The domain trk.airinstaller.com is registered by proxy through ENOM, INC. and was originally registered in May of 2011. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Digital Ocean, Inc. network. The domain is associated with the publisher Air Software who is located in Victoria, British Columbia in Canada.
Server location:
New York, United States (US)
Create date:
Thursday, May 12, 2011
Expires date:
Thursday, May 12, 2016
Updated date:
Saturday, May 2, 2015
ASN:
AS14061 DIGITALOCEAN-ASN - Digital Ocean, Inc.
Scanner detections:
Detections (98% detected)
Scan engine
Details
Detections
Reason Heuristics
DownloadManager.AirSoftware.M, DownloadManager.AirSoftware.K, DownloadManager.AirSoftware.F, DownloadManager.Bundler.Air Software, PUP.Air Software.AirSoftware.Bundler (M), PUP.Solimba.Bechiro.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), Threat.Win.Reputation.IMP, PUP.Adknowledge (M), PUP.Air Software (M)
100.00%
VIPRE Antivirus
AirInstaller, Threat.4782985, DownloadMR
44.90%
K7 AntiVirus
Unwanted-Program , Trojan , Adware
44.90%
Sophos
AirInstaller, PUA 'AirInstaller', Solimba Installer, PUA.AirInstaller
44.90%
Comodo Security
Application.Win32.AirAdInstaller.B, Application.Win32.AirAdInstaller.A, Application.Win32.Solimba.L
44.90%
Dr.Web
Trojan.SMSSend.4684, Adware.Downware.1410, Adware.Downware.1167, Adware.Downware.963, Adware.Downware.10718, Adware.Downware.1302
44.90%
Avira AntiVirus
ADWARE/Adware.Gen, ADWARE/Adware.Gen7, Adware/AirInst.2556, APPL/Solimba.Gen, TR/Zusy.bmjkonyb
44.90%
Vba32 AntiVirus
AdWare.AirAdInstaller, TScope.Trojan.MSIL
44.90%
Rising Antivirus
PE:PUF.Airinstall!1.9C4C, PE:PUF.FirseriaInstaller@CV!1.5C42
44.90%
IKARUS anti.virus
Win32.AdWare, AdWare.Airinstall, PUA.AirAdInstaller, Win32.Malware, PUA.Bechiro
44.90%
AVG
Generic_r, Adware Generic_r.JA, Adware Generic_r.IW, Adware InstallCore.RT, Adware InstallCore.RV, Skodna.Generic
44.90%
NANO AntiVirus
Riskware.Win32.AirAdInstaller.cwbltv, Riskware.Win32.Downware.cwfgel, Riskware.Win32.AirAdInstaller.cxhlas, Riskware.Win32.AirAdInstaller.cwbyev
42.86%
F-Prot
W32/AirInstall.C.gen, W32/AirInstall.A.gen, W32/AirInstall.D.gen, W32/AirInstall.A8.gen
42.86%
Qihoo 360 Security
Malware.QVM01.Gen, Malware.QVM20.Gen
42.86%
Zillya! Antivirus
Adware.AirAdInstaller.Win32.134, Adware.AirAdInstaller.Win32.8, Adware.AirAdInstaller.Win32.9, Adware.AirAdInstaller.Win32.100
40.82%
The domain trk.airinstaller.com has been seen to resolve to the following 7 IP addresses.
108.168.218.35-static.reverse.softlayer.com
May 3, 2015
173.192.195.228-static.reverse.softlayer.com
May 3, 2015
173.192.195.226-static.reverse.softlayer.com
September 5, 2014
justice.airinstaller.com
May 31, 2014
uswestmeganode1.airinstaller.com
May 7, 2014
chicago.airinstaller.com
May 1, 2014
50.23.68.85-static.reverse.softlayer.com
April 13, 2014
File downloads found at URLs served by trk.airinstaller.com.
Latest 30 of 52 download URLs
The following file have been seen to comunicate with trk.airinstaller.com in live environments.
URL:
http://trk.airinstaller.com/
Title:
“Air Installer ™”
Description:
“Air Installer”
Web server:
Apache/2.2.22 (Ubuntu) (PHP/5.4.31-1+deb.sury.org~precise+1)
Related Domains