home

client.updatestar.com

UpdateStar GmbH

Domain Information

The domain client.updatestar.com registered by UpdateStar GmbH was initially registered in January of 2007 through MESH DIGITAL LIMITED. The domain hosts various software downloads. The hosted servers are located in Koeln, Nordrhein-Westfalen within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
MESH DIGITAL LIMITED

Server location:
Nordrhein-Westfalen, Germany (DE)

Create date:
Thursday, January 18, 2007

Expires date:
Wednesday, January 18, 2017

Updated date:
Sunday, January 17, 2016

Root domain:
updatestar.com

Whois:
3 updatestar.com records

Scanner detections:
Detections  (87% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.UpdateStarGmbH.R, PUP.UpdateStarGmbH.Y, PUP.Installer.UpdateStarGmbH.P, PUP.UpdateStarGmbH.BB, PUP.UpdateStarGmbH.DD, PUP.Installer.UpdateStarGmbH.F, PUP.UpdateStarGmbH.CC, PUP.UpdateStarGmbH.J, PUP.UpdateStarGmbH.U, PUP.installCore (M), PUP.installCore.UpdateStar (M), PUP.Air Software.Download.Bundler (M)
97.06%

Trend Micro House Call
TROJ_GEN.F47V0823, TROJ_GEN.F47V0808, TROJ_GEN.F47V0913, TROJ_GEN.F47V0827, TROJ_GEN.F47V0306, TROJ_GEN.F47V0221, TROJ_GEN.F47V0408
35.29%

AVG
MalSign.InstallC
35.29%

Dr.Web
Trojan.MulDrop5.10078, Adware.Downware.2085, Trojan.KillProc.30849, Adware.Downware.4763, Adware.Downware.2220
35.29%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.DownloadAdmin, Trojan.MSIL.Agent
32.35%

Sophos
Install Core Click run software, Install Core Installer, Generic PUA DI, Mal/Generic-S
29.41%

McAfee
Artemis!47BFAF37E413, Artemis!43730FB2175B, Artemis!6F9D5B7CDA03, Artemis!B2F79CD59BE9, Artemis!D1E2463C4348, RDN/Generic PUP.x!c2v, RDN/Downloader.a!rk
23.53%

VIPRE Antivirus
Adware.Win32.InstallCore.ba, DownloadAdmin
23.53%

ESET NOD32
Win32/InstallCore.JE.gen (variant), Win32/InstallCore.LX (variant), Win32/DownloadAdmin
23.53%

K7 AntiVirus
Unwanted-Program , Trojan
23.53%

Comodo Security
ApplicUnwnt, Application.Win32.InstallCore.BWAN, Application.Win32.Installcore.UPT, Application.Win32.Agent.OCK
23.53%

Fortinet FortiGate
Riskware/InstallCore_JE, Riskware/AirAdInstaller, Riskware/DownloadAdmin
23.53%

Malwarebytes
PUP.Optional.Installcore
20.59%

Agnitum Outpost
PUA.InstallCore, Trojan.MulDrop
20.59%

Avira AntiVirus
ADWARE/InstallCore.Gen7, Adware/InstallCore.A.169
20.59%

The domain client.updatestar.com has been seen to resolve to the following 2 IP addresses.

91.250.96.112
mail.updatestar.com
February 7, 2014

83.169.6.155
mail.updatestar.com
December 26, 2013

File downloads found at URLs served by client.updatestar.com.

2 / 68      (PUP)
http://client.updatestar.com/files/.../ProductKeyFinder64.exe  (6d89f7433922c36bcf6eb9cf3ab2ca75)

1 / 68      (PUP)
http://client.updatestar.com/files/.../AppCleaner_installer.exe  (ad6da5661db3c5a1421bee3cd1b14d51)

0 / 68
http://client.updatestar.com/.../UpdateStar_ENU.msi  (30437da817e389d499a1641300d5ae12)

0 / 68
http://client.updatestar.com/files/.../setup.exe  (44daf3349742f94240dc25f2a7e60f82)

4 / 68      (PUP)
http://client.updatestar.com/files/.../updatestardrivers.exe  (4dd7fe35_stp.exe)

2 / 68      (PUP)
http://client.updatestar.com/files/.../usonlinebackup64_ENU_installer.exe  (4bf503153820acfc997b903d208f041b)

1 / 68      (PUP)
http://client.updatestar.com/files/.../UpdateStar_ENU.msi  (c740cba07b850e88c82089c76e4e292a)

12 / 68    (PUP)
http://client.updatestar.com/files/.../updatestar-setup.exe  (223d0a480169d589185aaea8892f63bb)

3 / 68      (PUP)
http://client.updatestar.com/files/.../UpdateStar_GER_installer.exe  (a9102ac5694fd047a5282524e084710a)

24 / 68    (PUP)
http://client.updatestar.com/files/.../7-zipws_EN.exe  (e6df3a92e49d7db7ab1b9ea30b07588a)

24 / 68    (PUP)
http://client.updatestar.com/files/drivers/.../updatestardrivers_EN.exe  (e486c9492af1a7ce3e24dddf4ac4d374)

1 / 68      (PUP)
http://client.updatestar.com/files/.../updatestardrivers_installer.exe  (1b719132a0bf2ab4be44565902c8ff23)

1 / 68      (PUP)
http://client.updatestar.com/files/.../UpdateStar_ENU_installer.exe  (91010416000cef2f2461c286d8f2b015)

1 / 68      (PUP)
http://client.updatestar.com/files/.../usdrivers.exe  (d74af8b8dfededdd67cd232358e7e2bd)

23 / 68    (PUP)
http://client.updatestar.com/files/updatestar/.../updatestarlb_EN.exe  (icreinstall_updatestarlb_en.exe)

23 / 68    (PUP)
http://client.updatestar.com/files/drivers/.../updatestardriverslb_EN.exe  (6f9d5b7cda03282011762e37a4fbcc0e)

3 / 68      (PUP)
http://client.updatestar.com/files/.../PasswordFinder_installer.exe  (88503641b20659c9df340c0702d14ab7)

1 / 68      (PUP)
http://client.updatestar.com/.../UpdateStar_PAD_ENU.msi  (updatestar_enu.msi)

3 / 68      (PUP)
http://client.updatestar.com/files/.../setup_installer.exe  (9ef1fc3921e287a338853fb5b0f1f967)

2 / 68      (PUP)
http://client.updatestar.com/files/.../ProductKeyFinder64_installer.exe  (cf6a270fd4ba03fb1e63871e45a4b226)

The following 9 files have been seen to comunicate with client.updatestar.com in live environments.

TCP » 91.250.96.112:80
qiyu.exe

TCP » 91.250.96.112:80
UCBrowser.exe (by UCWeb)

TCP » 91.250.96.112:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 91.250.96.112:80
updatestar.exe (UpdateStar by UpdateStar GmbH)

TCP » 91.250.96.112:80
UCBrowser.exe (by UCWeb)

TCP » 91.250.96.112:80
PennyBeeW.exe (PennyBee)

TCP » 91.250.96.112:80
amigo.exe (Amigo by Mail.Ru)

TCP » 91.250.96.112:80
UCBrowser.exe (by UCWeb)

TCP » 91.250.96.112:80
updatestar.exe (UpdateStar by UpdateStar GmbH)

URL:
http://client.updatestar.com/

Google Analytics:
UA-113330

Title:
“UpdateStar.com”

Web server:
nginx/1.1.19 (PHP/5.3.10-1ubuntu3.21)

Facebook:
Shares:  5

Statistics are for the previous month.

updatestar.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.