www.download.fi

Domain Information

This domain is owned and operated by AfterDawn.
Remove Malware from www.download.fi - Powered by Reason Core Security
Server location:
Virginia, United States (US)

ASN:
AS30633 LEASEWEB-US - Leaseweb USA, Inc.

Root domain:

Registered by:

Scanner detections:
Adware distribution

Scan engine
Details
Detections

ESET NOD32
Win32/OpenCandy, Win32/Toolbar.Conduit, Win32/InstallMonetizer.AF, Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant)
61.54%

Trend Micro House Call
ADW_OPENCANDY, Suspici.12797D5E, Suspici.E50E09E0, Suspicious_GEN.F47V0525, Suspicious_GEN.F47V0506
38.46%

Dr.Web
Adware.OpenCandy.3, Adware.OpenCandy.39, Adware.OpenCandy.115, Adware.OpenCandy.147, Threat.Undefined
38.46%

Reason Heuristics
PUP.Optional.Installer.J, PUP.OpenCandy.Installer (L), PUP.Bundler.YoutubeDownloaderHD.Installer.Meta (M)
30.77%

Bkav FE
W32.Clodabf.Trojan, HW64.Paked, W32.HfsAdware
23.08%

Malwarebytes
PUP.Optional.OpenCandy
23.08%

Agnitum Outpost
Adware.OpenCandy, Riskware.Agent
23.08%

Vba32 AntiVirus
AdWare.OpenCandy, Downloader.Agent
23.08%

Panda Antivirus
PUP/Conduit.A, Trj/Chgt.I, Trj/Chgt.A
23.08%

G Data
Win32.Adware.OpenCandy, Win32.Application.OpenCandy
23.08%

Sophos
Generic PUA KA, OpenCandy, NirCmd
23.08%

Baidu Antivirus
PUA.Win32.ClientConnect, Adware.Win32.OpenCandy, Adware.Win32.Conduit
23.08%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Trojan.Win32.Generic.15632D02!358821122
15.38%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
15.38%

Comodo Security
Application.Win32.ClientConnect.~A
15.38%

The domain www.download.fi has been seen to resolve to the following 2 IP addresses.

varnish.afterdawn.net
February 5, 2014

varnish-us.afterdawn.net
February 2, 2014

File downloads found at URLs served by www.download.fi.

 
Latest 30 of 239 download URLs

The following file have been seen to comunicate with www.download.fi in live environments.

Remove Malware from www.download.fi - Powered by Reason Core Security