190.93.242.5

Latin American and Caribbean IP address Regional Registry

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 190.93.242.5 is Latin American and Caribbean IP address Regional Registry and located in Uruguay. Currently there are 10 domain names that utilize this address. The primary domain hosted by this IP is ez-download.com along with 9 other domains which are known adware distribution web sites. The address and domain is leased to Quick Downloader.
Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler (M), PUP.Installer.OutBrowse.F, PUP.Installer.QuickDownloader.K, PUP.Installer.Ezdownload.V, PUP.OutBrowse.H, PUP.Installer.FastDownloads.N, PUP.Adlogica.FastDownloads.Bundler (M), PUP.Adknowledge.OptimumInstaller.Installer (M), PUP.Adlogica.QuickDownloader.Bundler (M), PUP.Adknowledge.WARPINSTALL.Installer (M), PUP.installCore.SecureInstaller.Installer (M), PUP.Adknowledge.TINYINSTALLER.Installer (M), PUP.InstallCore.Installer.Installer (M), PUP.Adlogica.FastDown.Bundler (M), PUP.Adknowledge.PremiumI.Installer (M), PUP.installCore.SecureIn.Installer (M), PUP.Adknowledge.OptimumI.Bundler (M), PUP.Adknowledge.TINYINST.Bundler (M), PUP.Adknowledge.PremiumI.Bundler (M), PUP.Adknowledge.FUSIONIN.Bundler (M)
86.05%

Dr.Web
Adware.InstallCore.133, Adware.Downware.1664, Adware.Downware.2468, Threat.Undefined, Adware.Downware.1144, Trojan.Packed.28561, Trojan.Crossrider1.49350
44.19%

VIPRE Antivirus
InstallCore, OutBrowse, Trojan.Win32.Generic, Threat.4150696, Threat.4778314, Threat.4786018, Threat.4784459
41.86%

Sophos
Install Core, OutBrowse Revenyou, Ez Toolbar Downloader, PUA 'Install Core', PUA 'iBryte Optimum Installer'
39.53%

avast!
Win32:PUP-gen [PUP], Win32:Adware-gen [Adw], Win32:Malware-gen, Win32:Installer-J [PUP], Win32:IBryte-BT [PUP], Win32:OutBrowse-CH [PUP]
39.53%

ESET NOD32
Win32/InstallCore.FP potentially unwanted application, Win32/OutBrowse.L potentially unwanted application, Win32/InstallCore.BY potentially unwanted application
34.88%

F-Prot
W32/InstallCore.R3.gen, W32/InstallCore.P.gen, W32/Outbrowse.B.gen, W32/A-dbe1ec51, W32/Ibryte.C.gen, W32/DomaIQ.G.gen, W32/InstallCore.R.gen
27.91%

McAfee
Adware-OutBrowse, Artemis!AFEE33DB5926, Artemis!09A931BD7916, Trojan.Artemis!55BFF7EA8842, Adware-FOO!4EFD7B95BB67, Program.IBryte-FSU, Program.Adware-OutBrowse
25.58%

Malwarebytes
PUP.Optional.Outbrowse, PUP.Optional.Downloadster, PUP.Optional.Ibryte, PUP.Optional.InstallCore.A, PUP.Optional.OptimumInstaller.A
25.58%

AVG
MalSign.OutBrowse, Skodna.Generic, MalSign.Generic, Adware InstallCore, Adware Generic5, Adware Generic_s, Adware Skodna.Bundle
25.58%

The following domains resolved to the IP address 190.93.242.5.

File URLs download from 190.93.242.5.

 
Latest 30 of 873 download URLs

The geographical location of this IP address.

Country:
Costa Rica (CR)

Region:
San Jose

City:
San Jose

Coordinates:
9.93333, -84.0833

The ARIN network assigned organization for IP address 190.93.242.5.

Org name:
Latin American and Caribbean IP address Regional Registry

Org identifier:
LACNIC

Org country:
Uruguay (UY)

Org city:
Montevideo

Org address:
Rambla Republica de Mexico 6125

ARIN WHOIS:
NetRange: 190.0.0.0 - 190.255.255.255
CIDR: 190.0.0.0/8
OriginAS:
NetName: NET190
NetHandle: NET-190-0-0-0-1
Parent:
NetType: Allocated to LACNIC
Comment: This IP address range is under LACNIC responsibility for further
Comment: allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details, or check the
Comment: WHOIS server located at http://whois.lacnic.net
RegDate: 2005-06-17
Updated: 2010-07-21
Ref: http://whois.arin.net/rest/net/NET-190-0-0-0-1

OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/LACNIC

ReferralServer: whois://whois.lacnic.net

OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: 999-999-9999
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: http://whois.arin.net/rest/poc/LACNIC-ARIN

OrgAbuseHandle: LACNIC-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: 999-999-9999
OrgAbuseEmail: whois-contact@lacnic.net
OrgAbuseRef: http://whois.arin.net/rest/poc/LACNIC-ARIN


Autonomous System Assignment
ASNumber:
13335

ASName:
CLOUDFLARENET - CloudFlare, Inc.

ASHandle:
AS13335

Remove Malware from 190.93.242.5 - Powered by Reason Core Security