sr.systweak.com

SYSTWEAK INC

Domain Information

The domain sr.systweak.com registered by SYSTWEAK INC was initially registered in September of 2001 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Remove Malware from sr.systweak.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Friday, September 28, 2001

Expires date:
Wednesday, September 28, 2022

Updated date:
Monday, July 29, 2013

ASN:
AS16265 LEASEWEB LeaseWeb B.V.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.SystweakSoftware.X, PUP.Optional.Installer.SystweakSoftware.Y, PUP.Optional.SystweakSoftware.t, PUP.Optional.Installer.SystweakSoftware.EE, PUP.Optional.Installer.SystweakSoftware.W, PUP.Optional.Installer.SystweakSoftware.b, PUP.Optional.SystweakSoftware.a, PUP.Optional.Installer.g, PUP.Optional.Installer.b, PUP.Optional.Installer.d, Win32.Generic, PUP.Linkular.Company.Installer (M), PUP.Systweak.Optional.Installer.Meta (L)
97.06%

Malwarebytes
PUP.Optional.RegCleanerPro, PUP.Optional.RegCleanPro
58.82%

ESET NOD32
Win32/MyPCBackup, Win32/Systweak
58.82%

G Data
Win32.Application.RegCleanPro
32.35%

Trend Micro House Call
TROJ_GEN.F47V1231, TROJ_GEN.F47V0123, TROJ_GEN.F47V0228, TROJ_GEN.F47V0303, TROJ_GEN.F47V0321, TROJ_GEN.F47V0318
20.59%

Sophos
Registry Cleaner, PUA 'Install Core Click run software'
17.65%

Dr.Web
Program.Unwanted.31, riskware program Program.Unwanted.31, Adware.InstallCore.101, Adware.InstallCore.122
14.71%

McAfee
Artemis!A8ACB2012379, Artemis!D3E8275480A5, Artemis!EC2EDF135F90, Artemis!ABB178EF6EE7
11.76%

McAfee Web Gateway
Artemis!A8ACB2012379, Artemis!D3E8275480A5, Artemis!EC2EDF135F90, Artemis!ABB178EF6EE7
11.76%

herdProtect (fuzzy)
a variant of 8ea197de7dba22f77907ca1cf8ae3b646b550979, a variant of fd398692c868c081ceebbe2dc1de4848fc327b79, a variant of 850f6dafc50a58858cb54c17beb647bc237ccf0a
8.82%

AhnLab V3 Security
PUP/Win32.RegCleanPro
5.88%

Boost by Reason
PUP.Installer.SystweakSoftware.X
2.94%

Fortinet FortiGate
Riskware/RegCleanPro
2.94%

VIPRE Antivirus
Threat.4150696
2.94%

ESET NOD32
Win32/InstallCore.BL potentially unwanted application
2.94%

The domain sr.systweak.com has been seen to resolve to the following 3 IP addresses.

82-196-245-216.static.reverse.lstn.net
January 27, 2016

November 29, 2014

WIN-U6LRFVJHUID
December 22, 2013

File downloads found at URLs served by sr.systweak.com.

3 / 68      (PUP)

2 / 68      (PUP)

3 / 68      (PUP)
https://sr.systweak.com/.../?x-src=marm1&x-cam=marm1454012189my_adroi  (rcpsetupmarm1_marm1169649741jp_conduit.exe)

2 / 68      (PUP)

3 / 68      (PUP)
https://sr.systweak.com/.../?x-at=ds193540845  (rcpsetupdsnr_ds1888745.exe)

4 / 68      (PUP)

5 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

7 / 68      (PUP)

4 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=smg4  (rcpsaymgcam_smg1559769.exe)

1 / 68      (Malware)
http://sr.systweak.com/.../?x-src=marm2&x-cam=marm20us  (rcpsetupmarm2_marm21719011dk.exe)

4 / 68      (PUP)

3 / 68      (PUP)

4 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=apnnew2_1945914_es  (rcpsetupapnnew_apnnew2_1996961_tr.exe)

1 / 68      (Malware)

4 / 68      (PUP)
https://sr.systweak.com/.../?x-cam=apnnew2_1880376_dk  (rcpsetupapnnew_apnnew2_1466925_mx.exe)

2 / 68      (PUP)
https://sr.systweak.com/.../?x-src=newmarm1&x-cam=newmarm1dk  (rcpsetupnewmarm1_newmarm1de_aot.exe)

3 / 68      (PUP)

7 / 68      (PUP)

5 / 68      (PUP)
https://sr.systweak.com/.../?x-src=mapp1&x-cam=mapp11909214ar  (7ad1687af1b2ba9bc70bb5e7e0e76f7c.exe)

4 / 68      (PUP)
https://sr.systweak.com/.../?x-src=mapp3&x-cam=mapp31466921nl  (a96706b156e6fffd29146989f108c858.exe)

5 / 68      (PUP)
https://sr.systweak.com/.../?x-at=ds451271009  (rcpsetupdsnr_ds452086108.exe)

2 / 68      (PUP)

5 / 68      (PUP)

4 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Malware)

 
Latest 30 of 1,290 download URLs

URL:
http://sr.systweak.com/

SSL certificate subject:
CN=*.systweak.com, OU=PremiumSSL Wildcard, OU=100, O=Systweak Software, STREET="572 573, G-1, Tower B-1 Evolve, IT/ITeS Mahindra World Cit", L=Jaipur, S=Rajasthan, PostalCode=302026, C=IN

SSL certificate issuer:
CN=COMODO RSA Organization Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
Microsoft-IIS/8.5 (ASP.NET)

Facebook:
Shares:  1

Compete.com:
US visitors:  90,529

Statistics are for the previous month.

Remove Malware from sr.systweak.com - Powered by Reason Core Security