iron.zbane.com

Nortcon Ltd

Domain Information

The domain iron.zbane.com registered by Nortcon Ltd was initially registered in April of 2011 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the RIPE Network Coordination Centre network.
Remove Malware from iron.zbane.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, April 07, 2011

Expires date:
Thursday, April 07, 2016

Updated date:
Sunday, April 26, 2015

ASN:
AS16265 FIBERRING Amsterdam, Netherlands

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WorldSetup.J, PUP.MaxSetup.L, PUP.ironSource, PUP.Bundler.ironSource, PUP.installCore.WorldSetup, PUP.installCore.WorldSetup (M), PUP.installCore.MaxSetup (M), PUP.installCore.ExtendedSetup (M), PUP.installCore.STMSetup (M), PUP.installCore.STMSetup.Installer (M)
95.92%

VIPRE Antivirus
Threat.5063361, Threat.4150696, Threat.4786018, Adware.Win32.InstallCore.ba, Adware.InstallCore
28.57%

Sophos
PUA 'Install Core', PUA 'Install Core Click run software'
26.53%

Avira AntiVirus
ADWARE/InstallCore.Gen7, APPL/InstallCore.ON, Adware/Downware.edqw, PUA/InstallCore.Gen7, Adware/InstallCore.OU.58
26.53%

AVG
InstallCore, Potentially harmful program Skodna.Downloader.CW, Generic, Ransomer, MalSign.Generic
26.53%

ESET NOD32
Win32/InstallCore.IO potentially unwanted application, Win32/InstallCore.BY potentially unwanted application, Win32/InstallCore.OU potentially unwanted application
24.49%

Dr.Web
Trojan.Packed.24524, Trojan.MulDrop5.10078, Trojan.Packed.30156, Adware.InstallCore.386
24.49%

K7 AntiVirus
Unwanted-Program , Trojan
24.49%

K7 Gateway Antivirus
Unwanted-Program , Trojan
24.49%

NANO AntiVirus
Riskware.Win32.InstallCore.dcnbkj, Riskware.Win32.InstallCore.dcnbhm, Riskware.Win32.InstallCore.dgjqgc, Riskware.Win32.InstallCore.dfgolb
24.49%

Comodo Security
Application.Win32.InstallCore.KRI, Application.Win32.Installcore.MX, Application.Win32.InstallCore.STS, Application.Win32.Installcore.BV
24.49%

McAfee Web Gateway
BehavesLike.Win32.CryptInno.jc, BehavesLike.Win32.Ransom.jc, BehavesLike.Win32.CryptInno.bc
24.49%

G Data
Win32.Application.InstallCore, Gen:Trojan.Heur2.GZ.PGZ@biErVXdi, Win32.Application.InstallCore.CZ
24.49%

Vba32 AntiVirus
Downware.InstallCore, Malware-Cryptor.InstallCore.gen
24.49%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.InstallCore.A
20.41%

The domain iron.zbane.com has been seen to resolve to the following IP address.

hosted-by.leaseweb.com
February 14, 2014

File downloads found at URLs served by iron.zbane.com.

 
Latest 30 of 106 download URLs

URL:
http://iron.zbane.com/

Web server:
Apache/2.2.15 (CentOS)

Remove Malware from iron.zbane.com - Powered by Reason Core Security