69.65.15.82

ns1.log1x.com

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 69.65.15.82 is GigeNET and located in Kansas within the United States. The IP Address resolves to the DNS record of ns1.log1x.com. Currently there are 2 domain names that utilize this address. The primary domain hosted by this IP is tune-up.org along with 1 other domains which are known adware distribution web sites. The address and domain is leased to Download Manager.
Scanner detections:
Detections  (62% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ParetoLogic.Optional.Installer.Meta (L), PUP.Installer.DownloadManager.F, PUP.Installer.BootCompute.M, PUP.Installer.BootCompute.Q, PUP.Installer.BootCompute.N, PUP.Installer.ComputeClient.Q, PUP.Installer.ComputeClient.M, PUP.Installer.Fileangels.M, PUP.Installer.SafeDown.R, PUP.Installer.Adknowledge, PUP.Installer.Air Software, PUP.Air Software.DownloadManager.Bundler (M), PUP.Adknowledge.Fileangels.Bundler (M), PUP.Adknowledge.BootCompute.Bundler (M), PUP.Air Software.Download.Bundler (M), PUP.Adknowledge.ComputeC.Bundler (M), PUP.Adknowledge.SafeDown.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.AirAdInstaller, PUP.Optional.iBryte, PUP.Optional.OptimunInstaller, PUP.Optional.AirInstaller
74.19%

K7 AntiVirus
Unwanted-Program , Adware
74.19%

VIPRE Antivirus
Iminent, Threat.4778314, Threat.4798837, Threat.4150696, Threat.4784938
74.19%

Dr.Web
Trojan.SMSSend.4902, Trojan.DownLoader11.30413, Adware.iBryte.478, Trojan.DownLoader11.30512, Trojan.DownLoader11.32275
70.97%

AVG
BundleApp_r.D, Adware AdPlugin.AEH, Adware AdPlugin.ADN, Adware AdPlugin.AEU, Generic, Adware AdPlugin.BKQ, Adware AdPlugin.BSQ
70.97%

K7 Gateway Antivirus
Unwanted-Program
64.52%

avast!
Win32:Malware-gen, Win32:PUP-gen [PUP], Win32:Adware-gen [Adw], Win32:IBryte-GA [PUP], Adware-CEN [PUP]
64.52%

Avira AntiVirus
ADWARE/Adware.Gen, Adware/AgentCV.271736, ADWARE/iBryte.Gen7, Adware/iBryte.bxov, ADWARE/iBryte.Gen4, Adware/iBryte.bxou
64.52%

NANO AntiVirus
Trojan.Win32.IBryte.demlhr, Trojan.Win32.Badur.delyro, Trojan.Win32.Inject.dengxv, Trojan.Win32.Adpeak.cumkpw, Riskware.Win32.IBryte.dgjgwq
61.29%

The following domains resolved to the IP address 69.65.15.82.

File URLs download from 69.65.15.82.

1 / 68      (Adware)

0 / 68

1 / 68      (Adware)

1 / 68      (Adware)
http://downloadd.org/.../avg3.php  (avg-antivirus-free.exe)

0 / 68
http://downloadd.org/.../internetexplorer10.exe  (ie10-windows6.1-x86-en-us.exe)

0 / 68
http://downloadd.org/.../chrome.exe  (33.0.1750.5_chrome_installer.exe)

0 / 68
http://downloadd.org/.../notepad.exe  (npp.6.5.3.installer.exe)

1 / 68      (Adware)

0 / 68
http://downloadd.org/.../flashplayer.exe  (install_flashplayer11x32_mssa_aaa_aih.exe)

0 / 68
http://downloadd.org/.../malwarebytes.exe  (mbam-setup-1.75.0.1300.exe)

0 / 68
http://downloadd.org/.../java.exe  (jre-7u51-windows-i586.exe)

1 / 68      (Adware)

46 / 68    (Adware)

25 / 68    (Adware)

0 / 68
http://downloadd.org/.../leaguelegends.exe  (LeagueofLegends_NA_Installer.exe)

34 / 68    (Adware)
http://downloadd.org/.../ie.php  (internet_explorer.exe)

0 / 68
http://downloadd.org/.../firefox.exe  (firefox setup 26.0.exe)

1 / 68      (Adware)

0 / 68
http://downloadd.org/.../windowsmediaplayer.exe  (download-wmp11-windowsxp-x86-enu.exe)

0 / 68
http://downloadd.org/.../net-framework.exe  (dotNetFx40_Full_setup.exe)

0 / 68
http://downloadd.org/.../adobereader.exe  (install_reader11_uk_chrd_aaa_aih.exe)

0 / 68
http://downloadd.org/.../vlc.exe  (vlc-2.1.2-win32.exe)

0 / 68
http://downloadd.org/.../photoshop.exe  (creativecloudset-up.exe)

0 / 68
http://downloadd.org/.../avg.exe  (avg_free_stb_all_2014_4259_cnet.exe)

31 / 68    (Adware)

0 / 68
http://tune-up.org/b/recommends/.../m.php  (regcureprosetup_rwt.exe)

45 / 68    (Adware)

45 / 68    (Adware)

 
Latest 30 of 92 download URLs

The geographical location of this IP address.

Country:
United States (US)

Region:
Kansas

City:
Kansas City

Coordinates:
39.1142, -94.6275

The ARIN network assigned organization for IP address 69.65.15.82.

Org name:
GigeNET

ARIN WHOIS:
GigeNET IPNAP (NET-69-65-0-0-1) 69.65.0.0 - 69.65.63.255
Ecomdevel, LLC CRTV-69-65-0-0 (NET-69-65-0-0-2) 69.65.0.0 - 69.65.15.255



Remove Malware from 69.65.15.82 - Powered by Reason Core Security