home

www.trustydownloads.com

Air Software  (via a Proxy Registrant)

Domain Information

The domain www.trustydownloads.com is registered by proxy through GODADDY.COM, LLC and was originally registered in January of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network. The domain is associated with the publisher Air Software who is located in Victoria, British Columbia in Canada.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Wednesday, January 30, 2013

Expires date:
Monday, January 30, 2017

Updated date:
Thursday, February 4, 2016

Root domain:
trustydownloads.com

Whois:
3 trustydownloads.com records

Scanner detections:
Detections  (56% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadManager.F, PUP.Installer.DownloadAssistant.J, PUP.Air Software.DownloadManager.Bundler (M), PUP.Air Software.Download.Bundler (M)
81.82%

VIPRE Antivirus
Iminent, Threat.4782985
36.36%

Malwarebytes
PUP.Optional.AirAdInstaller, PUP.Optional.AirInstaller
27.27%

K7 AntiVirus
Unwanted-Program
27.27%

avast!
Win32:Malware-gen, PUP-gen [PUP]
27.27%

Dr.Web
Trojan.SMSSend.4902, Trojan.SMSSend.4543
27.27%

Avira AntiVirus
ADWARE/Adware.Gen, ADWARE/Adware.Gen7
27.27%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
27.27%

AVG
BundleApp_r.D, Adware Generic_r
27.27%

ESET NOD32
Win32/AirAdInstaller (variant)
18.18%

Clam AntiVirus
Win.Malware.Agent3850084642/CRDF-1
9.09%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.AirInstaller.4
9.09%

ESET NOD32
Win32/AirAdInstaller.A potentially unwanted application
9.09%

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.AirInstaller
9.09%

F-Secure
Riskware.Gen:Variant.Application.Bundler
9.09%

The domain www.trustydownloads.com has been seen to resolve to the following 9 IP addresses.

192.230.92.93
192.230.92.93.ip.incapdns.net
August 8, 2016

199.83.132.93
199.83.132.93.ip.incapdns.net
June 29, 2016

104.130.124.96
May 17, 2016

50.63.202.44
ip-50-63-202-44.ip.secureserver.net
February 9, 2016

70.32.68.113
aamoiaqmqe.c05.gridserver.com
December 26, 2015

104.28.3.71
October 9, 2014

104.28.2.71
October 9, 2014

108.162.196.244
(CloudFlare)
April 13, 2014

108.162.197.244
(CloudFlare)
April 13, 2014

File downloads found at URLs served by www.trustydownloads.com.

1 / 68      (Adware)
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (Minecraft Setup.exe)

1 / 68      (Adware)
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (Minecraft Setup.exe)

1 / 68      (Adware)
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (minecraft setup.exe)

0 / 68
http://www.trustydownloads.com/.../virtualdj.exe  (install_virtualdj_home_v7.4.exe)

1 / 68
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (Minecraft.exe)

0 / 68
http://www.trustydownloads.com/.../safari.exe  (SafariSetup.exe)

0 / 68
http://www.trustydownloads.com/.../windowslivemoviemaker.exe  (wlsetup-web.exe)

0 / 68
http://www.trustydownloads.com/.../oovoo.exe  (ooVooSetup.exe)

1 / 68      (Adware)
http://www.trustydownloads.com/.../oovoo.exe  (oovoo setup.exe)

0 / 68
http://www.trustydownloads.com/.../Solitaire-Setup.exe  (air2a37.exe)

0 / 68
http://www.trustydownloads.com/.../tango.exe  (SetupTango.exe)

1 / 68      (Adware)
http://www.trustydownloads.com/.../oovoo.exe  (oovoo setup.exe)

29 / 68    (Adware)
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (minecraft setup.exe)

2 / 68      (Adware)
http://www.trustydownloads.com/.../YACSetup.exe  (yac setup.exe)

10 / 68    (Adware)
http://www.trustydownloads.com/.../oovoo.exe  (setup.exe)

10 / 68    (Adware)
http://www.trustydownloads.com/.../Minecraft-Setup.exe  (3cd7e418aa2704c9b53fd7a843f281c8)

The following 10 files have been seen to comunicate with www.trustydownloads.com in live environments.

TCP » 50.63.202.44:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.44:25
www.exe

TCP » 50.63.202.44:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 50.63.202.44:80
ContentSinder.exe (ContentSinder by ContentSinder Company)

TCP » 50.63.202.44:80
iLivid.exe (iLivid Download Manager by Bandoo Media)

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 50.63.202.44:80
produpd.exe (produpd.exe by Vested Development, Inc)

URL:
http://www.trustydownloads.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

Facebook:
Shares:  2

Statistics are for the previous month.

airinstaller.com

getsoftfree.com

downloadverse.com

downloadwiz.com

updatersoft.com

yesdownloads.com

zipdownloader.com

fastdownloaders.com

dlsoftware.org

airdwnlds.com

update14.com

realfreedownloads.com

software-updater.com

updaterspro.com

thanksfordownloading.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.