home

download.downloadsetup.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain download.downloadsetup.net is registered by proxy through GODADDY.COM, LLC and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Tel Aviv, Tel Aviv within Israel which resides on the RIPE Network Coordination Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Tel Aviv, Israel (IL)

Create date:
Tuesday, October 8, 2013

Expires date:
Sunday, October 8, 2017

Updated date:
Wednesday, September 9, 2015

ASN:
AS6461 MFNX MFN - Metromedia Fiber Network

Root domain:
downloadsetup.net

Whois:
3 downloadsetup.net records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bandoo.BandooMedia.Installer (M), PUP.Bandoo.BandooMe.Installer (M), PUP.ILivid.WebBar (M), Win32.Generic, PUP.Bandoo (M)
98.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.5059975
6.00%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A, Threat.Undefined
4.00%

F-Secure
Application:W32/Generic.70053c248f!Online, Adware.SwiftBrowse.CX
4.00%

Malwarebytes
PUP.Optional.Bandoo
4.00%

Agnitum Outpost
PUA.Toolbar.SearchSuite
4.00%

F-Prot
W32/S-d6eb7b12, W32/SearchSuite.B.gen
4.00%

Trend Micro House Call
Suspicious_GEN.F47V1215, Suspicious_GEN.F47V1228
4.00%

Clam AntiVirus
Win.Adware.Searchsuite-3
4.00%

Dr.Web
Adware.Bandoo.179, Adware.Bandoo.194
4.00%

Avira AntiVirus
Adware/SeaSuite.inze, PUA/iLivid.Gen
4.00%

AhnLab V3 Security
PUP/Win32.Downloader, PUP/Win32.SearchSuite
4.00%

McAfee
Artemis!8BE75064A0C1, Artemis!E22D0A971921
4.00%

Baidu Antivirus
Adware.Win32.iLivid
4.00%

Fortinet FortiGate
Riskware/ILivid
4.00%

The domain download.downloadsetup.net has been seen to resolve to the following IP address.

94.31.0.27
94.31.0.27.IPYX-076665-ZYO.above.net
December 22, 2013

File downloads found at URLs served by download.downloadsetup.net.

1 / 68      (PUP)
http://download.downloadsetup.net/iLividSetup.exe  (ilividsetup-r484-n-bc.exe)

The following 9 files have been seen to comunicate with download.downloadsetup.net in live environments.

TCP » 94.31.0.27:80
iLivid.exe (iLivid Download Manager by Bandoo Media)

TCP » 94.31.0.27:80
iLivid.exe (iLivid Download Manager by Bandoo Media Inc)

TCP » 94.31.0.27:80
iLivid.exe (iLivid Download Manager by Bandoo Media)

TCP » 94.31.0.27:80
iLivid.exe (iLivid Download Manager by Bandoo Media)

TCP » 94.31.0.27:80
jingling.exe

TCP » 94.31.0.27:80
iLivid.exe (iLivid Download Manager by Bandoo Media)

TCP » 94.31.0.27:80
GoogleUpdate.exe (Google Update Services by Google lnc)

TCP » 94.31.0.27:80
iLivid.exe (iLivid Download Manager by Bandoo Media)

TCP » 94.31.0.27:80
ilivid.exe (iLivid by Bandoo Media)

downlaodvideo.net

downloadquick.net

expresdownload.com

expressdownload.net

free-video-downloader.net

ilivid.com

installspeed.com

sharelive.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.