69.65.38.112

shaynesherman.com

IP Address Information

The Internet Service Provider (ISP) that owns the network address of 69.65.38.112 is GigeNET and located in Illinois within the United States. The IP Address resolves to the DNS record of shaynesherman.com. Currently there are 23 domain names that utilize this address. The primary domain hosted by this IP is tune-up.org along with 22 other domains which are known adware distribution web sites.
Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ParetoLogic.Optional.Installer.Meta (L), PUP.OpenCandy.Installer (L), PUP.Installer.BootCompute.M, PUP.Installer.SafeDown.R, PUP.Adknowledge.Fileange.Bundler (M), PUP.Adknowledge.SafeDown.Bundler (M), PUP.Adknowledge.ComputeC.Bundler (M), PUP.Adknowledge.Fileprot.Bundler (M), PUP.Air Software.Download.Bundler (M), PUP.Adknowledge.FileMona.Bundler (M), PUP.Adknowledge.Seekinst.Bundler (M), PUP.Air Software (M)
97.50%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4778314
7.50%

K7 AntiVirus
Riskware , Unwanted-Program
7.50%

Antiy Labs AVL
Virus/Win32.Slugin, Trojan[Downloader]/Win32.Genome.laxm
5.00%

Fortinet FortiGate
W32/AdkDLLWrapper.A, W32/Badur.AY!tr
5.00%

ESET NOD32
Win32/OpenCandy, Win32/AdWare.iBryte.BG (variant)
5.00%

Dr.Web
Trojan.DownLoader11.30413, Trojan.DownLoader11.40661
5.00%

AVG
Adware AdPlugin.AEH, Adware AdPlugin.BSQ
5.00%

Malwarebytes
PUP.Optional.iBryte, PUP.Optional.OptimunInstaller
5.00%

K7 Gateway Antivirus
Unwanted-Program
5.00%

The following domains resolved to the IP address 69.65.38.112.

File URLs download from 69.65.38.112.

1 / 68      (Adware)
http://downloadd.org/.../ie.php  (internet_explorer.exe)

1 / 68      (Adware)

2 / 68      (PUP)
http://downloadd.org/.../anyvideoconverter.exe  (avc-free_free webm encoder 將影片轉檔成webm格式,支援avi、mp4、flv、wmv、mov.exe)

1 / 68      (Adware)
http://downloadd.org/.../net-framework.php  (netframework_setup.exe)

1 / 68      (Adware)

6 / 68      (false positives)
http://downloadd.org/.../utorrent.exe  (22152430f5c578d1a62f102c556c0c01)

1 / 68      (Adware)
http://downloadd.org/.../avg.php  (avg-antivirus-free.exe)

1 / 68      (Adware)

0 / 68
http://downloadd.org/.../shockwave.exe  (shockwave_installer_full.exe)

1 / 68      (Adware)

1 / 68      (Adware)

0 / 68

0 / 68
http://downloadd.org/.../adaware.exe  (adaware_installer.exe)

1 / 68      (PUP)

1 / 68      (PUP)

32 / 68    (Adware)

1 / 68      (PUP)

0 / 68

15 / 68    (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://removal-tool.net/recommends/.../m.php  (regcureprosetup_bing.exe)

2 / 68      (PUP)
http://file-help.net/recommends/.../m.php  (RegCureProSetup_RW.exe)

1 / 68      (PUP)

The following 2 files have been seen to comunicate with this IP address in live environments.

The geographical location of this IP address.

Country:
United States (US)

Region:
Illinois

City:
Arlington Heights

Coordinates:
42.0884, -87.9806

The ARIN network assigned organization for IP address 69.65.38.112.

Org name:
GigeNET

Org identifier:
DMPL

Org country:
United States (US)

Org region:
Illinois

Org city:
Arlington Heights

Org address:
545 E Algonquin Rd

Org website:
www.gigenet.com

ARIN WHOIS:
NetRange: 69.65.0.0 - 69.65.63.255
CIDR: 69.65.0.0/18
OriginAS: AS32181
NetName: IPNAP
NetHandle: NET-69-65-0-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
Comment: www.gigenet.com
RegDate: 2003-07-30
Updated: 2013-05-09
Ref: http://whois.arin.net/rest/net/NET-69-65-0-0-1

OrgName: GigeNET
OrgId: DMPL
Address: 545 E Algonquin Rd
Address: Suite D
City: Arlington Heights
StateProv: IL
PostalCode: 60005
Country: US
RegDate: 2011-03-04
Updated: 2011-06-23
Comment: http://www.gigenet.com
Ref: http://whois.arin.net/rest/org/DMPL

ReferralServer: rwhois://rwhois.servernap.net:4321

OrgNOCHandle: IPADM152-ARIN
OrgNOCName: IP Administrator
OrgNOCPhone: +1-800-561-2656
OrgNOCEmail: ip-admin@coloquest.com
OrgNOCRef: http://whois.arin.net/rest/poc/IPADM152-ARIN

OrgAbuseHandle: ABUSE2935-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-800-561-2656
OrgAbuseEmail: abuse@gigenet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE2935-ARIN

OrgTechHandle: IPADM152-ARIN
OrgTechName: IP Administrator
OrgTechPhone: +1-800-561-2656
OrgTechEmail: ip-admin@coloquest.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM152-ARIN


Autonomous System Assignment
ASNumber:
32181

ASName:
ASN-GIGENET - GigeNET

ASHandle:
AS32181

Remove Malware from 69.65.38.112 - Powered by Reason Core Security