home

clickeu.reimsrvcm.com

Domain Information

Server location:
Georgia, United States (US)

ASN:
AS29791 VOXEL-DOT-NET - Voxel Dot Net, Inc., US

Root domain:
reimsrvcm.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Bkav FE
W32.HfsAdware
100.00%

ESET NOD32
Win32/ReImageRepair.F potentially unwanted
100.00%

Clam AntiVirus
Win.Trojan.Slugin-260
100.00%

Dr.Web
Program.Unwanted.493
100.00%

McAfee
Artemis!D7830F8B35ED
100.00%

Baidu Antivirus
PUA.Win32.ReImageRepair
100.00%

Fortinet FortiGate
Riskware/ReImageRepair
100.00%

Reason Heuristics
Win32.Generic.Reimage.Installer.Meta
100.00%

Malwarebytes
PUP.Optional.ReImageRepair.A
100.00%

Trend Micro House Call
Suspicious_GEN.F47V0520
100.00%

The domain clickeu.reimsrvcm.com has been seen to resolve to the following 2 IP addresses.

216.52.2.70
July 25, 2016

216.52.2.71
July 25, 2016

File downloads found at URLs served by clickeu.reimsrvcm.com.

10 / 68    (PUP)
http://clickeu.reimsrvcm.com/st?cipid=7967007&excid=22&ttype=1&dast=v1_7967007_258207_3o1_60EA0B4871496706998357866_-1_4308397_15j7v_536_60EA0B4871496705634341516_m_ju_994675878713521726_908687___2_7o_4po7_ju&cmcv=${CMCV}&compid=${COMPID}&cipp=${PRICE}&ciecp=${DTYPE}&cirp=${LAG}&position=${POS}&excid=22&cisid=60EA0B4871496706998357866&pix=31593310&tgt=http://www.reimageplus.com/.../router_land.php?tracking=ReimageNetworkCon&lpx=rvb&exec=run&banner=Guyava&adgroup=1232127&ads_name=4308397&keyword=ENTER_PLACEMENT_ID_HERE&context=v1_7967007_258207_3o1_60EA0B4871496706998357866_-1_4308397_15j7v_536_60EA0B4871496705634341516_m_ju_994675878713521726_908687___2_7o_4po7_ju  (reimagerepair.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.