home

erasesoftware.com

Name Management Group

Domain Information

The domain erasesoftware.com registered by Name Management Group was initially registered in November of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the ColoCrossing network.
Registrar:
GODADDY.COM, LLC

Server location:
New York, United States (US)

Create date:
Monday, November 24, 2014

Expires date:
Thursday, November 24, 2016

Updated date:
Thursday, January 14, 2016

ASN:
AS36352 AS-COLOCROSSING - ColoCrossing,US

Whois:
2 erasesoftware.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Dr.Web
Trojan.Crossrider1.1621, riskware program Program.Unwanted.493
100.00%

Reason Heuristics
PUP.Optional.Reimage, PUP.Optional.Installer, PUP.Reimage (L)
100.00%

McAfee
Artemis!0729B968E846, Artemis!9B8D97161AE5, Artemis!72CB31555DA5
100.00%

Fortinet FortiGate
Riskware/ReImageRepair
100.00%

Baidu Antivirus
PUA.Win32.VMDetect, PUA.Win32.ReImageRepair
100.00%

Agnitum Outpost
Riskware.Agent
75.00%

ESET NOD32
Win32/ReImageRepair.E potentially unwanted (variant), Win32/ReImageRepair.F potentially unwanted
75.00%

Trend Micro House Call
Suspicious_GEN.F47V1116, Suspicious_GEN.F47V0429, Suspicious_GEN.F47V0520
75.00%

Zillya! Antivirus
Downloader.Agent.Win32.227126, Downloader.Agent.Win32.241821
50.00%

G Data
Win32.Application.ReImageRepair
25.00%

avast!
Win32:Rootkit-gen [Rtk]
25.00%

AhnLab V3 Security
Trojan/Win32.FakeAV
25.00%

herdProtect (fuzzy)
a variant of 3d37449f32d1a44822a2eb9df54648f27564eb7d
25.00%

AVG
Adware Skodna.Generic
25.00%

Bkav FE
W32.HfsAdware
25.00%

The domain erasesoftware.com has been seen to resolve to the following 2 IP addresses.

172.99.89.194
February 22, 2016

192.3.96.217
server.wikierrors.org
May 5, 2015

File downloads found at URLs served by erasesoftware.com.

7 / 68      (PUP)
http://erasesoftware.com/.../download  (reimagerepair.exe)

10 / 68    (PUP)
http://erasesoftware.com/.../download  (reimagerepair.exe)

12 / 68    (PUP)
http://erasesoftware.com/.../download  (ReimageRepair.exe)

11 / 68    (PUP)
http://erasesoftware.com/.../download  (reimagerepair.exe)

The following 40 files have been seen to comunicate with erasesoftware.com in live environments.

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

TCP » 172.99.89.194:443
droppad.crx

 
Latest 20 of 40 files

URL:
http://erasesoftware.com/

Title:
“erasesoftware.com”

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.