thanks.postdownload.net

Optimum Installer  (via a Proxy Registrant)

Domain Information

This site is used as the exit page for an adware-based download and install manager. After a download manager such as Premium Installer/Adknowledge of Optimum Installer deploys its offers, it will redirect the user's web browser to this site to record the offer installs as well as display various advertisements for additional offerings (of more potentially unwanted software). The domain thanks.postdownload.net is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher Optimum Installer who is located in Kansas City, Missouri in the United States.
Remove Malware from thanks.postdownload.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, May 15, 2013

Expires date:
Sunday, May 15, 2016

Updated date:
Saturday, May 02, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.PremiumInstaller.O, Threat.Adknowledge.Bundler
100.00%

Boost by Reason
Adware.PremiumInstaller.O
50.00%

avast!
Installer-K [PUP]
50.00%

ESET NOD32
Win32/AdWare.iBryte.K.gen application
50.00%

Dr.Web
Trojan.DownLoader11.3480
50.00%

AVG
Adware AdInstaller.ExpressInstall
50.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Jatif.89
50.00%

F-Prot
W32/Ibryte.G.gen
50.00%

F-Secure
Gen:Variant.Adware.Jatif
50.00%

VIPRE Antivirus
Threat.4778314
50.00%

Kaspersky
not-a-virus:AdWare.Win32.iBryte
50.00%

Bkav FE
W32.HfsAdware
50.00%

MicroWorld eScan
Gen:Variant.Adware.Jatif.89
50.00%

Quick Heal
PUA.iBryte.DC4
50.00%

Malwarebytes
PUP.Optional.iBryte
50.00%

The domain thanks.postdownload.net has been seen to resolve to the following 4 IP addresses.

ec2-54-225-160-115.compute-1.amazonaws.com
May 5, 2015

ec2-50-19-236-48.compute-1.amazonaws.com
May 5, 2015

(CloudFlare)
July 26, 2013

(CloudFlare)
July 26, 2013

File downloads found at URLs served by thanks.postdownload.net.

URL:
http://thanks.postdownload.net/

Title:
“Download Activation”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 2.0.50727)

Facebook:
Shares:  8

Twitter:
Shares:  2

Statistics are for the previous month.

Remove Malware from thanks.postdownload.net - Powered by Reason Core Security