www.trustydownloads.com

Air Software  (via a Proxy Registrant)

Domain Information

The domain www.trustydownloads.com is registered by proxy through GODADDY.COM, LLC and was originally registered in January of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network. The domain is associated with the publisher Air Software who is located in Victoria, British Columbia in Canada.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Wednesday, January 30, 2013

Expires date:
Monday, January 30, 2017

Updated date:
Thursday, February 04, 2016

Scanner detections:
Detections  (56% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadManager.F, PUP.Installer.DownloadAssistant.J, PUP.Air Software.DownloadManager.Bundler (M), PUP.Air Software.Download.Bundler (M)
81.82%

VIPRE Antivirus
Iminent, Threat.4782985
36.36%

Malwarebytes
PUP.Optional.AirAdInstaller, PUP.Optional.AirInstaller
27.27%

K7 Gateway Antivirus
Unwanted-Program
27.27%

K7 AntiVirus
Unwanted-Program
27.27%

avast!
Win32:Malware-gen, PUP-gen [PUP]
27.27%

Dr.Web
Trojan.SMSSend.4902, Trojan.SMSSend.4543
27.27%

Avira AntiVirus
ADWARE/Adware.Gen, ADWARE/Adware.Gen7
27.27%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
27.27%

AVG
BundleApp_r.D, Adware Generic_r
27.27%

ESET NOD32
Win32/AirAdInstaller (variant)
18.18%

Clam AntiVirus
Win.Malware.Agent3850084642/CRDF-1
9.09%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.AirInstaller.4
9.09%

ESET NOD32
Win32/AirAdInstaller.A potentially unwanted application
9.09%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.AirInstaller
9.09%

The domain www.trustydownloads.com has been seen to resolve to the following 9 IP addresses.

192.230.92.93.ip.incapdns.net
August 8, 2016

199.83.132.93.ip.incapdns.net
June 29, 2016

May 17, 2016

ip-50-63-202-44.ip.secureserver.net
February 9, 2016

aamoiaqmqe.c05.gridserver.com
December 26, 2015

October 9, 2014

October 9, 2014

(CloudFlare)
April 13, 2014

(CloudFlare)
April 13, 2014

File downloads found at URLs served by www.trustydownloads.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

0 / 68
http://www.trustydownloads.com/.../virtualdj.exe  (install_virtualdj_home_v7.4.exe)

1 / 68      (Adware)

1 / 68      (Adware)

33 / 68    (Adware)

2 / 68      (Adware)

11 / 68    (Adware)

11 / 68    (Adware)
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (3cd7e418aa2704c9b53fd7a843f281c8)

The following 10 files have been seen to comunicate with www.trustydownloads.com in live environments.

URL:
http://www.trustydownloads.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

Facebook:
Shares:  2

Statistics are for the previous month.