getvdownloader.com

Vitzo LLC

Domain Information

The domain getvdownloader.com registered by Vitzo LLC was initially registered in June of 2010 through REALTIME REGISTER BV. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from getvdownloader.com - Powered by Reason Core Security
Registrar:
REALTIME REGISTER BV

Server location:
Bayern, Germany (DE)

Create date:
Monday, June 28, 2010

Expires date:
Tuesday, June 28, 2016

Updated date:
Sunday, June 28, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online AG

Scanner detections:
Detections  (85% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/InstallCore.CF (variant), Win32/InstallCore.AF (variant), Win32/InstallCore.AY (variant), Win32/InstallCore.DN (variant), Win32/OpenCandy (variant), Win32/OpenCandy.A potentially unsafe (variant)
91.67%

Reason Heuristics
PUP.IronPremium.K, PUP.Clickrunsoftware.x, PUP.Clickrunsoftware.a, PUP.IronPremium.W, PUP.IronInstall.I, PUP.WorldSetup.W
91.67%

VIPRE Antivirus
InstallCore, Click run software, Trojan.Win32.Generic, Opencandy
70.83%

Dr.Web
Trojan.Packed.24764, Adware.InstallCore.45, Adware.InstallCore.72, Trojan.Packed.24524, Adware.InstallCore.122, Adware.InstallCore.43
66.67%

Baidu Antivirus
Adawre.Win32.InstallCore, Adware.Win32.InstallCore, Trojan.Win32.Agent, Adware.Win32.OpenCandy
50.00%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy, Riskware/Agent
45.83%

Avira AntiVirus
ADWARE/InstallCore.Gen7, APPL/Downloader.Gen6, Adware/InstallCore.758144
41.67%

K7 Gateway Antivirus
Unwanted-Program , Trojan
37.50%

K7 AntiVirus
Unwanted-Program , Trojan
33.33%

Sophos
Install Core Click run software, Generic PUA JB
33.33%

McAfee
Artemis!6D66CE925BF4, Artemis!FD2F7DD0058B, Artemis!C360EB4F3E8C, Artemis!D0D565716719, Artemis!3CFBB9728263, Artemis!9772CD9B117C
29.17%

McAfee Web Gateway
Artemis!6D66CE925BF4, BehavesLike.Win32.Fujacks.hc
29.17%

AVG
MalSign.Generic, MalSign.InstallCore
29.17%

Bkav FE
W32.Cloda5d.Trojan, W32.Clod445.Trojan, W32.HfsAdware
25.00%

Vba32 AntiVirus
BScope.Malware-Cryptor.InstallCore.2691, Downware.InstallCore, Malware-Cryptor.InstallCore.9
25.00%

The domain getvdownloader.com has been seen to resolve to the following 5 IP addresses.

October 12, 2015

October 12, 2015

August 17, 2014

August 17, 2014

dc-63567025.softcdn.com
December 18, 2013

File downloads found at URLs served by getvdownloader.com.

0 / 68
http://getvdownloader.com/.../VDownloaderSetup.exe  (e512bbc7ced7dc1df87ad77734fd9cb0)

3 / 68      (PUP)
http://getvdownloader.com/VDownloader4OC.exe  (b494624aebe20a832cea80c27f1abf1f)

8 / 68      (Adware)
https://getvdownloader.com/VDownloader4OC.exe  (7757fe5f32e0cda4b72742b2cbbcd032)

0 / 68
http://getvdownloader.com/VDownloaderInstallerIC.exe  (4a76d694d0895dc2cb79883324b11bdc)

3 / 68      (Adware)
http://getvdownloader.com/?p=button  (vdownloader4oc.exe)

3 / 68      (Adware)

3 / 68      (Adware)

10 / 68    (Adware)

3 / 68      (Adware)

11 / 68    (Adware)
http://getvdownloader.com/?p=FetchVideo.com  (vdownloaderinstalleric.exe)

3 / 68      (Adware)
http://getvdownloader.com/  (vdownloader4oc.exe)

10 / 68    (Adware)
http://getvdownloader.com/VDownloader3IC.exe  (96f5efb9bb3cf5f55c407309cfe0dfc4)

0 / 68
http://getvdownloader.com/WinPcapNmap.exe  (10fc121fdd0d63a7432d55f0e6882550)

17 / 68    (Adware)
http://getvdownloader.com/VDownloaderIC.exe  (vdownloaderinstalleric.exe)

5 / 68      (PUP)
http://getvdownloader.com/.../VDownloaderSetup.exe  (145d6b723118f87bd53633de3402190d)

18 / 68    (Adware)
http://getvdownloader.com/VDownloaderInstaller.exe  (icreinstall_vdownloaderinstaller.exe)

9 / 68      (Adware)

September 5, 2014

URL:
http://getvdownloader.com/

Google Analytics:
UA-33636530

Title:
“Thank you for downloading VDownloader!”

SSL certificate subject:
CN=ssl276652.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx (PHP/5.6.4)

Remove Malware from getvdownloader.com - Powered by Reason Core Security