69.65.38.112

shaynesherman.com

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 69.65.38.112 is GigeNET and located in Illinois within the United States. The IP Address resolves to the DNS record of shaynesherman.com. Currently there are 23 domain names that utilize this address. The primary domain hosted by this IP is tune-up.org along with 22 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (84% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ParetoLogic.Optional.Installer.Meta (L), PUP.Optional.Installer.SpeedyPCSoftware.W, PUP.Installer.BootCompute.M, PUP.Installer.BootCompute.N, PUP.Installer.ComputeClient.Q, PUP.Installer.Fileangels.M, PUP.Air Software.DownloadManager.Bundler (M), PUP.Adknowledge.Fileange.Bundler (M)
100.00%

Dr.Web
Trojan.DownLoader11.30413, Trojan.DownLoader11.30512, Adware.iBryte.486, Trojan.SMSSend.4684, riskware program Program.Unwanted.686
18.52%

VIPRE Antivirus
Threat.4778314, Threat.4798837, Threat.4784938
18.52%

AVG
Adware AdPlugin.AEH, Adware AdPlugin.AEU, Generic, Adware AdPlugin.BKQ, Paretologic Inc.
18.52%

Malwarebytes
PUP.Optional.iBryte, PUP.Optional.OptimunInstaller, PUP.Optional.AirInstaller
18.52%

K7 Gateway Antivirus
Unwanted-Program
18.52%

K7 AntiVirus
Unwanted-Program
18.52%

NANO AntiVirus
Trojan.Win32.IBryte.demlhr, Trojan.Win32.Inject.dengxv, Riskware.Win32.IBryte.desauy, Riskware.Win32.AirAdInstaller.cwbxxj
14.81%

G Data
Win32.Adware.Ibryte, Win32.Adware.IBryte
14.81%

ESET NOD32
Win32/AdWare.iBryte.BG (variant), Win32/AdWare.iBryte.BK (variant)
14.81%

The following domains resolved to the IP address 69.65.38.112.

File URLs download from 69.65.38.112.

0 / 68
http://dwnload.org/.../windowsmediaplayer.exe  (download-wmp11-windowsxp-x86-enu.exe)

0 / 68

1 / 68      (PUP)
http://uninstaller.co/b/recommends/.../m.php  (regcureprosetup_b6e6c24d-1d10-4842-948b-1cf7ed815096_.exe)

1 / 68      (PUP)
http://virus-help.net/recommends/.../m.php  (regcureprosetup_f4d2af76-1288-49d7-8c1c-750ea2f7035f_.exe)

1 / 68      (PUP)

1 / 68      (PUP)
http://file-help.net/recommends/.../m.php  (regcureprosetup_154cf9a5-1190-4170-8ebc-078a0e41e697_.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://malware-scan.org/recommends/.../m.php  (regcureprosetup_f4d2af76-1288-49d7-8c1c-750ea2f7035f_.exe)

1 / 68      (Adware)

2 / 68      (PUP)
http://virus-help.net/recommends/.../m.php  (SpeedyPC Pro Installer.exe)

0 / 68
http://downloadd.org/.../malwarebytes.exe  (mbam-setup-1.75.0.1300.exe)

1 / 68      (PUP)

1 / 68      (PUP)
http://error-tool.net/a/.../index.php  (regcureprosetup_154cf9a5-1190-4170-8ebc-078a0e41e697_.exe)

0 / 68

2 / 68      (PUP)

0 / 68
http://downloadd.org/.../avg.exe  (avg_free_stb_all_2014_4259_cnet.exe)

3 / 68      (PUP)
http://tune-up.org/b/recommends/.../m.php  (regcureprosetup_edcdfb75-9201-4924-b750-0fd0009942d1_.exe)

1 / 68      (PUP)
http://error-tool.net/a/.../  (regcureprosetup.exe)

13 / 68    (Adware)

2 / 68      (PUP)

19 / 68    (Adware)

15 / 68    (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)

The following 2 files have been seen to comunicate with this IP address in live environments.

The geographical location of this IP address.

Country:
United States (US)

Region:
Illinois

City:
Arlington Heights

Coordinates:
42.0884, -87.9806

The ARIN network assigned organization for IP address 69.65.38.112.

Org name:
GigeNET

Org identifier:
DMPL

Org country:
United States (US)

Org region:
Illinois

Org city:
Arlington Heights

Org address:
545 E Algonquin Rd

Org website:
www.gigenet.com

ARIN WHOIS:
NetRange: 69.65.0.0 - 69.65.63.255
CIDR: 69.65.0.0/18
OriginAS: AS32181
NetName: IPNAP
NetHandle: NET-69-65-0-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
Comment: www.gigenet.com
RegDate: 2003-07-30
Updated: 2013-05-09
Ref: http://whois.arin.net/rest/net/NET-69-65-0-0-1

OrgName: GigeNET
OrgId: DMPL
Address: 545 E Algonquin Rd
Address: Suite D
City: Arlington Heights
StateProv: IL
PostalCode: 60005
Country: US
RegDate: 2011-03-04
Updated: 2011-06-23
Comment: http://www.gigenet.com
Ref: http://whois.arin.net/rest/org/DMPL

ReferralServer: rwhois://rwhois.servernap.net:4321

OrgNOCHandle: IPADM152-ARIN
OrgNOCName: IP Administrator
OrgNOCPhone: +1-800-561-2656
OrgNOCEmail: ip-admin@coloquest.com
OrgNOCRef: http://whois.arin.net/rest/poc/IPADM152-ARIN

OrgAbuseHandle: ABUSE2935-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-800-561-2656
OrgAbuseEmail: abuse@gigenet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE2935-ARIN

OrgTechHandle: IPADM152-ARIN
OrgTechName: IP Administrator
OrgTechPhone: +1-800-561-2656
OrgTechEmail: ip-admin@coloquest.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM152-ARIN


Autonomous System Assignment
ASNumber:
32181

ASName:
ASN-GIGENET - GigeNET

ASHandle:
AS32181

Remove Malware from 69.65.38.112 - Powered by Reason Core Security