dl2.getz.tv

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain dl2.getz.tv is registered by proxy through DOMAINCONTEXT, INC. and was originally registered in December of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pokrovka, Primor'Ye within Russia which resides on the RIPE Network Coordination Centre network.
Remove Malware from dl2.getz.tv - Powered by Reason Core Security
Registrar:
DOMAINCONTEXT, INC.

Server location:
Primor'Ye, Russia (RU)

Create date:
Tuesday, December 04, 2012

Updated date:
Thursday, October 10, 2013

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.

Root domain:

Scanner detections:
Detections  (61% detected)

Scan engine
Details
Detections

Rising Antivirus
PE:PUF.Zona!1.9E06
83.33%

K7 Gateway Antivirus
Unwanted-Program , Unwanted-File
77.78%

ESET NOD32
Win32/ZvuZona (variant)
72.22%

Reason Heuristics
PUP.Installer.DestinyMedia.?, PUP.Installer.DestinyMedia.r, PUP.Installer.DestinyMedia.i, PUP.Installer.DestinyMedia.j, PUP.Installer.DestinyMedia.DD, PUP.Installer.DestinyMedia.k, PUP.Installer.DestinyMedia.AA, PUP.Installer.DestinyMedia.M, PUP.Installer.DestinyMedia.t, PUP.Installer.DestinyMedia.a
61.11%

Malwarebytes
PUP.Optional.Zona
44.44%

Agnitum Outpost
PUA.ZvuZona
44.44%

Sophos
Zona Installer
38.89%

Vba32 AntiVirus
Signed-Downware.ZvuZona, Downloader.AdLoad.mlx
38.89%

Dr.Web
Trojan.StartPage.59964, Trojan.StartPage.57924, riskware program Program.Zona.28
27.78%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
27.78%

Avira AntiVirus
APPL/DestinyMed.K, Adware/ZvuZona.A, APPL/Downloader.Gen
22.22%

IKARUS anti.virus
AdWare.Win32.ZvuZona, not-a-virus:Downloader.Win32.AdLoad, PUA.ZvuZona
22.22%

K7 AntiVirus
Unwanted-Program
22.22%

Comodo Security
Application.Win32.ZvuZona.APRI
22.22%

Kaspersky
not-a-virus:Downloader.Win32.AdLoad
11.11%

The domain dl2.getz.tv has been seen to resolve to the following IP address.

hosted-by.ihc.ru
January 14, 2014

File downloads found at URLs served by dl2.getz.tv.

20 / 68    (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (flo_rida_-_turn_around_5_4_3_2_1.exe)

16 / 68    (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (acustica_audio_-_nebula3_pro_1.3.505_vst_x86_x64_2013.exe)

12 / 68    (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (793e8580d1d9c1ef3e6bcacfab9b0530)

12 / 68    (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (chamillionaire_-_ultimate_victory_-_2007_flac_tracks_lossless.exe)

14 / 68    (PUP)
http://dl2.getz.tv/tmp/fc/dc/.../adobe_audition_3_rus.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

14 / 68    (PUP)
http://dl2.getz.tv/tmp/d6/f0/.../artem_kashevarov_c_s_nulya_2011_rus.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

14 / 68    (PUP)

14 / 68    (PUP)

14 / 68    (PUP)

14 / 68    (PUP)
http://dl2.getz.tv/tmp/24/ed/.../avg_internet_security_2014_14.0.4142_2013_pc.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

14 / 68    (PUP)
http://dl2.getz.tv/tmp/22/29/.../norton_partition_magic_v8.05_rus.exe  (waves_all_plugins_bundle_v9r12_vst_x86_x64_win.exe)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_19_5.exe  (2ccc5daf285dbc2eac37ecd4607ea23d)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_19.exe  (2e435ed3cdca697f023917d85ea1d3fa)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_152.exe  (a01d0337cdca68ff615bdb4974fc8a7a)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_1434_5.exe  (e860ba22e4f08022cb03745c3dc1dc47)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_13_5.exe  (a2593fac009be2f8fd48ca5878991d1c)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_1168_5.exe  (dc0a4a4bf3a85bb6e8b365c51229c342)

3 / 68      (inconclusive)
http://dl2.getz.tv/.../ZonaSetup_latest_0_5.exe  (70441c1f7c5f5140955715ddb9cc4d4f)

13 / 68    (PUP)

1 / 68      (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (minecraft_v1.7.2_2011_pc_repack.exe)

10 / 68    (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (tysyacha_slov_a_thousand_words_2012_hdrip.exe)

12 / 68    (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (windows_xp_professional_sp3_rus_original.exe)

1 / 68      (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (windows_7_maksimalnaya_x86_x64_originalnye_obrazy.exe)

1 / 68      (PUP)
http://dl2.getz.tv/.../ZonaWebSetup.exe  (wdr_big_band_and_hardgrove_grooves_-_leverkusener_jazztage_2007_2007_g._fusion_funk_satrip.exe)

The following 2 files have been seen to comunicate with dl2.getz.tv in live environments.

URL:
http://dl2.getz.tv/

Title:
“Test Page for the Nginx HTTP Server on EPEL”

Web server:
nginx/1.0.15

Remove Malware from dl2.getz.tv - Powered by Reason Core Security