home

download.installspeed.com

NameFind LLC

Domain Information

The domain download.installspeed.com registered by NameFind LLC was initially registered in June of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Tel Aviv, Tel Aviv within Israel which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Tel Aviv, Israel (IL)

Create date:
Tuesday, June 10, 2014

Expires date:
Friday, June 10, 2016

Updated date:
Thursday, April 7, 2016

ASN:
AS6461 MFNX MFN - Metromedia Fiber Network

Root domain:
installspeed.com

Whois:
3 installspeed.com records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bandoo.BandooMedia.Installer (M), PUP.Bandoo.BandooMe.Installer (M), Win32.Generic, PUP.ILivid.WebBar (M), PUP.Bandoo (M)
100.00%

Kaspersky
not-a-virus:WebToolbar.Win32.SearchSuite, not-a-virus:WebToolbar.Win64.SearchSuite
4.00%

Malwarebytes
PUP.Optional.Bandoo
2.00%

K7 AntiVirus
Trojan
2.00%

F-Prot
W32/SearchSuite.B
2.00%

NANO AntiVirus
Riskware.Win32.Bandoo.dgnlaz
2.00%

Dr.Web
Adware.Bandoo.194
2.00%

VIPRE Antivirus
iLivid
2.00%

Avira AntiVirus
PUA/SeaSuite.inze
2.00%

G Data
Win32.Application.Agent.QWTDFV
2.00%

AhnLab V3 Security
PUP/Win32.SearchSuite
2.00%

ESET NOD32
Win32/Toolbar.SearchSuite potentially unwanted application
2.00%

IKARUS anti.virus
PUA.Soffer
2.00%

AVG
Adware Generic_r
2.00%

Trend Micro House Call
Suspicious_GEN.F47V0221
2.00%

The domain download.installspeed.com has been seen to resolve to the following 3 IP addresses.

208.73.211.70
April 9, 2016

141.8.224.239
October 13, 2015

94.31.0.25
94.31.0.25.IPYX-076665-ZYO.above.net
June 26, 2014

File downloads found at URLs served by download.installspeed.com.

1 / 68      (PUP)
http://download.installspeed.com/iLividSetup.exe  (ilividsetup-r1799-n-bc.exe)

The following 20 files have been seen to comunicate with download.installspeed.com in live environments.

TCP » 94.31.0.25:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 94.31.0.25:80
FreeScreenVideo.exe (FreeScreen2Video by Koyote Soft)

TCP » 94.31.0.25:80
setup21_freeconverter.exe (Free mp3 Wma Converter by Bandoo Media Inc)

TCP » 94.31.0.25:80
setup_freevideoconverter.exe (Free Video Converter by Bandoo Media Inc)

TCP » 94.31.0.25:80
700d4b1585aaf7497320bf79add541c19984a2ee0ec7b733d0cac144b2136fd7 (Free Easy CD DVD Burner by Koyote-Lab Inc)

TCP » 94.31.0.25:80
freeflvconvertersetup-r20-n-bc.exe (Free FLV Converter by Koyote-Lab Inc)

TCP » 94.31.0.25:80
setup_31freevideoconverter.exe (Free Video Converter by Bandoo Media Inc)

TCP » 94.31.0.25:80
f_0002b2 (Free Easy CD DVD Burner by Koyote-Lab Inc)

TCP » 94.31.0.25:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 141.8.224.239:80
dislike.crx

TCP » 141.8.224.239:443
droppad.crx

TCP » 208.73.211.70:80
videostream-elfana.crx

TCP » 208.73.211.70:443
droppad.crx

TCP » 208.73.211.70:443
droppad.crx

TCP » 94.31.0.25:80
FreeFLVConverterSetup-r119-n-bc.exe (Free FLV Converter by Koyote-Lab Inc)

TCP » 94.31.0.25:80
freevideoconvertersetup-r144-n-bi.exe (Free Video Converter by Koyote-Lab Inc)

TCP » 94.31.0.25:80
setup_freeburner.exe (Free Easy CD DVD Burner by Bandoo Media Inc)

TCP » 94.31.0.25:80
VideosToDVD.exe (Videos To DVD Converter by Koyote Soft)

TCP » 94.31.0.25:80
setup_freeflvconverter.exe (Free FLV Converter by Bandoo Media Inc)

TCP » 94.31.0.25:80
freehdconvertersetup.exe (Free HD Converter by Koyote-Lab)

 
Latest 20 of 20 files

URL:
http://download.installspeed.com/

Title:
“installspeed.com”

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.