client.updatestar.com

UpdateStar GmbH

Domain Information

The domain client.updatestar.com registered by UpdateStar GmbH was initially registered in January of 2007 through MESH DIGITAL LIMITED. The domain hosts various software downloads. The hosted servers are located in Koeln, Nordrhein-Westfalen within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from client.updatestar.com - Powered by Reason Core Security
Registrar:
MESH DIGITAL LIMITED

Server location:
Nordrhein-Westfalen, Germany (DE)

Create date:
Thursday, January 18, 2007

Expires date:
Wednesday, January 18, 2017

Updated date:
Sunday, January 17, 2016

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.UpdateStarGmbH.R, PUP.UpdateStarGmbH.Y, PUP.Installer.UpdateStarGmbH.P, PUP.UpdateStarGmbH.BB, PUP.UpdateStarGmbH.DD, PUP.Installer.UpdateStarGmbH.F, PUP.UpdateStarGmbH.CC, PUP.UpdateStarGmbH.J, PUP.UpdateStarGmbH.U, PUP.installCore (M)
100.00%

Trend Micro House Call
TROJ_GEN.F47V0823, TROJ_GEN.F47V0808, TROJ_GEN.F47V0913, TROJ_GEN.F47V0827, TROJ_GEN.F47V0306, TROJ_GEN.F47V0221, TROJ_GEN.F47V0408
42.86%

AVG
MalSign.InstallC
42.86%

Dr.Web
Trojan.MulDrop5.10078, Adware.Downware.2085, Trojan.KillProc.30849, Adware.Downware.4763, Adware.Downware.2220
39.29%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.DownloadAdmin, Trojan.MSIL.Agent
35.71%

McAfee Web Gateway
Artemis!47BFAF37E413, Artemis!43730FB2175B, Artemis!6F9D5B7CDA03, Artemis!B2F79CD59BE9, Artemis!D1E2463C4348, RDN/Generic PUP.x!c2v
32.14%

Sophos
Install Core Click run software, Install Core Installer, Generic PUA DI, Mal/Generic-S
32.14%

McAfee
Artemis!47BFAF37E413, Artemis!43730FB2175B, Artemis!6F9D5B7CDA03, Artemis!B2F79CD59BE9, Artemis!D1E2463C4348, RDN/Generic PUP.x!c2v, RDN/Downloader.a!rk
28.57%

K7 Gateway Antivirus
Unwanted-Program , Trojan
28.57%

VIPRE Antivirus
Adware.Win32.InstallCore.ba, DownloadAdmin
28.57%

ESET NOD32
Win32/InstallCore.JE.gen (variant), Win32/InstallCore.LX (variant), Win32/DownloadAdmin
28.57%

K7 AntiVirus
Unwanted-Program , Trojan
28.57%

Comodo Security
ApplicUnwnt, Application.Win32.InstallCore.BWAN, Application.Win32.Installcore.UPT, Application.Win32.Agent.OCK
28.57%

Fortinet FortiGate
Riskware/InstallCore_JE, Riskware/AirAdInstaller, Riskware/DownloadAdmin
28.57%

Malwarebytes
PUP.Optional.Installcore
25.00%

The domain client.updatestar.com has been seen to resolve to the following 2 IP addresses.

mail.updatestar.com
February 7, 2014

mail.updatestar.com
December 26, 2013

File downloads found at URLs served by client.updatestar.com.

1 / 68      (PUP)
http://client.updatestar.com/files/.../setup.exe  (0c8d739819faa09f88f5fcf89d5e76c7)

4 / 68      (PUP)
http://client.updatestar.com/files/.../setup.exe  (0d9190a80a06ada0902df0726c597667)

2 / 68      (PUP)

1 / 68      (PUP)
http://client.updatestar.com/files/.../UpdateStar_ENU.msi  (c740cba07b850e88c82089c76e4e292a)

14 / 68    (PUP)

4 / 68      (PUP)

28 / 68    (PUP)
http://client.updatestar.com/files/.../7-zipws_EN.exe  (e6df3a92e49d7db7ab1b9ea30b07588a)

28 / 68    (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

1 / 68      (PUP)

28 / 68    (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://client.updatestar.com/files/.../usdrivers.exe  (d74af8b8dfededdd67cd232358e7e2bd)

26 / 68    (PUP)

26 / 68    (PUP)

2 / 68      (PUP)
http://client.updatestar.com/files/.../setup.exe  (a7698532de818db710d732f9e63aa6e5)

1 / 68      (PUP)
http://client.updatestar.com/files/.../usdrivers.exe  (b6e87b2a2cdac56628ab61ee6ce4ee47)

24 / 68    (PUP)
http://client.updatestar.com/files/.../7-zipws_EN.exe  (47bfaf37e413f7444c6589b2629d1f5a)

28 / 68    (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

3 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)
http://client.updatestar.com/.../UpdateStar_ENU.msi  (44e55c3f7eac64270fbfac36f7ad6da7)

The following file have been seen to comunicate with client.updatestar.com in live environments.

URL:
http://client.updatestar.com/

Google Analytics:
UA-113330

Title:
“UpdateStar.com”

Web server:
nginx/1.1.19 (PHP/5.3.10-1ubuntu3.21)

Facebook:
Shares:  5

Statistics are for the previous month.

Remove Malware from client.updatestar.com - Powered by Reason Core Security