home

download.ez-download.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

Adware distribution site from Adlogica using a customized download manager such as the iBryte Optimum Installer. The site provides users with downloadble software bundled with various potentially unwanted software such as web browser toolbars and search hijackers including Babylon, Funmmods and Search.us. The domain download.ez-download.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Tuesday, August 21, 2012

Expires date:
Sunday, August 21, 2016

Updated date:
Saturday, August 22, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:
ez-download.com

Whois:
3 ez-download.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OutBrowse (M), PUP.Adlogica.QuickDownloader.Bundler (M), PUP.Adlogica.Ezdownload.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Adlogica.QuickDow.Bundler (M), PUP.Adlogica.Ezdownlo.Bundler (M), PUP.Adlogica (M), PUP.Outbrowse (M)
94.00%

ESET NOD32
Win32/OutBrowse.AE potentially unwanted application, Win32/OutBrowse.Q potentially unwanted application, Win32/OutBrowse.V potentially unwanted application
14.00%

McAfee
Program.Adware-OutBrowse
10.00%

avast!
Win32:Adware-gen [Adw], Win32:PUP-gen [PUP], Win32:OutBrowse-EQ [PUP]
8.00%

VIPRE Antivirus
Threat.4150696, Threat.4786018
6.00%

Kaspersky
not-a-virus:AdWare.NSIS.OutBrowse
4.00%

Dr.Web
Threat.Undefined, Trojan.InstallCore.1903
4.00%

AVG
Adware Generic_c.DGQ
4.00%

The domain download.ez-download.com has been seen to resolve to the following 13 IP addresses.

104.20.17.103
December 1, 2014

104.20.16.103
December 1, 2014

104.20.15.103
December 1, 2014

104.20.19.103
December 1, 2014

104.20.18.103
December 1, 2014

50.63.202.59
ip-50-63-202-59.ip.secureserver.net
November 30, 2014

104.28.20.85
November 1, 2014

104.28.21.85
November 1, 2014

141.101.112.6
April 16, 2014

190.93.243.5
April 16, 2014

190.93.241.5
April 16, 2014

190.93.242.5
April 16, 2014

190.93.240.5
(CloudFlare)
April 16, 2014

File downloads found at URLs served by download.ez-download.com.

1 / 68      (Adware)
http://download.ez-download.com/download/32/.../  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/31/.../  (firefox_setup.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/287/.../  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/287/.../  (firefox.exe)

2 / 68      (PUP)
http://download.ez-download.com/download/.../illnj8opc4dag3vr3l294htcddsf7sdebn5jula1fno5lrcrua30  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/30/.../  (firefox_downloader.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/.../m98kmltcqlq28v9b9rr9rb17u2aa7570q1t4rb8mgjmqrsen2jb1  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/.../n12lrrg2u9fmos5ig1eas8bh9h3nsj5c7pa5ekbvj6m49ingi9i1  (firefox_setup.exe)

4 / 68      (PUP)
http://download.ez-download.com/download/.../6eiu4ggd0fdog4g14di1484uhgp7or3am99gnqq37545tgq6u180  (firefox_setup.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/133/.../  (chrome_setup.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/32/.../?_u=v3h85mc9n5k1fa8f8nqvhdkoats3mhmtteimr0fqpo1ldbs33uq1-86db7d8c99e0c8a8f287349622f8b34d  (firefox.exe)

5 / 68      (PUP)
http://download.ez-download.com/download/32/.../  (firefox.exe)

4 / 68      (PUP)
http://download.ez-download.com/download/134/.../  (google-chrome.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/.../1l3nud23rcb18c7k99r13g2iebmnefqjajap1s3qneju09e5vlc1  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/.../j9nafbfu0kg5ef42dossdt8c0vjlim8gakrdmm8b7evbb7d284r0  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/.../absbhvb80f1v0mk4gb57lceg9s8vlsvl851fikjj4qfq860rtc70  (firefox.exe)

1 / 68      (Adware)
http://download.ez-download.com/download/134/.../?_u=vcutri92ldhnoj6v2i7tr3v4k3qcn399rc510v6oisorkl86lit0-645426c71feb6921507bec6a9b653a65  (google-chrome.exe)

The following 76 files have been seen to comunicate with download.ez-download.com in live environments.

TCP » 50.63.202.59:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.59:80
542ea991-df67-43e2-ad2c-2419f4348e9f-4.exe (iWebar)

TCP » 50.63.202.59:80
videosmediaplayersv2.2-codedownloader.exe (videosMediaPlayersv2.2 by enter)

TCP » 50.63.202.59:80
542ea991-df67-43e2-ad2c-2419f4348e9f-11.exe (iWebar)

TCP » 50.63.202.59:80
568f9ce1-8d57-40ca-a160-654153772f7f-4.exe (Ge-Force by iWebar)

TCP » 50.63.202.59:80
ijtfw.exe (videosMediaPlayersv2.2 by enter)

TCP » 50.63.202.59:80
kszyzl.exe (Sense by Object Browser)

TCP » 50.63.202.59:80
bobrowser.exe (BoBrowser by The BoBrowser Authors)

TCP » 50.63.202.59:80
jnua.exe (SmartSaver+ 15 by smart-saverplus)

TCP » 50.63.202.59:80
741b5238-a6d2-4bda-b88d-1c5d7c9482d1-11.exe (Radio Canyon)

TCP » 50.63.202.59:80
new_chrome.exe (BoBrowser by The BoBrowser Authors)

TCP » 50.63.202.59:80
ge-force-codedownloader.exe (Ge-Force by iWebar)

TCP » 50.63.202.59:80
741b5238-a6d2-4bda-b88d-1c5d7c9482d1-4.exe (Radio Canyon)

TCP » 50.63.202.59:80
bobrowser.exe (BoBrowser by The BoBrowser Authors)

TCP » 50.63.202.59:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.59:80
542ea991-df67-43e2-ad2c-2419f4348e9f-2.exe (iWebar)

TCP » 50.63.202.59:80
6f96f776-b153-49ce-b6ad-58046caecd90-6.exe (CinPl-2.5cV12.10 by Cinema PlusV12.10)

TCP » 50.63.202.59:80
a9a2d724-0c49-4aae-bf5c-fd084d41777f-5.exe (HQ-Quality-v2V07.11)

TCP » 50.63.202.59:80
onlineguardian-v2.exe

TCP » 50.63.202.59:80
741b5238-a6d2-4bda-b88d-1c5d7c9482d1-5.exe (Radio Canyon)

 
Latest 20 of 77 files

ringmastercasino.com

tinyjuke.com

browsersinfo.com

0118d.info

0118f.info

0121j.info

ad121m.com

builduser.info

cecitt.info

chapinstalled.com

completeready.com

distributioninstalled.com

downmyfiles.com

electricweb.info

esoservices.net

familiar.com

fluff1209.info

informgroup.info

keenpeople.com

legacydownloads.com

maxgennode.com

poetbestfiles.com

quickconvertmedia.com

resolutecomputing.com

sinsinstall.com

sportsoneclick.com

twininstall.info

vclipconverter.com

yourddl1000.info

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.