home

world-downloads.info

Novia Ritasari

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beauharnois, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
1&1 Internet SE

Server location:
Quebec, Canada (CA)

ASN:
AS16276 OVH OVH SAS, FR

Whois:
4 world-downloads.info records

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.WebPick.PavelKRASNOV.Bundler (M), PUP.WebPick.ArturSemanin (M), PUP.WebPick.PavelKRASNOV (M), PUP.WebPick.BorisVladimirovichBOBOVSKY (M), PUP.WebPick.ArturSemanin.Bundler (M), PUP.WebPick.JulianPankratov (M), PUP.WebPick.JulianPankratov.Bundler (M), PUP.WebPick.JulianPa (M), PUP.WebPick.OstapLap.Bundler (M), PUP.WebPick.DmitryVo (M), PUP.WebPick.ArturSem (M), PUP.WebPick.PavelKRA.Bundler (M), PUP.local (M), Adware.Bundler.IgorPavl.Installer.Meta (M), Adware.WebPick.Installer (M)
72.73%

ESET NOD32
Win32/InstalleRex.L potentially unwanted application, Generik.FTCUYLC potentially unwanted application
31.82%

Microsoft Security Essentials
Threat.Undefined
29.55%

McAfee
PUP-FHQ!D6BB6F2CE8EA, Program.Adware-FMV, Program.Downloader-FLN
25.00%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.AdLoad, not-a-virus:AdWare.Win32.MegaSearch
25.00%

AVG
MalSign.Generic, Adware Generic5.ADPK.dropper, Adware Skodna.Generic.ALR
25.00%

F-Prot
W32/Mega.A.gen, JS/MPlug.A (exact, not disinfectable)
25.00%

Dr.Web
Trojan.Damaged.1, Threat.Undefined, - infected archive c:\users\test\appdata\local\temp\6a1436a60d1b71c6cf7e9837e133ee5b1b4ad7a2 Trojan
20.45%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
18.18%

Sophos
InstallRex, PUA 'MultiPlug' (of type Adware)
6.82%

avast!
Win32:Downloader-TRK [Adw], Win32:MultiPlug-Y [PUP]
4.55%

Rising Antivirus
PE:PUF.InstallRex!1.9E4C
4.55%

IKARUS anti.virus
AdWare.InstallRex
4.55%

Fortinet FortiGate
Riskware/InstalleRex
4.55%

AhnLab V3 Security
PUP/Win32.TSULoader
4.55%

The domain world-downloads.info has been seen to resolve to the following 11 IP addresses.

72.52.4.90
unknown.prolexic.com
August 24, 2016

91.195.241.121
redirect.domcollect.com
August 5, 2016

104.31.65.3
May 16, 2016

104.31.64.3
May 16, 2016

198.27.70.45
us7.hostblast.net
April 14, 2016

104.28.13.41
March 30, 2016

104.28.12.41
March 30, 2016

162.210.193.209
hosted-by.leaseweb.com
November 16, 2013

162.210.193.206
hosted-by.leaseweb.com
November 16, 2013

46.19.138.158
July 28, 2013

46.165.211.183
hosted-by.leaseweb.com
July 28, 2013

File downloads found at URLs served by world-downloads.info.

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=512&country=PL&ind=4724649385952733481&exid=0&ssd=4841656990153153193&hid=5236415292969603476&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121119&ntab=http://.../  (17byy.exe)

1 / 68      (Adware)
http://world-downloads.info/.../?product_name=Saosin-You&installer_file_name=Saosin-You&r=382  (saosin-you.exe)

1 / 68      (Adware)
http://world-downloads.info/.../?product_name=Hawthorne Heights - Hope NEW SONG 2012&installer_file_name=Hawthorne Heights - Hope NEW SONG 2012&r=400  (hawthorne heights - hope new song 2012.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&publisher=724&country=ID&ind=10485020885877963133&exid=0&ssd=1615393489441269643&hid=3383010528453520922&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121127&ntab=http://websearch.pur-esult.info  (fgcchbw.exe)

6 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=725&country=PL&ind=2733699438&exid=0&ssd=1670158784&hid=3737904168&osid=601&channel=0&category_name=NewTab&install_date=20120728&ntab=http://.../  (51f530939802b.exe)

1 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=298&country=ID&ind=4051974482&exid=0&ssd=3255423154&hid=219351970&osid=501&channel=0&category_name=NewTab&install_date=20120822&ntab=http://.../  (newtab_setup.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=625&country=MY&ind=15864358965891228758&exid=0&ssd=16030920625645579482&hid=16460901505601958659&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121007&ntab=http://.../  (p.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=1696&country=MY&ind=10006596904714150829&exid=0&ssd=12173774489849252910&hid=16460901505601958659&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121007&ntab=http://.../  (m7uzhgz.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=298&country=ID&ind=15323167095115759694&exid=0&ssd=6971277839776983969&hid=13266599665598128061&osid=501&channel=0&sfx=1&category_name=NewTab&install_date=20120916&ntab=http://.../  (1ylhhxjz8t.exe)

5 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=388&country=US&ind=2703172532&exid=0&ssd=1004586438&hid=3908544801&osid=601&channel=0&category_name=NewTabEasyLifeYHS&install_date=20120621&ntab=http://.../  (51c3db25a98f9.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=1273&country=ID&ind=14889932007185968798&exid=0&ssd=7190833084667407058&hid=12351918976960135488&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121126&ntab=http://.../  (xxo.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SNT&publisher=1675&country=CA&ind=407620064955050918&exid=1392479371580963500&ssd=3778601834068847584&hid=17306382874323915503&osid=601&channel=0&sfx=1&jc=1&category_name=NewTab&install_date=20130215&ntab=http://.../  (newtab_setup.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SNT&publisher=625&country=MY&ind=8788724012735832933&exid=1391408501310796558&ssd=15511260065165383198&hid=1887051427336658812&osid=601&channel=0&sfx=1&jc=1&category_name=NewTab&install_date=20130203&ntab=http://.../  (newtab_setup.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=1341&country=BR&ind=8555192506602844231&exid=0&ssd=4283506199558716295&hid=12125887484542743152&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121006&ntab=http://.../  (lngqp_pk6b.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=1089&country=DE&ind=7520268500046359722&exid=0&ssd=16586460240865190229&hid=5840475464728861427&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20120924&ntab=http://.../  (77p0xuuf.exe)

5 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=700&country=ID&ind=3665597988&exid=0&ssd=3170359108&hid=3544028692&osid=601&channel=0&category_name=NewTab&install_date=20120724&ntab=http://.../  (51efcde556a06.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=952&country=IN&ind=7784593338991245573&exid=0&ssd=12432358729063787640&hid=13005226019312159848&osid=602&channel=0&sfx=1&category_name=NewTab&install_date=20121216&ntab=http://.../  (oi5t.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SNT&publisher=1150&country=RO&ind=2787961330441783646&exid=1388934597338170147&ssd=476901235019852525&hid=8973280501516710611&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20130105&ntab=http://.../  (newtab_setup.exe)

7 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=298&country=ID&ind=4294855012&exid=0&ssd=163411681&hid=2778680112&osid=602&channel=0&category_name=NewTab&install_date=20120623&ntab=http://.../  (51c5eed5a97dd.exe)

8 / 68      (PUP)
http://world-downloads.info/?e=824&publisher=821&country=ID&ind=3924427438&exid=0&ssd=4133255918&hid=2778680112&osid=602&channel=0&category_name=SafeSaver&install_date=20120623  (51c600b0ec508.exe)

7 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=821&country=ID&ind=3924427438&exid=0&ssd=4133255918&hid=2778680112&osid=602&channel=0&category_name=NewTab&install_date=20120623&ntab=http://.../  (51c600d22ed4a.exe)

8 / 68      (PUP)
http://world-downloads.info/?e=42533&publisher=821&country=ID&ind=3924427438&exid=0&ssd=4133255918&hid=2778680112&osid=602&channel=0&category_name=WeekApp&install_date=20120623  (51c600d97cba4.exe)

8 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=298&country=ID&ind=2305088535&exid=0&ssd=744271865&hid=3342671193&osid=601&channel=0&category_name=NewTab&install_date=20120621&ntab=http://.../  (51c3d96b9bc4c.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=438&country=EG&ind=8456929006897896902&exid=0&ssd=5771214719799489923&hid=1595297082484293293&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121113&ntab=http://.../  (1_qk.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=576&country=ES&ind=10927796448375694512&exid=0&ssd=15707312476836108910&hid=6825113769198102996&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20120921&ntab=http://.../  (w.exe)

8 / 68      (PUP)
http://world-downloads.info/?e=824&publisher=947&country=VN&ind=3294696795&exid=0&ssd=2044603769&hid=670258599&osid=601&channel=0&category_name=SafeSaver&install_date=20120707  (51d8d486238e7.exe)

6 / 68      (PUP)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=947&country=VN&ind=3294696795&exid=0&ssd=2044603769&hid=670258599&osid=601&channel=0&category_name=NewTab&install_date=20120707&ntab=http://.../  (51d8d4d611223.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=1273&country=BR&ind=5907408723402238611&exid=0&ssd=5061637170473602841&hid=3214573100483118907&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121026&ntab=http://.../  (newtab_setup.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=1273&country=BR&ind=5907408723402238611&exid=0&ssd=13017672703165001450&hid=3214573100483118907&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121026&ntab=http://.../  (bs7wdtqo.exe)

1 / 68      (Adware)
http://world-downloads.info/?e=wbn&prv=SearchNewTab&publisher=298&country=TH&ind=6845368844056959823&exid=0&ssd=1653722618564274318&hid=4608102361717904993&osid=601&channel=0&sfx=1&category_name=NewTab&install_date=20121114&ntab=http://.../  (w3.exe)

 
Latest 30 of 46 download URLs

The following 250 files have been seen to comunicate with world-downloads.info in live environments.

TCP » 72.52.4.90:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 72.52.4.90:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 72.52.4.90:80
globalupdate.exe (globalUpdate Update by globalUpdate)

TCP » 72.52.4.90:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 72.52.4.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.90:80
dailybee.exe

TCP » 72.52.4.90:80
pricehorse.exe (by Pay By Ads)

TCP » 72.52.4.90:80
1799877.exe

TCP » 72.52.4.90:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 72.52.4.90:80
bfa0d68f.exe (Client Server Runtime Process by Microsoft)

TCP » 72.52.4.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.90:80
tasksgr.exe (Process Service Windows by Windows Development)

TCP » 72.52.4.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 72.52.4.90:80
CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 72.52.4.90:80
online-guardian-v2.0.9.exe

TCP » 72.52.4.90:80
playnowradio.exe (Play now radio by Pay By Ads)

TCP » 72.52.4.90:80
TornTVApp.exe (TornTVApp by TornTV.com)

TCP » 72.52.4.90:80
sys.exe

TCP » 72.52.4.90:80
bestu.exe

TCP » 72.52.4.90:80
fsd814a.exe (Installer)

 
Latest 20 of 256 files

URL:
http://world-downloads.info/

Title:
“Small business”

SSL certificate subject:
CN=sni226318.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

archiveposter.com

javjunkies.com

4shared.net

bongacams24.com

clipartbest.co

downloadinator.com

eazypaperdownloads.com

eocfiles.com

fileextensionxls.net

filemirchi.info

generaldownload.com

generallydownload.com

itlbg.net

jambolinks.com

knights-of-honor-monument.com

shrinery.net

subpelis.info

tunesynchomestream.com

update-com.info

blueslushy.com

halogenware.com

qavvps.com

spybotupdates.biz

update1-com.info

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.