home

download.driverturbo.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain download.driverturbo.com is registered by proxy through ENOM, INC. and was originally registered in March of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
ENOM, INC.

Server location:
California, United States (US)

Create date:
Thursday, March 29, 2012

Expires date:
Sunday, March 29, 2020

Updated date:
Monday, January 25, 2016

ASN:
AS4436 AS-GTT-4436 - nLayer Communications, Inc.,US

Root domain:
driverturbo.com

Whois:
2 driverturbo.com records

Scanner detections:
Detections  (63% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DeskToolsSoft.Installer.Meta (L), PUP.DeskToolsSoft (L)
100.00%

The domain download.driverturbo.com has been seen to resolve to the following 2 IP addresses.

198.232.127.32
32-127-232-198.static.unitasglobal.net
March 12, 2015

108.161.188.64
February 3, 2014

File downloads found at URLs served by download.driverturbo.com.

0 / 68
http://download.driverturbo.com/DriverTurboSetup.exe  (a6ac266c05ebf53778e47bc3169b4180)

0 / 68
http://download.driverturbo.com/DriverTurboSetup.exe  (8aa93883dc5c17ca0df900a431c46570)

0 / 68
http://download.driverturbo.com/DriverTurboSetup.exe  (1_spdl_3.tmp)

1 / 68      (PUP)
http://download.driverturbo.com/DriverTurboSetup.exe  (cf2d35da099a5152e6145b311218d867)

1 / 68      (PUP)
http://download.driverturbo.com/DriverTurboSetup.exe  (ccb991aa344770af28d26c17f35aefee)

1 / 68      (PUP)
http://download.driverturbo.com/DriverTurboSetup.exe  (09d024f5167e0019aae70092a13cce6a)

1 / 68      (PUP)
http://download.driverturbo.com/DriverTurboSetup.exe  (70b9e5a681a3aeabbc05e75248ceb747)

1 / 68      (PUP)
http://download.driverturbo.com/DriverTurboSetup.exe  (04ab6ecdec6d65c5abbb20ce54ad704d)

The following 24 files have been seen to comunicate with download.driverturbo.com in live environments.

TCP » 198.232.127.32:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 198.232.127.32:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 198.232.127.32:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.127.32:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.127.32:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.127.32:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.127.32:443
UCBrowser.exe (by UCWeb)

TCP » 198.232.127.32:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 198.232.127.32:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.127.32:80
emuletorrent.exe

TCP » 198.232.127.32:80
driverturbosetup.exe

TCP » 198.232.127.32:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 198.232.127.32:443
browserairexec.exe (BrowserAir by Goobzo)

TCP » 198.232.127.32:80
emuletorrent.exe

TCP » 198.232.127.32:80
fnafworldsetup.exe

TCP » 198.232.127.32:80
e2e7fd8e8f58544352b274d0fe864c92.exe

TCP » 198.232.127.32:80
browser.exe (Speed Browser by Smart Applications)

TCP » 198.232.127.32:443
secureassist.exe (SecureAssist.exe by SecureAssist)

TCP » 198.232.127.32:80
jingling.exe

TCP » 198.232.127.32:443
online-guardian-v2.0.9.exe

 
Latest 20 of 37 files

URL:
http://download.driverturbo.com/

Web server:
NetDNA-cache/2.2

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.