home

mystart.toolbarstart.com

Visicom Media inc.

Domain Information

The domain mystart.toolbarstart.com registered by Visicom Media inc. was initially registered in February of 2010 through DNC HOLDINGS, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Atlanta, Georgia within the United States which resides on the NationalNet, Managed Services network.
Registrar:
DNC HOLDINGS, INC.

Server location:
Georgia, United States (US)

Create date:
Wednesday, February 10, 2010

Expires date:
Friday, February 10, 2017

Updated date:
Sunday, December 27, 2015

ASN:
AS22384 NATIONALNET-1 - NationalNet, Inc.,US

Root domain:
toolbarstart.com

Whois:
1 toolbarstart.com record

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MyStartToolbarInstaller.VisicomMedia.W, PUP.MyStartToolbarInstaller.VisicomMedia.O, PUP.Visicom.MyStartToolbarInstaller.Installer, PUP.Visicom.VisicomMedia.Installer (M), Adware.MyStart (M), Win32.Generic, PUP.Visicom.VisicomM.Installer (M), PUP.Visicom.VisicomM.Installer.Meta (M)
100.00%

Malwarebytes
PUP.Optional.MyStartTB.A, PUP.Optional.MyStartTB.ShrtCln
30.77%

Dr.Web
Tool.InstallToolbar.129, Adware.Shopper.489, Adware.Toolbar.272, Adware.Toolbar.283, hacktool program Tool.InstallToolbar.174, Adware.Toolbar.283
30.77%

ESET NOD32
Win32/Toolbar.Visicom (variant), Win32/Toolbar.Visicom.A potentially unwanted (variant)
30.77%

Trend Micro House Call
TROJ_GEN.F47V0412, Suspicious_GEN.F47V0731, Suspici.8C7FCC2E, TROJ_GEN.R08NH07BJ15, TROJ_GEN.R047H07BJ15
23.08%

Fortinet FortiGate
Riskware/Toolbar_Visicom, Riskware/Visicom, Riskware/Agent
23.08%

Agnitum Outpost
PUA.Toolbar.Visicom, PUA.Toolbar.Agent
23.08%

McAfee
Artemis!378E50795A33, Artemis!DDBB24927832, Artemis!663AA5DC1A25, Artemis!90BFF7B1BE4B, Artemis!CD9CE5F337B3
19.23%

K7 AntiVirus
Unwanted-Program
19.23%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
19.23%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
15.38%

Zillya! Antivirus
Adware.Agent.Win32.43878, Adware.AdLoad.Win32.6973
15.38%

G Data
Win32.Application.Agent.68WY77, Win32.Application.Agent.T4QMLM, Win32.Application.Agent.YHYW5Z, Win32.Application.Agent.YKUG4X
15.38%

NANO AntiVirus
Riskware.Nsis.Adware.dmihbl, Riskware.Win32.InstallToolbar.dpqueo
11.54%

AVG
Generic
11.54%

The domain mystart.toolbarstart.com has been seen to resolve to the following 2 IP addresses.

173.45.162.23
webquest-13.nationalnet.com
March 31, 2016

173.45.162.14
visicom-98.nationalnet.com
January 2, 2016

File downloads found at URLs served by mystart.toolbarstart.com.

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (a77a4acd0d846b65f0177ffa6577bb80)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (79d7324c1c9a50eaeeb1ae5ae47f2dd7)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (524292dafdc1c832197b15ba636ea7dc)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (mystarttb_5.5.0.2_samba.exe)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (d2dc3e22c78dfab3a9f817053a95c919)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (4ae4860cbac5d2f89e0052df8a6fbf87)

2 / 68      (false positives)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (wrar420.exe)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (67c9e32227800643f3304d31369b7bae)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (toolbar.exe)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.1_amnis_pdflite.exe  (177cb9ad26ed5ea93195dd4da1f5e7d4)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (mystarttb_5.5.0.2_samba.exe)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (18f370b3162f4a5ee6645f07a884e773)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.1_amnis_pdflite.exe  (installer.exe)

1 / 68      (Adware)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (6a796ea8e4d0b05ef0ecd5de5bb916ba)

16 / 68    (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.5.0.2_amnis_pdflite.exe  (installer.exe)

6 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (e0b9a434f4d2b3bb7aeaed477bc08f2d)

11 / 68    (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.3.3.2_pdflite.exe  (378e50795a33a677f7bbb3337c0806f8)

17 / 68    (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.5.0.2_samba.exe  (663aa5dc1a25dda4fca8872277d2a025)

16 / 68    (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.2_samba.exe  (mystarttb_5.5.0.2_samba.exe)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (19275233a72cd55db4bb65b4bb7a4ae8)

12 / 68    (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (f081b6c9cffd59b93796c91d5ee01f0f)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../  (mystarttb_5.5.0.2_samba.exe)

7 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (6fa5b516c3cb98a1cdcbe0ba1556967d)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_amnis_pdflite.exe  (installer.exe)

15 / 68    (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (1dfb30685017b87f562a3c115a6d7cd4)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_klcp.exe  (81265284886f51d04afde210617ce980)

1 / 68      (PUP)
http://mystart.toolbarstart.com/download/.../mystartTb_5.6.0.6_samba.exe  (mystarttb_5.5.0.2_samba.exe)

URL:
http://mystart.toolbarstart.com/

Title:
“Parking Page - NationalNet, Inc.”

Web server:
Apache/2.2.16 (Debian)

mystart.com

browsercleaner.com

manydownloader.com

torrentdownloader.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.