downloader.ez-download.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

Adware distribution site from Adlogica using a customized download manager such as the iBryte Optimum Installer. The site provides users with downloadble software bundled with various potentially unwanted software such as web browser toolbars and search hijackers including Babylon, Funmmods and Search.us. The domain downloader.ez-download.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Tuesday, August 21, 2012

Expires date:
Sunday, August 21, 2016

Updated date:
Saturday, August 22, 2015

Root domain:

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Adknowledge.OptimumI.Bundler (M), PUP.installCore.SecureIn.Installer (M), PUP.Adlogica.FastDown.Bundler (M), PUP.Adlogica.QuickDow.Bundler (M), PUP.Outbrowse.Bundler (M), PUP.Adlogica (M), PUP.Adknowledge (M), PUP.installCore (M), PUP.Outbrowse (M)
89.13%

ESET NOD32
Win32/InstallCore.BL potentially unwanted application, Win32/InstallCore.DF potentially unwanted application, Win32/InstallCore.DP potentially unwanted application, Win32/OutBrowse.M potentially unwanted application, Win32/InstallCore.GQ potentially unwanted application
30.43%

avast!
Win32:PUP-gen [PUP], Win32:OutBrowse-CH [PUP], Win32:Adware-gen [Adw]
21.74%

F-Prot
W32/InstallCore.W.gen, W32/InstallCore.R.gen
17.39%

Dr.Web
Adware.InstallCore.53, Adware.InstallCore.122, Trojan.Crossrider1.49350, Adware.InstallCore.133
13.04%

Microsoft Security Essentials
SoftwareBundler:Win32/DealPly, Threat.Undefined, SoftwareBundler:Win32/OutBrowse
13.04%

VIPRE Antivirus
InstallCore, Threat.4786018
8.70%

Norman
Troj_Generic.SQONQ, Adware.DealPly.J
8.70%

Emsisoft Anti-Malware
Adware.DealPly
6.52%

K7 Gateway Antivirus
Unwanted-Program
4.35%

K7 AntiVirus
Unwanted-Program
4.35%

Trend Micro House Call
TROJ_SPNR.0CCG13, TROJ_GEN.F47V0720
4.35%

Sophos
Install Core
4.35%

Comodo Security
UnclassifiedMalware
4.35%

Avira AntiVirus
ADWARE/InstallCore.Gen, APPL/InstallCore.Y.92
4.35%

The domain downloader.ez-download.com has been seen to resolve to the following 9 IP addresses.

ip-184-168-221-36.ip.secureserver.net
November 30, 2014

ip-50-63-202-43.ip.secureserver.net
November 29, 2014

November 1, 2014

November 1, 2014

December 26, 2013

(CloudFlare)
December 26, 2013

December 26, 2013

December 26, 2013

December 26, 2013

File downloads found at URLs served by downloader.ez-download.com.

 
Latest 30 of 440 download URLs

The following 76 files have been seen to comunicate with downloader.ez-download.com in live environments.

 
Latest 20 of 79 files