download.easydriverpro.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.easydriverpro.net is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Remove Malware from download.easydriverpro.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Saturday, February 12, 2011

Expires date:
Friday, February 12, 2016

Updated date:
Sunday, April 26, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Dr.Web
Trojan.Siggen6.33552
62.50%

Kaspersky
not-a-virus:Downloader.NSIS.Agent
56.25%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent
50.00%

Reason Heuristics
PUP.Optional.ProbitSoftware.N, PUP.Probit.Optional.Installer.Meta (L)
37.50%

Zillya! Antivirus
Downloader.Agent.Win32.241947
31.25%

Panda Antivirus
Trj/CI.A, Generic Suspicious
31.25%

Fortinet FortiGate
Riskware/Agent
31.25%

Baidu Antivirus
Hacktool.NSIS.Agent
31.25%

Qihoo 360 Security
HEUR/QVM42.1.Malware.Gen, HEUR/QVM42.0.Malware.Gen, Win32/Virus.Downloader.dc3
31.25%

Norman
Downloader, Trojan.Generic.14737121, Trojan.Generic.15025727
31.25%

McAfee
Artemis!818F0FC07EBC, Program.Artemis!5736617E1C59, RDN/Downloader.a!vn, Trojan.Artemis!55D50850E483, RDN/Generic Downloader.x!nf
31.25%

Emsisoft Anti-Malware
Trojan.Generic.14737121, Trojan.Generic.14509113, Trojan.Generic.14701989, Trojan.Generic.15025727, Trojan.Generic.13295377
31.25%

Trend Micro House Call
TROJ_GEN.R047C0ECA15
25.00%

Trend Micro
TROJ_GEN.R047C0ECA15
25.00%

Sophos
Generic PUA CL, Generic PUA DJ, Generic PUA BP (PUA), Generic PUA IJ
25.00%

The domain download.easydriverpro.net has been seen to resolve to the following 54 IP addresses.

server-54-192-195-240.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-111.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-250.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-253.iad53.r.cloudfront.net
February 7, 2016

server-54-192-195-207.iad53.r.cloudfront.net
February 7, 2016

server-54-192-195-100.iad53.r.cloudfront.net
February 7, 2016

server-54-240-160-52.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-4.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-199.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-172.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-171.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-149.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-133.iad12.r.cloudfront.net
February 1, 2016

server-54-240-160-94.iad12.r.cloudfront.net
February 1, 2016

server-54-192-195-9.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-231.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-227.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-226.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-146.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-143.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-89.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-58.iad53.r.cloudfront.net
February 1, 2016

server-54-192-195-14.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-7.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-171.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-152.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-132.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-106.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-78.iad53.r.cloudfront.net
January 4, 2016

server-54-192-195-31.iad53.r.cloudfront.net
January 4, 2016

 
Showing 30 of 54 IP Addresses

File downloads found at URLs served by download.easydriverpro.net.

2 / 68      (inconclusive)

27 / 68    (PUP)

14 / 68    (PUP)

20 / 68    (PUP)

13 / 68    (PUP)

1 / 68      (PUP)

6 / 68      (PUP)

5 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

22 / 68    (PUP)

3 / 68      (Malware)

3 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

The following 6 files have been seen to comunicate with download.easydriverpro.net in live environments.

URL:
http://download.easydriverpro.net/

Network:
Amazon Cloudfront

Web server:
AmazonS3

Remove Malware from download.easydriverpro.net - Powered by Reason Core Security