home

downloadmee.com

Whois Privacy Corp.

Domain Information

The domain downloadmee.com registered by Whois Privacy Corp. was initially registered in February of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Dublin City, Ireland (IE)

Create date:
Wednesday, February 5, 2014

Expires date:
Sunday, February 5, 2017

Updated date:
Saturday, February 6, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Whois:
2 downloadmee.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

MicroWorld eScan
Gen:Variant.Application.Bundler.AirInstaller.1, Gen:Variant.Adware.Strictor.77177, Gen:Variant.Application.Jatif.103, Gen:Variant.Adware.Kazy.556217
90.00%

Bitdefender
Gen:Variant.Application.Bundler.AirInstaller.1, Gen:Variant.Adware.Strictor.77177, Gen:Variant.Application.Jatif.103, Gen:Variant.Adware.Kazy.556217
90.00%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.AirInstaller.1, Gen:Variant.Adware.Strictor.77177, Gen:Variant.Application.Jatif.103, Gen:Variant.Adware.Kazy.556217
90.00%

AhnLab V3 Security
PUP/Win32.Amonetiz
90.00%

G Data
Gen:Variant.Application.Bundler.AirInstaller, Gen:Variant.Adware.Strictor.77177, Gen:Variant.Application.Jatif.103, Gen:Variant.Adware.Kazy.556217
90.00%

Bkav FE
HW32.Packed, W32.HfsAdware
80.00%

F-Secure
Gen:Variant.Application.Bundler, Gen:Variant.Adware.Strictor.77177, Gen:Variant.Application.Jatif, Gen:Variant.Adware.Kazy.556217
80.00%

Avira AntiVirus
TR/Crypt.XPACK.Gen, ADWARE/Adware.Gen4, ADWARE/Adware.Gen2, TR/Crypt.XPACK.Gen3
80.00%

Kaspersky
not-a-virus:AdWare.Win32.Amonetize, not-a-virus:HEUR:AdWare.Win32.Generic
80.00%

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen, Win32/Trojan.f79, HEUR/QVM19.1.Malware.Gen, HEUR/QVM16.0.Malware.Gen
80.00%

Malwarebytes
PUP.Optional.Amonetize
70.00%

NANO AntiVirus
Trojan.Win32.Amonetize.dnjxrs, Riskware.Win32.Amonetize.domexk, Riskware.Win32.Amonetize.dqmvjd, Riskware.Win32.Amonetize.doukvl
70.00%

Sophos
Generic PUA CL, Generic PUA PC, Generic PUA GH, Generic PUA KE, Generic PUA AM, Generic PUA IH, Generic PUA AE (PUA)
70.00%

McAfee
GenericR-CXP!E63A990F207D, GenericR-CXP!ECD4A82E2041, Artemis!4BD1FCBDDF74, Artemis!6776ED0285B2, Artemis!359E1CFB3CA8, RDN/Generic PUP.x!c2m
70.00%

ESET NOD32
Win32/Amonetize.DE potentially unwanted (variant), Win32/Amonetize.EA potentially unwanted (variant), Win32/Amonetize.EG potentially unwanted (variant)
70.00%

The domain downloadmee.com has been seen to resolve to the following 3 IP addresses.

54.72.130.67
ns1.ibspark.com
February 13, 2016

104.28.28.96
May 5, 2015

104.28.29.96
May 5, 2015

File downloads found at URLs served by downloadmee.com.

27 / 68    (PUP)
http://downloadmee.com/download.php?id=lubiekeppa&title=Adobe Flash Player  (installer26__7934_il13539.exe)

33 / 68    (PUP)
http://downloadmee.com/download.php?id=pawelPP&title=flashplayer  (installer25__7934_il46455.exe)

25 / 68    (PUP)
http://downloadmee.com/download.php?id=simonaslietuva&title=Setup  (installer42__7934_il31602.exe)

1 / 68      (Malware)
http://downloadmee.com/download.php?id=pawelPP&title=flashplayer  (installer28__7934_il28560.exe)

28 / 68    (PUP)
http://downloadmee.com/download.php?id=yewryk&title=  (installeraxp__7934_il106790.exe)

30 / 68    (PUP)
http://downloadmee.com/download.php?id=raysan12&title=freecocbot  (installer8__7934_il884484.exe)

11 / 68    (PUP)
http://downloadmee.com/download.php?id=phobos111&title=cheattool31  (installer__7934_il538838.exe)

15 / 68    (PUP)
http://downloadmee.com/download.php?id=ahmetmy&title=Spyhunter4.xCrack  (installer29__7934_il22258.exe)

25 / 68    (Adware)
http://downloadmee.com/download.php?id=m mo253&title=PSVITAEMUINSTALLER  (installerpfi__7934_il27562.exe)

21 / 68    (Adware)
http://downloadmee.com/download.php?id=simonaslietuva&title=Setup  (installercjk__7934_il27562.exe)

The following 142 files have been seen to comunicate with downloadmee.com in live environments.

TCP » 54.72.130.67:80
simplefilesupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall12590625.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall5322109.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall190602.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
googleupdate.exe

TCP » 54.72.130.67:80
browserserver.exe

TCP » 54.72.130.67:80
sm.exe (System Monitor)

TCP » 54.72.130.67:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.72.130.67:80
uninstall129231.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
sfupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 54.72.130.67:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 54.72.130.67:80
pepperzip.exe

TCP » 54.72.130.67:80
internetenhancer.exe (Internet Enhancer)

TCP » 54.72.130.67:80
ssn.exe (ssn)

TCP » 54.72.130.67:443
mintcast_updater_service.exe (AutomaticUpdater)

TCP » 54.72.130.67:80
yacqq.exe

 
Latest 20 of 154 files

URL:
http://downloadmee.com/

Google Analytics:
UA-48689684

Title:
“downloadmee.com”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.