download.ez-downloads.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain download.ez-downloads.com is registered by proxy through ENOM, INC. and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Digital Ocean, Inc. network.
Remove Malware from download.ez-downloads.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
New York, United States (US)

Create date:
Friday, March 14, 2014

Expires date:
Monday, March 14, 2016

Updated date:
Friday, March 14, 2014

ASN:
AS46652 SERVERSTACK-ASN - ServerStack, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.AirSoftware.F, PUP.Optional.Installer.F, PUP.Installer.InstallManager.F, PUP.Installer.InstallManager.P, PUP.Installer.Fileangels.F, PUP.Installer.InstallManager.J
90.91%

Malwarebytes
PUP.Optional.AirInstaller, PUP.Optional.OutBrowse, PUP.Optional.AirAdInstaller, PUP.Optional.OptimumInstaller.A
90.91%

VIPRE Antivirus
Iminent, OutBrowse, Threat.4665102, Threat.4784938, Threat.4778314, Threat.4150696
90.91%

AhnLab V3 Security
PUP/Win32.AirAdInstaller, Trojan/Win32.StartPage, PUP/Win32.Installer, PUP/Win32.IBryte
90.91%

K7 Gateway Antivirus
Unwanted-Program
81.82%

avast!
Win32:Installer-L [PUP], Win32:Adware-BZI [PUP], Adware-gen [Adw]
81.82%

Dr.Web
Adware.Downware.2035, Trojan.SMSSend.5492, Trojan.SMSSend.5436, Trojan.SMSSend.5502, Adware.iBryte.473
81.82%

Sophos
AirInstaller, iBryte Optimum Installer
81.82%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C, PE:Malware.iBryte!6.192B
81.82%

Agnitum Outpost
PUA.AirAd, PUA.AirAdInstaller, PUA.Agent
81.82%

Avira AntiVirus
ADWARE/Adware.Gen, ADWARE/Adware.Gen7
81.82%

Vba32 AntiVirus
AdWare.AirAdInstaller.ajov, AdWare.iBryte
81.82%

IKARUS anti.virus
Win32.Malware, not-a-virus:AdWare.AirAdInstaller, PUA.AirAdInstaller, AdWare.iBryte
81.82%

AVG
Generic_r, Adware BundleApp_r, Adware AdPlugin
81.82%

Kaspersky
not-a-virus:AdWare.Win32.AirAdInstaller, not-a-virus:Downloader.NSIS.Agent
81.82%

The domain download.ez-downloads.com has been seen to resolve to the following 5 IP addresses.

108.168.218.35-static.reverse.softlayer.com
October 9, 2014

justice.airinstaller.com
September 27, 2014

173.192.195.228-static.reverse.softlayer.com
September 27, 2014

empire.airinstaller.com
September 4, 2014

chicago.airinstaller.com
April 4, 2014

File downloads found at URLs served by download.ez-downloads.com.

The following file have been seen to comunicate with download.ez-downloads.com in live environments.

URL:
http://download.ez-downloads.com/

Title:
“Air Installer ™”

Description:
“Air Installer”

Web server:
Apache/2.2.22 (Ubuntu) (PHP/5.4.31-1+deb.sury.org~precise+1)

30 of 45 related domains

Remove Malware from download.ez-downloads.com - Powered by Reason Core Security