home

downloadair.com

FUSION INSTALL  (via a Proxy Registrant)

Domain Information

The domain downloadair.com is registered by proxy through TUCOWS DOMAINS INC. and was originally registered in January of 2014. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher FUSION INSTALL who is located in Kansas City, Missouri in the United States.
Registrar:
TUCOWS DOMAINS INC.

Server location:
Virginia, United States (US)

Create date:
Tuesday, January 14, 2014

Expires date:
Saturday, January 14, 2017

Updated date:
Wednesday, January 13, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Whois:
3 downloadair.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.BootCompute.F, PUP.Adknowledge.BootCompute.Bundler (M), PUP.Adknowledge.BootComp.Bundler (M), PUP.Adknowledge.INSTALLT.Installer (M), PUP.Softpulse (M)
100.00%

Emsisoft Anti-Malware
Gen:Variant.Kazy.439479
36.36%

VIPRE Antivirus
Threat.4778314
36.36%

Lavasoft Ad-Aware
Gen:Variant.Kazy.439479
36.36%

Sophos
iBryte Optimum Installer, PUA.iBryte Optimum Installer
36.36%

Comodo Security
Application.Win32.AgentCV.HWYE
36.36%

F-Secure
Gen:Variant.Kazy.439479
36.36%

Avira AntiVirus
TR/Kazy.439479.2
36.36%

Panda Antivirus
Trj/Genetic.gen
36.36%

ESET NOD32
Win32/AdWare.iBryte.BD (variant)
36.36%

AVG
Adware AdPlugin.AAZ
36.36%

MicroWorld eScan
Trojan.GenericKD.1618449, Gen:Variant.Kazy.439479
36.36%

nProtect
Trojan.GenericKD.1618449
36.36%

McAfee
Artemis!0FF2B0F7AD04
36.36%

Malwarebytes
PUP.Optional.GigaClicks.A
36.36%

The domain downloadair.com has been seen to resolve to the following 7 IP addresses.

54.210.180.22
ec2-54-210-180-22.compute-1.amazonaws.com
May 16, 2016

54.84.187.203
ec2-54-84-187-203.compute-1.amazonaws.com
April 20, 2016

52.20.167.28
ec2-52-20-167-28.compute-1.amazonaws.com
December 23, 2015

52.20.182.179
ec2-52-20-182-179.compute-1.amazonaws.com
December 15, 2015

52.2.5.65
ec2-52-2-5-65.compute-1.amazonaws.com
August 27, 2015

50.16.246.149
ec2-50-16-246-149.compute-1.amazonaws.com
August 28, 2014

54.243.162.14
ec2-54-243-162-14.compute-1.amazonaws.com
May 8, 2014

File downloads found at URLs served by downloadair.com.

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&creative_id=b&subid=bundesliga&subid2=www.sabah.com.tr&adprovider=google_downloadair.com&source=google_browsersafeguard-CPC-Display-DE-728x90-downloadair.com-41395645265&gclid=CMXh8ZmI0MACFRHHtAoduDgAig&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (e0105c0eb9cdbfb38f9962d7a44749c1)

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=CNipk6-o0MACFQaCMgodHVoAZA&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (f3f45c217c9992a2ec946bfcc2e62cee)

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&creative_id=b&subid=download&subid2=www.mkjogo.com&adprovider=google_downloadair.com&source=google_browsersafeguard-CPC-Display-DE-728x90-downloadair.com-41395645265&gclid=CN7GubPwzMACFaYIwwodhTYARA&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (a02e68e9e207a6b9b7fde27738d8cbf6)

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=CP7PsLOVy8ACFSgV7AodOBIAxQ&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (eb57b6adebd189795633706564e908a5)

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=CMzuzLCpzcACFWoR7AoddGQASQ&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (88136e0571326adb604ca35deb2ed925)

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&creative_id=b&subid=minecraft&subid2=www.netzwelt.de&adprovider=google_downloadair.com&source=google_browsersafeguard-CPC-Display-DE-300x250-downloadair.com-41395644185&gclid=CJaw5uDDosACFY_MtAodSHgAeA&dlink=http://secure.oinstaller6.com/g/.../Setup.exe  (4b83b44b01244db9b425391be6d8072c)

1 / 68      (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=CIXX5tOwy8ACFUZbfgodYEcA9g&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (60609a0911b12cabdf7de42d0226d9a6)

39 / 68    (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=CK6Wpvz_ysACFeRj7Aod3HAAjQ&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (95fb9a179d5384081922f59e32a16908)

39 / 68    (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=CMq92LbIy8ACFRSEfgodo4cAMA&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (ea9cf04bc5a4996a522d60442d0b3a44)

40 / 68    (Adware)
http://downloadair.com/track/install?button=green&subid=&subid2=www.youtube.com&adprovider=google_downloadair.com&source=google_downloadmanager-youtube-Display-US-480x70-downloadair.com-47225302625&gclid=COnop4T-u8ACFQQSMwodCE0Azw&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (3a62a24028927535322c63073dc3ef7b)

38 / 68    (Adware)
http://downloadair.com/track/install?button=green&creative_id=b&subid=download&subid2=systemexplorer.net&adprovider=google_downloadair.com&source=google_browsersafeguard-CPC-Display-DE-728x90-downloadair.com-41395645265&gclid=CMrEg_7CscACFaYIwwoduVgAwg&dlink=http://secure.oinstaller7.com/g/.../Setup.exe  (2da2529138e38d9888b3efc66f53654a)

The following 3 files have been seen to comunicate with downloadair.com in live environments.

TCP » 52.20.167.28:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.20.167.28:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.20.167.28:443
UCBrowser.exe (UC Browser by UCWeb)

May 8, 2014
www.downloadair.com

URL:
http://downloadair.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

fusioninstall.com

optimuminstaller.net

optimum-installer.com

adknowledge.com

wnloads.net

windows8startmenu.net

playbryte.com

browsersafeguard.com

freechamusic.com

voicemichat.com

adki.com

soft7zip.com

doucraigslist.com

softarmory.com

clearvideoplayer.com

mp3download-listen.com

downloadoney.com

maxwebsearch.com

blazebrowser.com

app-fire.com

zoomdownloader.com

freegamesverse.com

freedownloadly.com

playversegames.com

freesoftwarify.com

websearchy.com

downloadbits.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.