world-downloads.info

Novia Ritasari

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beauharnois, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
1&1 Internet SE

Server location:
Quebec, Canada (CA)

ASN:
AS16276 OVH OVH SAS, FR

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.WebPick.PavelKRASNOV.Bundler (M), PUP.WebPick.ArturSemanin (M), PUP.WebPick.PavelKRASNOV (M), PUP.WebPick.BorisVladimirovichBOBOVSKY (M), PUP.WebPick.ArturSemanin.Bundler (M), PUP.WebPick.JulianPankratov (M), PUP.WebPick.JulianPankratov.Bundler (M), PUP.WebPick.JulianPa (M), PUP.WebPick.OstapLap.Bundler (M), PUP.WebPick.DmitryVo (M), PUP.WebPick.ArturSem (M), PUP.WebPick.PavelKRA.Bundler (M), PUP.local (M), Adware.Bundler.IgorPavl.Installer.Meta (M), Adware.WebPick.Installer (M)
72.73%

ESET NOD32
Win32/InstalleRex.L potentially unwanted application, Generik.FTCUYLC potentially unwanted application
31.82%

Microsoft Security Essentials
Threat.Undefined
29.55%

McAfee
PUP-FHQ!D6BB6F2CE8EA, Program.Adware-FMV, Program.Downloader-FLN
25.00%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.AdLoad, not-a-virus:AdWare.Win32.MegaSearch
25.00%

AVG
MalSign.Generic, Adware Generic5.ADPK.dropper, Adware Skodna.Generic.ALR
25.00%

F-Prot
W32/Mega.A.gen, JS/MPlug.A (exact, not disinfectable)
25.00%

Dr.Web
Trojan.Damaged.1, Threat.Undefined, - infected archive c:\users\test\appdata\local\temp\6a1436a60d1b71c6cf7e9837e133ee5b1b4ad7a2 Trojan
20.45%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
18.18%

Sophos
InstallRex, PUA 'MultiPlug' (of type Adware)
6.82%

avast!
Win32:Downloader-TRK [Adw], Win32:MultiPlug-Y [PUP]
4.55%

Antiy Labs AVL
Trojan[Downloader:not-a-virus]/Win32.AdLoad
4.55%

Kingsoft AntiVirus
Win32.Troj.DownAdLoad.f.(kcloud)
4.55%

Rising Antivirus
PE:PUF.InstallRex!1.9E4C
4.55%

IKARUS anti.virus
AdWare.InstallRex
4.55%

The domain world-downloads.info has been seen to resolve to the following 11 IP addresses.

unknown.prolexic.com
August 24, 2016

redirect.domcollect.com
August 5, 2016

May 16, 2016

May 16, 2016

us7.hostblast.net
April 14, 2016

March 30, 2016

March 30, 2016

hosted-by.leaseweb.com
November 16, 2013

hosted-by.leaseweb.com
November 16, 2013

July 28, 2013

hosted-by.leaseweb.com
July 28, 2013

File downloads found at URLs served by world-downloads.info.

 
Latest 30 of 46 download URLs

The following 250 files have been seen to comunicate with world-downloads.info in live environments.

 
Latest 20 of 256 files

URL:
http://world-downloads.info/

Title:
“Small business”

SSL certificate subject:
CN=sni226318.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx