home

antivirus.everydownload.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain antivirus.everydownload.net is registered by proxy through ENOM, INC. and was originally registered in February of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Culver City, California within the United States which resides on the Media Temple, Inc. network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Wednesday, February 26, 2014

Expires date:
Sunday, February 26, 2017

Updated date:
Wednesday, January 27, 2016

ASN:
AS31815 MEDIATEMPLE - Media Temple, Inc.,US

Root domain:
everydownload.net

Whois:
3 everydownload.net records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadAssistant.O, PUP.Installer.Air Software, PUP.Air Software.DownloadAssistant.Bundler (M), PUP.Air Software.DownloadManager.Bundler (M), PUP.Air Software.DownloadHelper.Bundler (M), PUP.Air Software.Download.Bundler (M)
100.00%

VIPRE Antivirus
Threat.4782985
62.50%

Malwarebytes
PUP.Optional.DownloadAssistant, PUP.Optional.BundleInstaller.A
62.50%

Dr.Web
Adware.Conduit.170, Trojan.Vittalia.30, Trojan.DownLoader12.16985
50.00%

Bitdefender
Application.Bundler.FX, Gen:Variant.Application.Bundler.32, Gen:Variant.Application.Bundler.AirInstaller.5
50.00%

G Data
Application.Bundler.FX, Gen:Variant.Application.Bundler.32, Gen:Variant.Application.Bundler.AirInstaller
50.00%

avast!
Win32:Adware-gen [Adw], Win32:Adware-CKC [PUP]
37.50%

NANO AntiVirus
Riskware.Win32.Conduit.dhhkky, Trojan.Win32.Vittalia.dqfrig, Trojan.Win32.DownLoader12.dncixg
37.50%

F-Secure
Riskware.Gen:Variant.Application.Bundler
37.50%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.32, Gen:Variant.Application.Bundler.AirInstaller
37.50%

ESET NOD32
Win32/DownloadAssistant.A potentially unwanted application
37.50%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.32, Gen:Variant.Application.Bundler.AirInstaller.5
37.50%

MicroWorld eScan
Gen:Variant.Application.Bundler.32, Gen:Variant.Application.Bundler.AirInstaller.5
37.50%

AhnLab V3 Security
PUP/Win32.Bundler, PUP/Win32.DownloadAssistant
37.50%

AVG
Generic
37.50%

The domain antivirus.everydownload.net has been seen to resolve to the following IP address.

70.32.100.117
82zt-lzck.accessdomain.com
October 20, 2014

File downloads found at URLs served by antivirus.everydownload.net.

1 / 68      (Adware)
http://antivirus.everydownload.net/avg-free/.../  (AVG_Free_Setup.exe)

1 / 68      (Adware)
http://antivirus.everydownload.net/avg-free/.../  (avg_free_setup.exe)

17 / 68    (Adware)
http://antivirus.everydownload.net/avg-free/.../  (AVG_Free_Setup.exe)

1 / 68      (Adware)
http://antivirus.everydownload.net/avg-free/.../  (avg_free_setup.exe)

21 / 68    (Adware)
http://antivirus.everydownload.net/avg-free/.../  (AVG_Free_Setup.exe)

15 / 68    (Adware)
http://antivirus.everydownload.net/avg-free/.../  (AVG_Free_Setup.exe)

14 / 68    (Adware)
http://antivirus.everydownload.net/avg-free/.../  (avg_free_setup.exe)

7 / 68      (Adware)
http://antivirus.everydownload.net/avg-free/.../  (avg_free_setup.exe)

URL:
http://antivirus.everydownload.net/

Web server:
nginx (PleskLin)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.