www.download-servers.com

Domain Privacy Service FBO Registrant.  (Proxy Registrant)

Domain Information

The domain www.download-servers.com is registered by proxy through DOMAIN.COM, LLC and was originally registered in December of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the FDCservers.net network.
Registrar:
DOMAIN.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Tuesday, December 20, 2011

Expires date:
Wednesday, December 20, 2017

Updated date:
Friday, November 21, 2014

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.W, PUP.VOPackage.Installer.Meta, PUP.Somoto.SiteonSpot.Bundler (M), PUP.InstallCore (M), PUP.installCore.ClickMeIn.Installer (M), PUP.InstallCore.RE (M), PUP.Somoto.Installer (M), PUP.installCore.ClickMeI.Installer (M), PUP.installCore (M), PUP.Softpulse.PluginUp.Bundler (M), PUP.Amonitize.Installer, Win32.Generic
85.11%

ESET NOD32
Win32/InstallCore.PK potentially unwanted application, Win32/InstallCore.PO potentially unwanted application, Win32/InstallCore.AEO.gen potentially unwanted application, Win32/InstallCore.PL potentially unwanted application, Win32/InstallCore.BL potentially unwanted application
31.91%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Threat.4721115
21.28%

Dr.Web
Trojan.Packed.25266, Trojan.MulDrop5.10078, Trojan.Packed.28357, Trojan.InstallCore.1903
19.15%

McAfee Web Gateway
RDN/Generic PUP.x!ckc, BehavesLike.Win32.Backdoor.hc, BehavesLike.Win32.CryptInno.hc, BehavesLike.Win32.CryptDoma.gc
14.89%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.Somoto
14.89%

G Data
Win32.Trojan.Agent.GP0QF1, Win32.Application.AnyProtect
12.77%

F-Prot
W32/A-e3871acb, W32/A-df0bbe51, W32/Sality.gen2
12.77%

AVG
AdLoad.S, Adware InstallCore.ALX, Win32/Sality
12.77%

avast!
Dropper-gen [Drp], Malware-gen, Win32:Malware-gen, Win32:Kukacka, Win32:SaliCode
10.64%

Avira AntiVirus
ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen7
10.64%

Malwarebytes
PUP.Optional.Downloader, PUP.Optional.Somoto.SID.A, PUP.Optional.InstallCore
6.38%

Qihoo 360 Security
Win32/Trojan.Dropper.c9f, HEUR/QVM06.1.Malware.Gen, Win32/Virus.Downloader.912
6.38%

NANO AntiVirus
Riskware.Win32.InstallCore.dmkfnq, Trojan.Nsis.Downloader.dpxxrf, Riskware.Win32.InstallCore.dfgoud
6.38%

McAfee
RDN/Generic PUP.x!ckc, Artemis!79428D08D7F3
4.26%

The domain www.download-servers.com has been seen to resolve to the following 22 IP addresses.

May 5, 2015

May 5, 2015

May 5, 2015

May 5, 2015

dl18.clickmein.com
May 30, 2014

dl15.clickmein.com
May 30, 2014

dl13.clickmein.com
May 30, 2014

dl17.clickmein.com
May 30, 2014

dl12.clickmein.com
May 30, 2014

dl21.clickmein.com
May 30, 2014

dl14.clickmein.com
May 30, 2014

dl22.clickmein.com
May 30, 2014

dl23.clickmein.com
May 30, 2014

dl16.clickmein.com
May 30, 2014

dl8.clickmein.com
January 16, 2014

dl7.clickmein.com
January 16, 2014

dl1.clickmein.com
December 25, 2013

dl6.clickmein.com
December 25, 2013

dl5.clickmein.com
December 13, 2013

dl2.clickmein.com
December 13, 2013

dl4.clickmein.com
December 13, 2013

dl3.clickmein.com
December 13, 2013

File downloads found at URLs served by www.download-servers.com.

1 / 68      (inconclusive)
http://www.download-servers.com/.../VuuPC_setup.exe  (ac92a4215277da0d7c8dc6d874eda06a)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)
http://www.download-servers.com/.../ClickMeInGeneric.exe  (96efb848ce28ba1834f8eb768170b77a)

7 / 68      (Malware)
http://www.download-servers.com/.../Validate.exe  (602fcbd0fadbaee8007ad1f2e3e964d1)

2 / 68      (PUP)
http://www.download-servers.com/.../Generic_vo.exe  (a53bf11bb38d6a7431e6543d86c8f499)

 
Latest 30 of 1,699 download URLs

The following 1379 files have been seen to comunicate with www.download-servers.com in live environments.

 
Latest 20 of 1,532 files

URL:
http://www.download-servers.com/

Google Analytics:
UA-21120979

Title:
“Download Servers”

Web server:
nginx/1.8.0

Facebook:
Likes:  1
Shares:  4
Comments:  2

Statistics are for the previous month.