The domain ytd-video-downloader.joydownload.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Virginia, United States (US)
Create date:
Monday, March 18, 2013
Expires date:
Saturday, March 18, 2017
Updated date:
Thursday, January 28, 2016
ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US
Scanner detections:
Detections (93% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.InnovativeSystems.i, PUP.Installer.InnovativeSystems.L, PUP.InnovativeSystems.Installer (M), PUP.RICHMEDIASYSTEMS.Installer (M), PUP.Innovati.Installer (M), Adware.Bundler.Meta (M)
85.71%
AVG
Generic, OpenCandy, Win32/Hidrag.A
71.43%
Dr.Web
Adware.Downware.6712, Adware.OpenCandy.47, Adware.OpenCandy.10, Adware.OpenCandy.55, Adware.Downware.9759, Adware.Downware.10304
71.43%
McAfee
Artemis!7B7F2BC93962, Artemis!79994A15D9CD, Artemis!4700773395D7, Artemis!415112855081, Artemis!B98DDCE11302, Artemis!0AD56B421CB8
64.29%
Malwarebytes
PUP.Optional.OpenCandy
64.29%
ESET NOD32
Win32/JoyDownloader, Win32/OpenCandy.C potentially unsafe (variant), Win32/JoyDownloader.D potentially unwanted
57.14%
Agnitum Outpost
Riskware.Agent, Riskware.OpenCandy
57.14%
Trend Micro House Call
Suspicious_GEN.F47V0716, Suspici.218D75EB, TROJ_GEN.F47V0530, Suspicious_GEN.F47V1113, Suspicious_GEN.F47V1115, ADW_OPENCANDY
50.00%
Avira AntiVirus
APPL/Downloader.Gen
50.00%
AhnLab V3 Security
PUP/Win32.Downloader, PUP/Win32.OpenCandy
50.00%
Baidu Antivirus
Adware.Win32.OpenCandy
50.00%
avast!
Win32:Malware-gen, Win32:Rootkit-gen [Rtk], Win32:Adware-gen [Adw], Win32:Gardih
42.86%
VIPRE Antivirus
Opencandy, Trojan.Win32.Generic, Threat.55332
42.86%
K7 AntiVirus
Adware , Unwanted-Program , Trojan
35.71%
G Data
Win32.Adware.OpenCandy
35.71%
The domain ytd-video-downloader.joydownload.com has been seen to resolve to the following 9 IP addresses.
ec2-54-225-168-223.compute-1.amazonaws.com
February 9, 2016
ec2-50-19-96-56.compute-1.amazonaws.com
February 9, 2016
ec2-54-243-80-4.compute-1.amazonaws.com
December 1, 2015
ec2-54-197-226-9.compute-1.amazonaws.com
December 1, 2015
ec2-54-235-130-12.compute-1.amazonaws.com
August 28, 2015
ec2-23-21-241-197.compute-1.amazonaws.com
December 1, 2014
ec2-23-23-159-111.compute-1.amazonaws.com
December 1, 2014
ec2-107-22-254-230.compute-1.amazonaws.com
October 20, 2014
ec2-184-73-244-120.compute-1.amazonaws.com
October 20, 2014
File downloads found at URLs served by ytd-video-downloader.joydownload.com.
Latest 30 of 39 download URLs
The following file have been seen to comunicate with ytd-video-downloader.joydownload.com in live environments.
URL:
http://ytd-video-downloader.joydownload.com/
Title:
“YTD Video Downloader - Download YTD Video Downloader 4.8 in english on JoyDownload”
Description:
“YTD Video Downloader –one-of-a-kind tool for downloading videos from the web on your PC - Download YTD Video Downloader latest version here.”
Network:
Amazon Web Services (AWS), running an EC2 instance
Web server:
nginx/1.9.12 (PHP/5.3.10-1ubuntu3.21)
Facebook:
Likes: 11
Shares: 214
Comments: 14
Statistics are for the previous month.