home

www.startsdownload.com

Kim Watson

Domain Information

The domain www.startsdownload.com registered by Kim Watson was initially registered in October of 2012 through DOMAIN.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Burlington, Massachusetts within the United States which resides on the The Endurance International Group, Inc. network.
Registrar:
DOMAIN.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Monday, October 15, 2012

Expires date:
Saturday, October 15, 2016

Updated date:
Wednesday, September 30, 2015

Root domain:
startsdownload.com

Whois:
3 startsdownload.com records

Scanner detections:
Detections  (70% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler (M), PUP.Win.Reputation, PUP.Installer.DownloadShield, PUP.DownloadShield.Installer (M), Adware.DownloadShield.Bundle.Installer.Meta (M), PUP.installCore.DownloadJet.Installer (M)
80.95%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Worm.Koobface.rtz
71.43%

VIPRE Antivirus
Conduit, No Threat: Solimba, Trojan.Win32.Generic, DownloadShield, Threat.4786018
47.62%

McAfee
Artemis!782BAEE48B9C, Artemis!3188C050DF0E, Artemis!3495F84668DA, Artemis!824534B45B24, Artemis!5D1EE232CB3E, Artemis!D5D63E620531, Artemis!4CF599E48944, Artemis!DF664BAA27D8
42.86%

AVG
MultiBundle, Could be an adware MultiBundle
42.86%

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader
33.33%

Trend Micro House Call
TROJ_GEN.R0CBH07DK14, TROJ_GEN.F47V0308, HV_ZYX_CA083374.TOMC, TROJ_GEN.R047H05CG15, TROJ_GEN.F47V0802, Suspicious_GEN.F47V0413
28.57%

Qihoo 360 Security
Win32/Trojan.dc4, HEUR/QVM42.1.Malware.Gen, QVM42.0.Malware.Gen, Win32/Trojan.dd1
28.57%

Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF
14.29%

Kaspersky
Trojan.Win32.StartPage
9.52%

K7 AntiVirus
Trojan , Riskware
9.52%

ESET NOD32
Win32/DownWare, Win32/DownWare.Y potentially unwanted
9.52%

avast!
Win32:Malware-gen, Win32:Evo-gen [Susp]
9.52%

NANO AntiVirus
Riskware.Nsis.Dloader.dvvnkj
9.52%

Dr.Web
Trojan.MulDrop5.15015
4.76%

The domain www.startsdownload.com has been seen to resolve to the following 2 IP addresses.

66.96.149.16
16.149.96.66.static.eigbox.net
February 7, 2016

66.96.162.132
132.162.96.66.static.eigbox.net
May 1, 2014

File downloads found at URLs served by www.startsdownload.com.

4 / 68      (PUP)
http://www.startsdownload.com/winrar/.../WinRAR_Setup.exe  (bc9bdee37de2332978763d4828cac595)

0 / 68
http://www.startsdownload.com/.../download  (picasa.exe)

0 / 68
http://www.startsdownload.com/avg/.../AVG.exe  (avg_free_stb_all_2013_3272_cnet.exe)

12 / 68    (PUP)
http://www.startsdownload.com/picasa/.../Picasa_Setup.exe  (3b18d763a0e6f2e631437a2eedb4c576)

0 / 68
http://www.startsdownload.com/.../download  (minecraft.exe)

0 / 68
http://www.startsdownload.com/picasa/.../Picasa.exe  (setup.exe)

0 / 68
http://www.startsdownload.com/minecraft/.../Minecraft.exe  (MinecraftLauncher.exe)

3 / 68      (PUP)
http://www.startsdownload.com/.../download  (winrar_setup.exe)

0 / 68
http://www.startsdownload.com/picasa/.../  (picasa39-setup.exe)

7 / 68      (PUP)
http://www.startsdownload.com/winrar/.../  (winrar_setup.exe)

0 / 68
http://www.startsdownload.com/winrar/.../WinRAR.exe  (wrar420.exe)

The following file have been seen to comunicate with www.startsdownload.com in live environments.

TCP » 66.96.149.16:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://www.startsdownload.com/

Title:
“Use StartsDownload to find completely free software. | StartsDownload”

Description:
“StartsDownload lets you find awesome software that is 100% free.”

Web server:
Apache/2

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.