download.jzip.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.jzip.com is registered by proxy through GODADDY.COM, LLC and was originally registered in November of 2000. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Tel Aviv, Tel Aviv within Israel which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Tel Aviv, Israel (IL)

Create date:
Thursday, November 02, 2000

Expires date:
Thursday, November 02, 2017

Updated date:
Wednesday, September 09, 2015

ASN:
AS6461 MFNX MFN - Metromedia Fiber Network

Root domain:

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.BandooMedia.J, PUP.Optional.Installer.T, PUP.Optional.Installer.Q, PUP.Optional.Installer.J, PUP.Optional.Installer.R, PUP.Installer.BandooMedia, PUP.Bandoo.Installer, PUP.Bandoo.BandooMedia.Installer (M), Win32.Generic.BandooMedia.Installer.Meta, PUP.Bandoo.BandooMe.Installer (M), PUP.Bandoo (M)
100.00%

Dr.Web
Adware.Bandoo.11, Adware.Bandoo.168, Adware.Bandoo.194
22.00%

Malwarebytes
PUP.Optional.Bandoo
16.00%

ESET NOD32
Win32/Toolbar.SearchSuite, Win32/Toolbar.SearchSuite (variant)
14.00%

NANO AntiVirus
Trojan.Win32.Downware.crewao, Riskware.Win32.Bandoo.dgnlaz, Riskware.Nsis.Adware.dsqgam
14.00%

McAfee
SearchSuite, Program.SearchSuite
14.00%

McAfee Web Gateway
SearchSuite
14.00%

Trend Micro House Call
TROJ_GEN.F47V0314, TROJ_GEN.F47V0312, TROJ_GEN.R00GB01DS15
12.00%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Adware
12.00%

K7 AntiVirus
Unwanted-Program , Trojan , Adware
12.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4895518, Threat.4150696
12.00%

AVG
Generic, Adware Generic_r.VQ
12.00%

Rising Antivirus
PE:Trojan.Dropper!6.1BE, PE:AdWare.Win32.BearShare.b!1075356890
10.00%

G Data
Win32.Adware.Bandoo, Win32.Application.Agent.VJFYZ5, Win32.Application.Agent.51OJV8
10.00%

ESET NOD32
Win32/Toolbar.SearchSuite.J potentially unwanted application
10.00%

The domain download.jzip.com has been seen to resolve to the following 2 IP addresses.

94.31.0.25.IPYX-076665-ZYO.above.net
December 26, 2013

August 5, 2013

File downloads found at URLs served by download.jzip.com.

1 / 68      (PUP)
http://download.jzip.com/jZipSetup.exe  (jzipsetup-r7-n-bc.exe)

The following 15 files have been seen to comunicate with download.jzip.com in live environments.

URL:
http://download.jzip.com/

Web server:
Apache