuguu.Bundler (M), PUP.AdGazelle.ClickYes.Installer (M)
42.86%

The domain geo.downloads-center.com has been seen to resolve to the following 24 IP addresses.

January 27, 2016

January 27, 2016

a23-220-148-10.deploy.static.akamaitechnologies.com
December 26, 2015

a23-220-148-32.deploy.static.akamaitechnologies.com
December 26, 2015

a23-67-243-83.deploy.static.akamaitechnologies.com
June 19, 2015

a23-67-243-65.deploy.static.akamaitechnologies.com
June 19, 2015

a23-67-242-104.deploy.static.akamaitechnologies.com
May 15, 2015

a23-67-242-105.deploy.static.akamaitechnologies.com
May 15, 2015

a23-67-242-67.deploy.static.akamaitechnologies.com
May 6, 2015

a23-67-250-112.deploy.static.akamaitechnologies.com
May 5, 2015

a23-67-250-136.deploy.static.akamaitechnologies.com
May 5, 2015

a23-3-13-8.deploy.static.akamaitechnologies.com
January 10, 2015

a23-3-13-25.deploy.static.akamaitechnologies.com
January 10, 2015

a23-15-7-90.deploy.static.akamaitechnologies.com
November 4, 2014

a23-15-7-136.deploy.static.akamaitechnologies.com
November 4, 2014

a23-62-6-168.deploy.static.akamaitechnologies.com
September 27, 2014

a23-62-6-184.deploy.static.akamaitechnologies.com
September 27, 2014

a23-3-13-227.deploy.static.akamaitechnologies.com
September 5, 2014

a23-3-13-242.deploy.static.akamaitechnologies.com
August 22, 2014

a23-3-13-241.deploy.static.akamaitechnologies.com
August 22, 2014

a23-67-242-34.deploy.static.akamaitechnologies.com
July 31, 2014

a23-67-242-40.deploy.static.akamaitechnologies.com
July 31, 2014

a72-247-9-251.deploy.akamaitechnologies.com
February 6, 2014

a72-247-10-40.deploy.akamaitechnologies.com
February 6, 2014

File downloads found at URLs served by geo.downloads-center.com.

3 / 68      (PUP)

17 / 68    (PUP)

13 / 68    (PUP)

19 / 68    (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

14 / 68    (PUP)

4 / 68      (PUP)

21 / 68    (PUP)

40 / 68    (Adware)

19 / 68    (PUP)

11 / 68    (PUP)

2 / 68      (PUP)

13 / 68    (PUP)

26 / 68    (PUP)

32 / 68    (Adware)

32 / 68    (Adware)

15 / 68    (PUP)

18 / 68    (Adware)

8 / 68      (PUP)

5 / 68      (false positives)

The following 73 files have been seen to comunicate with geo.downloads-center.com in live environments.

 
Latest 20 of 77 files

URL:
http://geo.downloads-center.com/

Web server:
Apache/2.2.3 (CentOS) (PHP/5.3.26)

Remove Malware from geo.downloads-center.com - Powered by Reason Core Security