home

downprov.nuclearmedicine2011.org

Whois Privacy Corp.

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network.
Registrar:
Internet Domain Service BS Corp

Server location:
Dublin City, Ireland (IE)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
nuclearmedicine2011.org

Whois:
3 nuclearmedicine2011.org records

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra, Threat.4657539
87.76%

Comodo Security
Application.Win32.LoadMoney.IARS, ApplicUnwnt
85.71%

AhnLab V3 Security
PUP/Win32.Amonetize
77.55%

Trend Micro House Call
TROJ_GEN.R0C1H09B215, Suspicious_GEN.F47V0201, Suspicious_GEN.F47V0202, Suspicious_GEN.F47V0131, TROJ_GEN.R0C1H07C615, TROJ_GEN.R03EC0OBD15, Suspicious_GEN.F47V0130
75.51%

Baidu Antivirus
Adware.Win32.Amonetize, PUA.Win32.Amonetize
73.47%

avast!
Rootkit-gen [Rtk], Win32:Rootkit-gen [Rtk], Win32:Malware-gen, Adware-gen [Adw], Win32:Adware-gen [Adw]
67.35%

Kaspersky
UDS:DangerousObject.Multi.Generic, not-a-virus:AdWare.Win32.Amonetize
61.22%

ESET NOD32
Win32/Amonetize.DJ potentially unwanted, Win32/Amonetize.DK potentially unwanted
57.14%

Qihoo 360 Security
HEUR/QVM16.0.Malware.Gen, HEUR/QVM42.0.Malware.Gen, Win32/Virus.Adware.402, Win32/Virus.Adware.87a, Win32/Virus.Adware.932
55.10%

Reason Heuristics
Adware.Bundler, PUP.Amonetize (M), Adware.Amonetize.ET (M)
55.10%

McAfee
Artemis!F81CCC327359, Trojan.Artemis!545706BC440A, Artemis!18B4016A3FDA, RDN/Generic.hra!ce, Artemis!DF0900F6C7F9, RDN/Generic PUP.x!c2o, Artemis!B45AE3BDE2B2, RDN/Generic.dx!d2y, Artemis!F26C7F5E2F9B, Artemis!D07F2668AD44, Program.Artemis!4B24A45F59B8
51.02%

Panda Antivirus
Generic Suspicious, Trj/CI.A
42.86%

NANO AntiVirus
Trojan.Nsis.Amonetize.dnxabb
42.86%

K7 AntiVirus
Trojan , Adware
40.82%

Avira AntiVirus
TR/Spy.Agent.1350656, Adware/Amonetize.304247, Adware/Amonetize.304377.1, Adware/Amonetize.304234, ADWARE/Amonetize.315129
38.78%

The domain downprov.nuclearmedicine2011.org has been seen to resolve to the following 3 IP addresses.

54.72.130.67
ns1.ibspark.com
January 3, 2016

104.28.6.62
May 4, 2015

104.28.7.62
May 4, 2015

File downloads found at URLs served by downprov.nuclearmedicine2011.org.

9 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../musique gabonaise pierre claver zeng_10924_i26707807_il345.exe  (mozart piano pieces_10924_i26709015_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../transformers 2 online latino_10924_i26275579_il345.exe  (clashofclans hacker_10924_i26272997_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../purble place 2_10924_i25135306_il345.exe  (thomas whitfield alive and satisfied_10924_i25134261_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../fallout new vegas halo mod_10924_i24586466_il345.exe  (e57665e87070dc479f5d65e6c1a28350)

3 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../survival horror fps_10924_i27051156_il345.exe  (b9344573876875a1e761c3c4fbfe69c6)

16 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../program ofertare tamplarie pvc_10924_i25998568_il345.exe  (6968859e91c295f2234195127458984a)

17 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../dell vostro 1000 network controller driver_10924_i25058782_il345.exe  (94c1fde6dd1b5d76c802a4c1c1e46886)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../téléchargement winzip windows 7_10924_i26883544_il345.exe  (herbal medicine books pdf_10924_i26878568_il345.exe)

17 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../light racer 3d full_10924_i24796538_il345.exe  (mango unlock 0.1.2 win.rar_10924_i24794475_il345.exe)

2 / 68
http://downprov.nuclearmedicine2011.org/p/.../collage maker online no_10924_i25429752_il345.exe  (dell dimension 3000 audio driver_10924_i25426630_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../uae mountains_10924_i26655606_il345.exe  (house of love 2000_10924_i26658376_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../pingwiny z madagaskaru chomikuj.pl_10924_i26587393_il345.exe  (statistical mechanics donald allan mcquarrie_10924_i26579925_il345.exe)

3 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../scooby doo nawiedzone bagno crack_10924_i25191677_il345.exe  (6ccf01c787c90afd848d1c2d5accf96b)

6 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../salif keita africa_10924_i27893343_il345.exe  (fete de la musique vagney 2013_10924_i27887246_il345.exe)

13 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../cambridge checkpoint past papers_10924_i25261097_il345.exe  (guide du routard_10924_i25262177_il345.exe)

16 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../super bowl live stream_10924_i27172733_il345.exe  (soundcloud 2.0_10924_i27170508_il345.exe)

19 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../ipso 4.2 download_10924_i24977608_il345.exe  (14f6dd711440a3c3246e2a9dad5dc71b)

3 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../tibia mc 8.6 tibiasoft_10924_i24804893_il345.exe  (crack elsword_10924_i24800315_il345.exe)

6 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../warband 1776 american revolution mod_10924_i26003977_il345.exe  (felted fox_10924_i26001833_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../stunt gp game_10924_i27079102_il345.exe  (embarcadero delphi xe2 update 4 16.0.4504.48759 wgt_10924_i27082320_il345.exe)

17 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../Eset nod32 antivirus 7 crack key_10924_i25033714_il345.exe  (the twits play script_10924_i25037851_il345.exe)

3 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../fairy tail portable guild 2 rom_10924_i24747802_il345.exe  (4b24a45f59b8242fc931cb5df727112b)

12 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../desktop clock and calendar wallpaper_10924_i27256915_il345.exe  (26fe1f8defd497f7d183ddf7d0980474)

4 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../Eset nod32 antivirus 7 crack key_10924_i25030625_il345.exe  (720afbf7c4741bffc3a61052a2c11162)

10 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../Links Protegidos (Mega)_10924_i26672926_il345.exe  (yahoo mail sign in yahoo mail_10924_i26676388_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../cheat engine 6.1 setup_10924_i28044135_il345.exe  (digital insanity keygen_10924_i28012363_il345.exe)

4 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../cracked adobe photoshop 7.0_10924_i28121202_il345.exe  (death note english dub_10924_i28111237_il345.exe)

9 / 68      (PUP)
http://downprov.nuclearmedicine2011.org/p/.../warcraft 3 tower defense_10924_i25275381_il345.exe  (ioc gas agency application_10924_i25282865_il345.exe)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../simple rental agreement form_10924_i26466153_il345.exe  (2f6b698a369f8ff5125beb55e1554705)

11 / 68    (PUP)
http://downprov.nuclearmedicine2011.org/p/.../car roof rack cebu_10924_i27242340_il345.exe  (hunter x hunter english dub direct_10924_i27242848_il345.exe)

 
Latest 30 of 136 download URLs

The following 142 files have been seen to comunicate with downprov.nuclearmedicine2011.org in live environments.

TCP » 54.72.130.67:80
simplefilesupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall12590625.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall5322109.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall190602.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
googleupdate.exe

TCP » 54.72.130.67:80
browserserver.exe

TCP » 54.72.130.67:80
sm.exe (System Monitor)

TCP » 54.72.130.67:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.72.130.67:80
uninstall129231.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
sfupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 54.72.130.67:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 54.72.130.67:80
pepperzip.exe

TCP » 54.72.130.67:80
internetenhancer.exe (Internet Enhancer)

TCP » 54.72.130.67:80
ssn.exe (ssn)

TCP » 54.72.130.67:443
mintcast_updater_service.exe (AutomaticUpdater)

TCP » 54.72.130.67:80
yacqq.exe

 
Latest 20 of 154 files

URL:
http://downprov.nuclearmedicine2011.org/

Google Analytics:
UA-48689684

Title:
“nuclearmedicine2011.org”

Web server:
nginx

1337xproxy.in

1clickdownloader.com

1dschool.com

1flymusic.com

1freesoftwareonline.com

215115638.com

360adstrack.com

4god.biz

4shared.net

55tjk.com

acidco.net

adexprt.me

adjalauto.com

adsclever.com

adsobject.com

adsservingowl.biz

adtrkx.com

africa-2010.com

agamefix.com

aiprosoft.com

alawar.it

all-baza.com

alwayswindcat.com

aminst.net

angelijah.com

angelijah.net

antivirus-gratuit.pro

anyras.com

app-mak.com

appapia.com

30 of 618 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.