home

www.bigspeedpro.com

Somoto Ltd.  (via a Proxy Registrant)

Domain Information

The domain www.bigspeedpro.com is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2009. This domain has been seen distributing various forms of adware (some being very aggressive) directly or via bundled installations. The hosted servers are located in Haarlem, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Somoto Ltd. who is located in Tel Aviv, Israel.
Registrar:
GODADDY.COM, LLC

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Saturday, October 24, 2009

Expires date:
Monday, October 24, 2016

Updated date:
Saturday, October 17, 2015

ASN:
AS60781 LEASEWEB-NL LeaseWeb B.V.,NL

Root domain:
bigspeedpro.com

Whois:
4 bigspeedpro.com records

Google Safe Browsing:
unwanted

Scanner detections:
Adware distribution

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallX.Bundle, PUP.Installer.Somoto.O, PUP.Installer.DSNR.K, (M), PUP.Somoto.S, PUP.Crossrider.Bwqjlhi.Installer.Meta (M), Win32.Generic, PUP.Crossrider.Nero.Installer.Meta (M), PUP.Downloader.Vzbxxyf.Installer (M), PUP.Downloader.Installer (M)
60.00%

Dr.Web
Adware.Somoto.16, Tool.InstallToolbar.107, Adware.Somoto.4, Trojan.Crossrider.41, Trojan.DownLoader9.53341, Adware.Toolbar.26
36.67%

ESET NOD32
Win32/Somoto, Win32/Bundled.Toolbar.Ask (variant), Win32/Packed.ScrambleWrapper, Win32/Toolbar.Conduit, Win32/DownWare, Win32/Downloader.Agent.AF
30.00%

Trend Micro House Call
TROJ_GEN.F47V0717, HV_ZYX_BL132900.TOMC, TROJ_GEN.F47V0127, TROJ_GEN.F47V0321, TROJ_GEN.F47V0201, TROJ_GEN.R0CBH07CI14, Suspicious_GEN.F47V0722
26.67%

Panda Antivirus
PUP/MultiToolbar.A, Adware/MultiToolbar, PUP/Conduit.A
20.00%

Bkav FE
W32.Clod966.Trojan, W32.Clodad0.Trojan, HW32.CDB, W32.Clod1ed.Trojan, W32.Cloda64.Trojan
16.67%

VIPRE Antivirus
Threat.46249, Adware.Agent, GamePlayLabs, BetterInstaller
16.67%

G Data
Win32.Parite, Win32.Application.Somoto
16.67%

Baidu Antivirus
Virus.Win32.Parite.$b, Trojan.Win32.ScrambleWrapper, Trojan.Win32.Agent, PUA.Win32.Downloader
16.67%

Fortinet FortiGate
W32/Parite.B, Riskware/Sim
16.67%

K7 AntiVirus
Unwanted-Program , Trojan
13.33%

McAfee
W32/Pate.b, Artemis!F236C9F24BFC, Artemis!C3CC961D429C, Artemis!3E7F357E4970
13.33%

NANO AntiVirus
Virus.Win32.Parite.bgvo, Riskware.Win32.RemoteAdmin.ccgsdt, Trojan.Win32.KillProc.dbxknj, Trojan.Win32.NtRootKit.dfbyev
13.33%

AhnLab V3 Security
Win32/Parite, PUP/Win32.Adware, Adware/Win32.Somoto
13.33%

Rising Antivirus
PE:Win32.Parite.b!16043, Suspicious, PE:Trojan.Win32.Generic.157848B0!360204464, Trojan.Win32.Generic.143F7D01
13.33%

The domain www.bigspeedpro.com has been seen to resolve to the following 5 IP addresses.

212.7.199.181
May 4, 2015

78.138.126.82
May 3, 2015

212.7.206.93
January 4, 2014

212.7.212.136
November 16, 2013

212.7.206.92
August 4, 2013

File downloads found at URLs served by www.bigspeedpro.com.

0 / 68
http://www.bigspeedpro.com/mirror/nerocrossrider/.../flvplayer_update.exe  (rad8fb87.tmp_update.exe)

1 / 68      (Adware)
http://www.bigspeedpro.com/mirror/nerocrossrider/.../appshatmini_update.exe  (radda44f.tmp_update.exe)

0 / 68
http://www.bigspeedpro.com/software_files/firefox/.../Firefox Setup 16.0.1.exe  (18b46e351124811718254e2d30dbea2a)

0 / 68
http://www.bigspeedpro.com/software_files/avg_antivirus_32/.../avg_free_x86_all_2013_2677a5774.exe  (56b34023e78e364348b43ea648eae2a9)

0 / 68
http://www.bigspeedpro.com/software_files/flashplayer_ie/.../install_flash_player_ax.exe  (FlashUtil.exe)

0 / 68
http://www.bigspeedpro.com/software_files/bittorrent/.../BitTorrent.exe  (utt2e1a.tmp.exe)

3 / 68
http://www.bigspeedpro.com/software_files/utorrent/.../uTorrent.exe  (utorrent 3.2.1.exe)

0 / 68
http://www.bigspeedpro.com/software_files/intel_pro_wireless_win7_64/.../Wireless_15.2.0_Ds64.exe  (e0438590b819811531e0a3da9466e6f7)

1 / 68      (Adware)
http://www.bigspeedpro.com/mirror/nerocrossrider/.../apps-hat-mini.exe  (892fb269d258a7f6b6b6e05042e53440)

6 / 68      (inconclusive)
http://www.bigspeedpro.com/mirror2/.../HUD-Blue Skin Pack 1.0-X64.exe  (3e7f357e4970da1f4626ca52680d5961)

0 / 68
http://www.bigspeedpro.com/software_files/adobe_air/.../AdobeAIRInstaller.exe  (48c71793b1031fddff8b7bf9d978731a)

0 / 68
http://www.bigspeedpro.com/mirror2/.../Green_Alienware_Skin_Pack_3.0-X64.exe  (0f3bd319ebd79d120ec5fc915d6ee146)

0 / 68
http://www.bigspeedpro.com/software_files/safari/.../SafariSetup.exe  (0a5b39a859eb84484d5559a8ba22f736)

0 / 68
http://www.bigspeedpro.com/software_files/shockwave/.../Shockwave_Installer_Full.exe  (a4dc0cc7431d1e02774a0d20f80334ea)

3 / 68      (Adware)
http://www.bigspeedpro.com/software_files/flvplayer/.../FLVPlayerSetup.exe  (dcf6229e9028e31875abdf8d9f157b5d)

2 / 68
http://www.bigspeedpro.com/software_files/ultravnc/.../UltraVNC_1.0.9.6.2_Setup.exe  (45c02a90a56b96f973835307147f042d)

1 / 68      (Malware)
http://www.bigspeedpro.com/software_files/ares_galaxy/.../aresregular218_installer.exe  (8c78e50e45e548eeb7898baa16413c96)

0 / 68
http://www.bigspeedpro.com/software_files/free_media_player/.../fmp-2.0.3-win32.exe  (vlc-2.0.3-win32.exe)

0 / 68
http://www.bigspeedpro.com/software_files/google_earth/.../GoogleEarthWin.exe  (googleearthwinpro v6.2.2.6613 by des-za.exe)

0 / 68
http://www.bigspeedpro.com/software_files/silverlight/.../Silverlight.exe  (SFXCAB.EXE)

0 / 68
http://www.bigspeedpro.com/software_files/internet_explorer_vista/.../IE9-WindowsVista-x86-enu.exe  (2206554_stp.exe)

2 / 68      (PUP)
http://www.bigspeedpro.com/mirror2/.../etypesetup.exe  (4d35527d7db8d4c999dd49fb2c8f519f)

3 / 68      (inconclusive)
http://www.bigspeedpro.com/mirror2/.../iOS_Skin_Pack_3.0-X64.exe  (6e315ab28022f2fcceebb0e4c21adb37)

0 / 68
http://www.bigspeedpro.com/software_files/windows_live_mail/.../wlsetup-web.exe  (02e392ff9e7c53535d14f7fbc6eb31e2)

2 / 68      (PUP)
http://www.bigspeedpro.com/software_files/7zip_32/.../7z920.exe  (b3fdf6e7b0aecd48ca7e4921773fb606)

16 / 68    (Adware)
http://www.bigspeedpro.com/mirror/nerocrossrider/.../flv-player-addon.exe  (f236c9f24bfc12a2c86a57511f2fbab0)

9 / 68      (PUP)
http://www.bigspeedpro.com/mirror/.../LuckySavingsV3.exe  (5553d15c3291cad9adf3bc588f3e2d36)

2 / 68
http://www.bigspeedpro.com/software_files/winzip/.../winzip16-32.exe  (510990e49318f60f1284edfccedc8245)

5 / 68      (inconclusive)
http://www.bigspeedpro.com/mirror2/.../Mountain_Lion_Skin_Pack_1.0-X86.exe  (8c45cca88b2a7796d67d9e39d3682e05)

0 / 68
http://www.bigspeedpro.com/software_files/any_video_converter/.../avc-free.exe  (anyvidconv3.5.5.exe)

 
Latest 30 of 85 download URLs

URL:
http://www.bigspeedpro.com/

SSL certificate subject:
CN=bigspeedpro.com, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx

Facebook:
Likes:  26
Shares:  22
Comments:  30

Statistics are for the previous month.

filesfrog.com

pccleanuputility.com

down1oads.com

softigloo.com

downloadab.com

frogdownload.com

betterinstaller.com

filebulldog.com

bisrv.com

softingo.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.