www.ytddownloader.com

Greentree Applications SRL

Domain Information

The domain www.ytddownloader.com registered by Greentree Applications SRL was initially registered in September of 2012 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Frankfurt Am Main, Hessen within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from www.ytddownloader.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Hessen, Germany (DE)

Create date:
Tuesday, September 25, 2012

Expires date:
Sunday, September 25, 2016

Updated date:
Tuesday, December 04, 2012

ASN:
AS60781 LEASEWEB-NL LeaseWeb Netherlands B.V.,NL

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.GreentreeApplicationsSRL.N, PUP.Optional.Installer, Threat.Installer.GreenTreeApplicationssrl, Win32.Generic.Installer.Meta, Win32.Generic.GreenTreeApplicationssrl.Installer.Meta, PUP.YTD.Optional.Installer.Meta (L), Win32.Generic.GreentreeApplications.Installer.Meta
100.00%

Bkav FE
W32.Clod5b0.Trojan, W32.HfsAdware
78.26%

Zillya! Antivirus
Adware.RocketTab.Win32.32, Adware.Toolbar.Win32.343, Adware.Agent.Win32.75599, Downloader.Genome.Win32.53447
65.22%

Dr.Web
Adware.BGuard.24, Adware.Downware.10873, Adware.Downware.11149, Adware.Downware.12103, Adware.Downware.12805, Adware.Downware.10494
65.22%

Trend Micro House Call
TROJ_GEN.R08NH07HS14, TROJ_GEN.R0C1H07CH15, Suspicious_GEN.F47V0415, Suspicious_GEN.F47V0421, TROJ_GEN.R0C1H07D115, TROJ_GEN.R047H05B115
65.22%

NANO AntiVirus
Riskware.Win32.Bundled.dacits, Trojan.Nsis.DownLoader12.dqgtta, Riskware.Nsis.Downware.dqgtrk
60.87%

Kaspersky
not-a-virus:AdWare.MSIL.RocketTab, not-a-virus:HEUR:Downloader.Win32.Generic
47.83%

McAfee Web Gateway
Artemis, BehavesLike.Win32.Suspicious.cc
47.83%

McAfee
Artemis!77278F18ABAC, Artemis!4EC0C81186BF, Trojan.Artemis!1D3FC47C1B4B, Artemis!62E9639CACD4
43.48%

Panda Antivirus
Trj/NsisDownloader.A, Generic Suspicious, Trj/CI.A
43.48%

avast!
Win32:Adware-gen [Adw], Win32:PUP-gen [PUP]
43.48%

ESET NOD32
Win32/Toolbar.Widgi (variant), Win32/Bundled.Toolbar.Ask (variant), Win32/Toolbar.Widgi potentially unwanted, Win32/Bundled.Toolbar.Ask.G potentially unsafe (variant)
39.13%

Qihoo 360 Security
Malware.QVM20.Gen
39.13%

K7 Gateway Antivirus
Trojan , Unwanted-Program , Adware
30.43%

K7 AntiVirus
Trojan , Unwanted-Program , Adware
30.43%

The domain www.ytddownloader.com has been seen to resolve to the following 4 IP addresses.

hosted-by.leaseweb.com
December 1, 2015

hosted-by.leaseweb.com
October 12, 2015

hosted-by.leaseweb.com
December 25, 2013

August 6, 2013

File downloads found at URLs served by www.ytddownloader.com.

5 / 68      (PUP)

21 / 68    (PUP)

12 / 68    (PUP)

9 / 68      (PUP)

 
Latest 30 of 134 download URLs

The following 2 files have been seen to comunicate with www.ytddownloader.com in live environments.

URL:
http://www.ytddownloader.com/

Google Analytics:
UA-25210420

Title:
“YTD Video Converter”

Web server:
nginx (PHP/5.5.9-1ubuntu4.14)

Facebook:
Likes:  15,178
Shares:  65,207
Comments:  1,552

Compete.com:
US visitors:  180,797

Statistics are for the previous month.

Remove Malware from www.ytddownloader.com - Powered by Reason Core Security