download.totalsystemcare.org

SafeBytes Software Inc.

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Registrar:
eNom, Inc.

Server location:
Washington, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.V, PUP.Optional.Installer.AA, Win32.Generic.SafeBytesSoftware.Installer.Meta
100.00%

Trend Micro House Call
TROJ_GEN.F47V0516, TROJ_GEN.R00UH07C914, Suspicious_GEN.F47V0625, Suspici.B21A095B, Suspicious_GEN.F47V0712
29.41%

Dr.Web
BackDoor.Cybergate.1, Program.Unwanted.1015
17.65%

ESET NOD32
Detection.Undefined
11.76%

avast!
Win32:Adware-BLN [Adw], Win32:Malware-gen
11.76%

NANO AntiVirus
Trojan.Win32.Autoit.dbiolu
11.76%

MicroWorld eScan
Trojan.GenericKD.1602076
5.88%

nProtect
Trojan.GenericKD.1602076
5.88%

McAfee
Artemis!37BD65F12E99
5.88%

K7 AntiVirus
Riskware
5.88%

Norman
Suspicious_Gen4.FXLPV
5.88%

Kaspersky
Trojan-Dropper.Win32.FrauDrop
5.88%

Bitdefender
Trojan.GenericKD.1602076
5.88%

Lavasoft Ad-Aware
Trojan.GenericKD.1602076
5.88%

Sophos
Mal/Generic-S
5.88%

The domain download.totalsystemcare.org has been seen to resolve to the following 107 IP addresses.

server-52-85-131-6.iad53.r.cloudfront.net
May 20, 2016

server-52-85-131-61.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-188.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-181.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-160.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-147.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-144.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-66.iad53.r.cloudfront.net
May 16, 2016

server-52-85-131-217.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-162.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-157.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-139.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-121.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-60.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-54.iad53.r.cloudfront.net
April 14, 2016

server-52-85-131-21.iad53.r.cloudfront.net
April 14, 2016

server-54-230-102-182.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-149.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-121.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-110.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-42.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-41.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-33.iad2.r.cloudfront.net
March 3, 2016

server-54-230-102-13.iad2.r.cloudfront.net
March 3, 2016

server-54-192-195-178.iad53.r.cloudfront.net
February 22, 2016

server-54-192-195-161.iad53.r.cloudfront.net
February 22, 2016

server-54-192-195-95.iad53.r.cloudfront.net
February 22, 2016

server-54-192-195-89.iad53.r.cloudfront.net
February 22, 2016

server-54-192-195-227.iad53.r.cloudfront.net
February 22, 2016

server-54-192-195-221.iad53.r.cloudfront.net
February 22, 2016

 
Showing 30 of 107 IP Addresses

File downloads found at URLs served by download.totalsystemcare.org.

1 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

26 / 68    (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

3 / 68      (PUP)

The following 124 files have been seen to comunicate with download.totalsystemcare.org in live environments.

 
Latest 20 of 151 files

URL:
http://download.totalsystemcare.org/

Network:
Amazon Cloudfront

Web server:
AmazonS3