home

downloadserver16.com

Advertiso GmbH

Domain Information

The domain downloadserver16.com registered by Advertiso GmbH was initially registered in November of 2013 through REGISTRYGATE GMBH. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
REGISTRYGATE GMBH

Server location:
Berlin, Germany (DE)

Create date:
Monday, November 4, 2013

Expires date:
Friday, November 4, 2016

Updated date:
Thursday, November 5, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online AG,DE

Whois:
2 downloadserver16.com records

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.AdvertisoGmbH.V, PUP.Installer.AdvertisoGmbH.N, PUP.installCore.Advertiso.Installer (M), PUP.installCore.STMSetup.Installer (M), PUP.installCore.Advertis.Installer (M), PUP.installCore (M)
100.00%

VIPRE Antivirus
Threat.4150696
28.57%

Dr.Web
Trojan.Packed.28386
28.57%

ESET NOD32
Win32/InstallCore.MZ potentially unwanted application
28.57%

SUPERAntiSpyware
PUP.InstallCore/Variant
28.57%

K7 AntiVirus
Unwanted-Program
28.57%

Sophos
Install Core Click run software
28.57%

AVG
InstallC
28.57%

herdProtect (fuzzy)
a variant of aea27550c4ec60f56d5883c371319d5a38f8a8a5
28.57%

McAfee
Trojan.Artemis!42E0328D4F6D
14.29%

The domain downloadserver16.com has been seen to resolve to the following IP address.

144.76.61.176
static.176.61.76.144.clients.your-server.de
August 17, 2014

File downloads found at URLs served by downloadserver16.com.

1 / 68      (Adware)
http://downloadserver16.com/system/downloads/file2s/000/057/344/.../free-solitaire_setup.exe  (5d820f84409e3ec234dd76301acb4c9f)

1 / 68      (Adware)
http://downloadserver16.com/system/downloads/file2s/000/000/377/.../camfrog_setup.exe  (41b10f5bd985ad8d6c8e7da58d5f9516)

1 / 68      (Adware)
http://downloadserver16.com/system/downloads/file2s/000/003/468/.../google-toolbar_setup.exe  (f0cc4ef7890345c136c8cc81629815ae)

1 / 68      (Adware)
http://downloadserver16.com/system/downloads/file2s/000/003/468/.../google-toolbar_setup.exe  (fcb1ec0418d202dd1b941c54b97f385d)

1 / 68      (Adware)
http://downloadserver16.com/system/downloads/file2s/000/003/468/.../google-toolbar_setup.exe  (d46f01a723f58d11c8d1969570bee402)

0 / 68
http://downloadserver16.com/system/downloads/file2s/000/052/733/.../google-desktop_setup.exe  (7a7f9950330d12141847dfc59e699eca)

9 / 68      (Adware)
http://downloadserver16.com/system/downloads/file2s/000/053/157/.../adblock_setup.exe  (8065bdc9c01d2da3ad2fa71d0dea3f21)

10 / 68    (Adware)
http://downloadserver16.com/system/downloads/file2s/000/000/533/.../google-sketchup_setup.exe  (42e0328d4f6d87eb4451b337af354b07)

The following 7 files have been seen to comunicate with downloadserver16.com in live environments.

TCP » 144.76.61.176:80
icreinstall_google-earth_setup.exe (Web Program software by Installer Internet Application)

TCP » 144.76.61.176:80
powerpoint-viewer-2007_setup.exe

TCP » 144.76.61.176:80
chrome_setup.exe (Generic Software by Software)

TCP » 144.76.61.176:80
replay-video-capture_setup.exe (Internet)

TCP » 144.76.61.176:80
spotify_setup.exe

TCP » 144.76.61.176:80
spybot-search-destroy_setup.exe (Program installer by Web)

TCP » 144.76.61.176:80
google-chrome_setup.exe (Generic Application by Software Internet)

downloadserver40.com

musterbewerbung.net

secured-download.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.