home

www.easy-pdf-converter.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.easy-pdf-converter.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Sunday, March 2, 2014

Expires date:
Thursday, March 2, 2017

Updated date:
Monday, March 14, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:
easy-pdf-converter.com

Whois:
1 easy-pdf-converter.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Somoto.d, PUP.Somoto.I, PUP.Somoto.EE, PUP.Somoto.i, PUP.Somoto.?, PUP.Somoto.p, PUP.Somoto.Bundler (M), PUP.Somoto (M)
100.00%

Clam AntiVirus
Win.Adware.Somoto
41.67%

Kaspersky
not-a-virus:AdWare.Win32.Agent, not-a-virus:Downloader.Win32.Agent
41.67%

Sophos
Generic PUA CD, Generic PUA BG, Somoto BetterInstaller
41.67%

Baidu Antivirus
Adware.Win32.Somoto, Adware.Win32.Agent
41.67%

AVG
Generic
41.67%

Qihoo 360 Security
Win32/Application.6bb, HEUR/Malware.QVM06.Gen, HEUR/QVM42.0.Malware.Gen, Trojan.Generic, Win32/Virus.Downloader.192
41.67%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
33.33%

NANO AntiVirus
Riskware.Nsis.Adware.dbnhrj, Riskware.Win32.Downware.digcac
33.33%

SUPERAntiSpyware
PUP.Somoto/Variant
33.33%

Avira AntiVirus
APPL/Somoto.Gen2
33.33%

ESET NOD32
Win32/Somoto
33.33%

Dr.Web
Trojan.Packed.28357
33.33%

Trend Micro House Call
TROJ_GEN.R0C1H07HT14, TROJ_GEN.R0C1H07I114, TROJ_GEN.R0C1H07KA14
25.00%

Comodo Security
Application.Win32.Somoto.CK
25.00%

The domain www.easy-pdf-converter.com has been seen to resolve to the following 2 IP addresses.

185.53.178.8
August 10, 2016

184.168.221.56
ip-184-168-221-56.ip.secureserver.net
April 7, 2016

File downloads found at URLs served by www.easy-pdf-converter.com.

1 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N47aINax6.exe  (00000053)

1 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-NfmX87YxS.exe  (48b307787f96960ec650d357c32cb3c9)

1 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-NaDwFi4Qd.exe  (ce59247597aa50966c0a5ac4ae45ef6a)

15 / 68    (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N1rCT7zJK.exe  (velhas-virgens-ninguém-beija-como-as-lésbicas_downloader-i6wpqhzzn.exe)

1 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N4vg728K7.exe  (98a1c9d53d3e8e09673a08e63fc35a1a)

7 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N4FhSxWkn.exe  (00000005)

1 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N1usU0Mgs.exe  (ab7556afb438f19e17bbc98810a7db17)

22 / 68    (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N7Bkj0A8F.exe  (drivertoolkit8_downloader-negv9qzei.exe)

16 / 68    (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-NbMMHIDL7.exe  (download-freakshare_downloader-icb6rpo1f.exe)

12 / 68    (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N0L9yGIvL.exe  (filedownloadedsuccessfully_downloader-n295rn8sp.exe)

1 / 68      (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-N6C4bpnKP.exe  (680add13a0e4e4b1f1f2f44146da1b0b)

22 / 68    (Adware)
http://www.easy-pdf-converter.com/.../FLVPlayerSetup-Nca62oy59.exe  (flvplayer_downloader-n423d5nqt.exe)

The following 119 files have been seen to comunicate with www.easy-pdf-converter.com in live environments.

TCP » 184.168.221.56:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 184.168.221.56:80
object browser-codedownloader.exe (Object Browser)

TCP » 184.168.221.56:80
c01208e4-b2ad-40c1-9810-40447884a00b-9.exe

TCP » 184.168.221.56:80
iwebar-codedownloader.exe (iWebar)

TCP » 184.168.221.56:80
4132a714-32df-4151-aae1-b56eb1d2e3f3-7.exe (Object Browser)

TCP » 184.168.221.56:80
3d8a4763-2a81-4784-8f04-7f4227a2f40c-7.exe.66776.gzquar (TheTorntv V10 by esc)

TCP » 184.168.221.56:80
pricora 12.0-codedownloader.exe (Pricora 12.0 by Corporate Inc)

TCP » 184.168.221.56:80
c37af138-5101-4b3d-b0a8-9f637d3b9ced-2.exe (HD-V1.9 by InfoHD-V1.8)

TCP » 184.168.221.56:80
e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5.exe (Object Browser)

TCP » 184.168.221.56:80
dff83d61-5151-41c1-b783-6aa45d3ed0ce-4.exe (iWebar)

TCP » 184.168.221.56:80
498873fb-c19a-450b-bf44-4155f22eff4e-7.exe (Browsers Apps by app)

TCP » 184.168.221.56:80
c2c330c9-2d35-4ede-9821-e1953d67d3b7-5.exe (TheTorntv V10 by esc)

TCP » 184.168.221.56:80
plus-hd-9.1-novainstaller.exe (Plus-HD-9.1 by Plus HD)

TCP » 184.168.221.56:80
hq-video-pro-1.9-novainstaller.exe (HQ-Video-Pro-1.9 by HQ-Video)

TCP » 184.168.221.56:80
8c2e1496-60b7-4063-bbda-6139ce38d228-4.exe (TheGoPhoto.it V10 by joep)

TCP » 184.168.221.56:80
internet speed checker-codedownloader.exe (Internet Speed Checker by Speedchecker)

TCP » 184.168.221.56:80
firefoxuninstaller63311.exe (TheTorntv V10 by esc)

TCP » 184.168.221.56:80
0d7c9ef9-c70e-4b1a-baad-f0c176458ea1-11.exe (Internet Speed Checker by Speedchecker)

TCP » 184.168.221.56:80
4bd3ec58-c42f-443e-8edb-0a5b2d035380-4.exe (iWebar)

TCP » 184.168.221.56:80
e61ae902-cc88-4c95-9312-ccad5e2bbc57-4.exe (SmartSaver+ 15 by smart-saverplus)

 
Latest 20 of 120 files

URL:
http://www.easy-pdf-converter.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.