home

plutodownload.com

Contact Privacy Inc. Customer 0135242624  (Proxy Registrant)

Domain Information

The domain plutodownload.com is registered by proxy through TUCOWS DOMAINS INC. and was originally registered in July of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
TUCOWS DOMAINS INC.

Server location:
Virginia, United States (US)

Create date:
Wednesday, July 31, 2013

Expires date:
Sunday, July 31, 2016

Updated date:
Saturday, August 8, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Whois:
2 plutodownload.com records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PluginUpdateSL.F, PUP.Adknowledge.INSTALLTHIS.Installer (M), PUP.Adknowledge.BootCompute.Bundler (M), PUP.Adknowledge.INSTALLT.Installer (M)
100.00%

avast!
Win32:SoftPulse-AH [PUP], PUP-gen [PUP], Win32:PUP-gen [PUP]
75.00%

VIPRE Antivirus
Threat.4150696, Threat.4778314
75.00%

AVG
Found Win32/DH{gRJ UIEHeVRPFVGBFYEJHFOBE0GBDw}, Adware AdPlugin
75.00%

Dr.Web
Trojan.DownLoader11.24441, Trojan.DownLoader11.17710, Trojan.DownLoader11.31388
75.00%

Kaspersky
not-a-virus:AdWare.Win32.SoftPulse, Trojan.Win32.Badur, Trojan-Clicker.Win32.Agent
75.00%

Avira AntiVirus
TR/Dropper.Gen, APPL/OpenInst.pepqu, TR/Kazy.439479.2
75.00%

MicroWorld eScan
Application.Bundler.SoftPulse.A, Gen:Variant.Graftor.147016, Gen:Variant.Kazy.439479
75.00%

McAfee
Socrydo, Trojan.Artemis!31DDC3E1C7AF, Artemis!0FF2B0F7AD04
75.00%

Malwarebytes
PUP.Optional.DomaIQ.Gen, PUP.Optional.iBryte, PUP.Optional.GigaClicks.A
75.00%

K7 AntiVirus
Unwanted-Program , Riskware
75.00%

NANO AntiVirus
Trojan.Win32.DownLoader11.ddviag, Trojan.Win32.Buzus.dcusci, Trojan.Win32.Adpeak.cumkpw
75.00%

Norman
Malware, IBryte.PDB
75.00%

Clam AntiVirus
Win.Trojan.Domaiq-59, Win.Adware.Ibryte-592
75.00%

Bitdefender
Application.Bundler.SoftPulse.A, Gen:Variant.Graftor.147016, Gen:Variant.Kazy.439479
75.00%

The domain plutodownload.com has been seen to resolve to the following 4 IP addresses.

54.84.187.203
ec2-54-84-187-203.compute-1.amazonaws.com
April 22, 2016

54.210.180.22
ec2-54-210-180-22.compute-1.amazonaws.com
April 4, 2016

52.22.129.36
ec2-52-22-129-36.compute-1.amazonaws.com
January 30, 2016

107.21.120.240
ec2-107-21-120-240.compute-1.amazonaws.com
December 2, 2014

File downloads found at URLs served by plutodownload.com.

1 / 68      (Adware)
http://plutodownload.com/track/install?button=green&subid=software&subid2=www.whited00r.com&adprovider=google_plutodownload.com&source=google_browsersafeguard-Display-malavida-FR-336x280-plutodownload.com-39795564738&dlink=http://secure.oinstaller6.com/g/.../Setup.exe  (021b5632c693b68c7cb7ce54a443ec4a)

39 / 68    (Adware)
http://plutodownload.com/track/install?button=green&subid=download&subid2=download.cnet.com&adprovider=google_plutodownload.com&source=google_fileopenerpro-Display-US-728x90-plutodownload.com-52984835418&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (e4e3448a9792ff82a028664d19eb7e44)

34 / 68    (Adware)
http://plutodownload.com/track/install?button=green&creative_id=b&subid=jeux pc&subid2=www.webplay.fr&adprovider=google_plutodownload.com&source=google_browsersafeguard-Display-malavida-FR-336x280-plutodownload.com-40174732458&dlink=http://secure.oinstaller6.com/g/.../Setup.exe  (d428d50c98a680356a422026fc5d466f)

28 / 68    (Adware)
http://plutodownload.com/track/install?button=green&creative_id=b&subid=software&subid2=ipod2g.info&adprovider=google_plutodownload.com&source=google_browsersafeguard-Display-malavida-FR-300x250-plutodownload.com-39786036018&dlink=http://secure.oinstaller6.com/g/.../Setup.exe  (27b6fe7c1a9f8cd726edad909352e1a6)

URL:
http://plutodownload.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.