www.maastroy.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain www.maastroy.com is registered by proxy through ENOM, INC. and was originally registered in April of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Rivne, Rivnens'Ka Oblast' within Ukraine which resides on the RIPE Network Coordination Centre network.
Remove Malware from www.maastroy.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Rivnens'Ka Oblast', Ukraine (UA)

Create date:
Tuesday, April 29, 2014

Expires date:
Wednesday, April 29, 2015

Updated date:
Tuesday, April 29, 2014

ASN:
AS39084 UTKC SBA Dubrovskiy,UA

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SOFTWAREAGILITYLIMITED.i, PUP.SOFTWAREAGILITYLIMITED.b, PUP.SOFTWAREAGILITYLIMITED.Y, PUP.SOFTWAREAGILITYLIMITED.FF, PUP.SOFTWAREAGILITY.Bundler.Meta (M), PUP.SOFTWAREAGILITYLIMITED.u, PUP.SOFTWAREAGILITYLIMITED.W
100.00%

Dr.Web
Adware.Downware.3176, Trojan.DownLoader11.11161, Trojan.DownLoader11.9093
87.50%

AVG
MalSign.Bundle, Found Win32/DH{gRKBEyVXToEPAA}
87.50%

Malwarebytes
PUP.Optional.FilePile
75.00%

MicroWorld eScan
Gen:Variant.Graftor.141359, Gen:Variant.Adware.Graftor.143702
75.00%

avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen
75.00%

Bitdefender
Gen:Variant.Graftor.141359, Gen:Variant.Adware.Graftor.143702
75.00%

Emsisoft Anti-Malware
Gen:Variant.Graftor.141359, Gen:Variant.Adware.Graftor.143702
75.00%

G Data
Gen:Variant.Graftor.141359, Gen:Variant.Adware.Graftor.143702
75.00%

Lavasoft Ad-Aware
Gen:Variant.Graftor.141359, Gen:Variant.Adware.Graftor.143702
62.50%

F-Secure
Gen:Variant.Graftor.141359, Gen:Variant.Adware.Graftor.143702
62.50%

ESET NOD32
Win32/BundleInstaller.F potentially unwanted application
62.50%

VIPRE Antivirus
Threat.4150696
50.00%

Vba32 AntiVirus
AdWare.Amonetize, Downloader.Agent
50.00%

Kaspersky
not-a-virus:Downloader.Win32.Agent
50.00%

The domain www.maastroy.com has been seen to resolve to the following 3 IP addresses.

August 12, 2014

May 23, 2014

May 10, 2014

File downloads found at URLs served by www.maastroy.com.

24 / 68    (Adware)

22 / 68    (Adware)

22 / 68    (Adware)

1 / 68      (PUP)

23 / 68    (Adware)

13 / 68    (Adware)

11 / 68    (Adware)

4 / 68      (Adware)

URL:
http://www.maastroy.com/

Title:
“Fast File Downloader”

Web server:
nginx/1.4.7 (PHP/5.4.28-1~dotdeb.1)

Remove Malware from www.maastroy.com - Powered by Reason Core Security