home

get.downloaddesktop2.com

OutBrowse

Domain Information

The domain get.downloaddesktop2.com registered by OutBrowse was initially registered in June of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Victoria, Australia (AU)

Create date:
Friday, June 27, 2014

Expires date:
Saturday, June 27, 2015

Updated date:
Friday, June 27, 2014

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited, AU

Root domain:
downloaddesktop2.com

Whois:
1 downloaddesktop2.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.OUTBROWSE.F, PUP.QuickDownloader.H, PUP.Installer.OUTBROWSE.K, PUP.Outbrowse.Bundler (M), PUP.Adlogica.QuickDow.Bundler (M)
94.74%

VIPRE Antivirus
Threat.4784459, Threat.4786018, OutBrowse, Threat.4823950, Threat.5063361, Threat.4150696
68.42%

Dr.Web
Adware.Downware.2081, Adware.Downware.7885, infected with Trojan.Packed.28387, Adware.Downware.6169
63.16%

McAfee
Adware-OutBrowse, Adware-OutBrowse.a
63.16%

Malwarebytes
PUP.Optional.OutBrowse, PUP.Optional.Outbrowse
63.16%

K7 AntiVirus
Unwanted-Program
63.16%

Avira AntiVirus
APPL/Downloader.Gen, APPL/OutBrowse.AA, APPL/OutBrowse.lwasp
63.16%

Kaspersky
not-a-virus:AdWare.Win32.OutBrowse
57.89%

Sophos
OutBrowse Revenyou, PUA 'OutBrowse Revenyou'
57.89%

AVG
Generic
57.89%

Agnitum Outpost
PUA.OutBrowse
52.63%

G Data
Win32.Application.Outbrowse
52.63%

ESET NOD32
Win32/OutBrowse.Y potentially unwanted application, Win32/OutBrowse.AA potentially unwanted application, Win32/OutBrowse.AC potentially unwanted application
47.37%

NANO AntiVirus
Trojan.Win32.Generic.dbxkzp, Trojan.Win32.OutBrowse.ddvyee, Trojan.Win32.OutBrowse.deinil, Trojan.Win32.OutBrowse.deioif
47.37%

AhnLab V3 Security
PUP/Win32.OutBrowse
47.37%

The domain get.downloaddesktop2.com has been seen to resolve to the following 7 IP addresses.

103.224.182.207
lb-182-207.above.com
May 19, 2016

50.19.236.133
ec2-50-19-236-133.compute-1.amazonaws.com
September 18, 2014

184.72.220.88
ec2-184-72-220-88.compute-1.amazonaws.com
September 6, 2014

54.243.74.132
ec2-54-243-74-132.compute-1.amazonaws.com
September 5, 2014

54.243.117.203
ec2-54-243-117-203.compute-1.amazonaws.com
September 5, 2014

23.21.207.137
ec2-23-21-207-137.compute-1.amazonaws.com
September 5, 2014

23.21.246.221
ec2-23-21-246-221.compute-1.amazonaws.com
August 1, 2014

File downloads found at URLs served by get.downloaddesktop2.com.

1 / 68      (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&clickid=c8a894d5245479de9040c7b9264be392&d1=11961&d2=-1&d3=-1&d4=-1&d5=-1&filename=setup  (setup.exe)

1 / 68      (Adware)
http://get.downloaddesktop2.com/.../Get?baidusign=12123331&baidurand=11617  (setup.exe)

1 / 68      (Adware)
http://get.downloaddesktop2.com/.../Get?baidusign=12123331&baidurand=11617  (setup.exe)

1 / 68      (Adware)
http://get.downloaddesktop2.com/DownloadManager/GetALGK4?p=1955&d=3208&l=5187&n=1&productname=Firefox&d1=31410&exeurl=https://download-installer.cdn.mozilla.net/pub/firefox/releases/30.0/win32/en-US/Firefox Setup Stub 30.0.exe&filename=Firefox&tyurl=http://www.postdownload.net/.../redirect.php?id=ctf9jfqh3fk56un9kq6r9v1i57oubsof7hgkr1oqphb6km8mlgh1-c5e062612bdc19cbcc09ac1331764a04&d=ez-download.com&p=Firefox&pid=3  (firefox.exe)

1 / 68      (Adware)
http://get.downloaddesktop2.com/.../Get?baidusign=12123331&baidurand=11484  (setup.exe)

1 / 68      (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&clickid=7c7eb5845bd96ab42a435049c1c07116&d1=11961&d2=-1&d3=-1&d4=-1&d5=-1&filename=setup  (setup.exe)

17 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=10313&clickid=125dca546838d890165c97a54cec74a9  (setup.exe)

18 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=11961&clickid=b5a7f57b66e0a80500fff6e9208a7e03  (setup.exe)

17 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=10313&clickid=0c548b2e4ae0c40b277bb017328dabf7  (setup.exe)

20 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&clickid=4e12da6221c065580eacdfdc7debe81f&d1=11961&d2=-1&d3=-1&d4=-1&d5=-1&filename=setup  (setup.exe)

18 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=11961&clickid=ad5b9048038403d254fa9f1279782459  (setup.exe)

18 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=11961&clickid=ad5b9048038403d254fa9f1279782459  (setup.exe)

19 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=11961&clickid=ad5b9048038403d254fa9f1279782459  (setup.exe)

14 / 68    (Adware)
http://get.downloaddesktop2.com/DownloadManager/GetALGK4?p=1955&d=18257&l=5187&n=1&productname=Firefox&d1=73932&filename=Firefox&tyurl=http://www.postdownload.net/.../redirect.php?id=je6g13q8lhfu0pr63g7hgn18a8amet71tlo58o5v4nr00jg3mu10-297671d57c498667a44791003d66d73b&d=downloadinfo.co&p=Firefox&pid=3  (firefox.exe)

11 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&d1=10313&clickid=10592382abe1ef14448e4e1a3700ca85  (setup.exe)

17 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&clickid=da4478c0e4625430d2322386fdc21da1&d1=11961&d2=-1&d3=-1&d4=-1&d5=-1&filename=setup  (setup.exe)

14 / 68    (Adware)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&clickid=ee2a95dd194f2be943f977d35d6825f4&d1=11961&d2=-1&d3=-1&d4=-1&d5=-1&filename=setup  (setup.exe)

14 / 68    (PUP)
http://get.downloaddesktop2.com/.../Get?p=3005&d=1775&l=1694&n=0&clickid=b0e9a67d205899f8f8a605bffa7dfb75&d1=11961&d2=-1&d3=-1&d4=-1&d5=-1&filename=setup  (setup.exe)

8 / 68      (Adware)
http://get.downloaddesktop2.com/DownloadManager/GetALGK4?p=1955&d=3208&l=5187&n=1&productname=Firefox&d1=51921&exeurl=https://download-installer.cdn.mozilla.net/pub/firefox/releases/30.0/win32/en-US/Firefox Setup Stub 30.0.exe&filename=Firefox&tyurl=http://www.postdownload.net/.../redirect.php?id=i5lng7o7cmdj6covlecr071a9a12qppe8gej1f7keg1phs53b3c1-48715f9bc069937e51acb019e8faf639&d=ez-download.com&p=Firefox&pid=3  (firefox.exe)

The following 15 files have been seen to comunicate with get.downloaddesktop2.com in live environments.

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80
pooface.exe (Ja)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
fuzezipsetup.exe (Fuze Zip by Koyote Soft)

TCP » 103.224.182.207:80
CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 103.224.182.207:80
emuletorrent.exe

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:443
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
BruteforceSaveData.exe (Bruteforce Save Data by 2014 by Aldo Vargas - http://www.aldostools.org)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80
online-guardian.exe

TCP » 103.224.182.207:80
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80
cshpfaba.exe

URL:
http://get.downloaddesktop2.com/

Title:
“Landing Mac”

Web server:
Microsoft-IIS/7.0 (ASP.NET)

1-vinstaller.com

123mplayer.com

default-page.com

downloadcobra.com

downloaddesktop3.com

flashupdatenow.com

freedownloadshare.com

freemp3go.com

generalfiles.net

grangames.com

mannesoth.com

mi-fashion.com

onedownloader.com

proplayersetup.com

secondnaturecd.com

smile-files.com

softwarepsr.com

styleapplicationzillion.com

toolboox.com

ultimate-torrents.com

yacristoviene.com

app2desktop.com

desk2opapps.com

down1oad4desktop.com

download2desktop.com

downloaddesktop3.net

file2desktop.com

mmtrktw.org

download-desktop-file.com

downloaddesktop3.org

30 of 45 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.