The domain windowssoftwaresite.com registered by GlobalDnsProvider.com Inc was initially registered in February of 2015 through TLDS, LLC DBA SRSPLUS. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Los Angeles, California within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrant:
GlobalDnsProvider.com Inc
Registrar:
TLDS, LLC DBA SRSPLUS
Server location:
California, United States (US)
Create date:
Thursday, February 19, 2015
Expires date:
Sunday, February 19, 2017
Updated date:
Friday, February 19, 2016
ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc., US
Google Safe Browsing:
unwanted
Scanner detections:
Detections (96% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP (M), Threat.Installer.InstallerTechnologyCo, PUP.ConvertAd (M), PUP.HudsonExchangeGroup.Installer (M), PUP.TrafficSpace.Installer (M), PUP.Dowloader.Installer.Meta (M)
96.30%
Rising Antivirus
NS:PUF.SilenceInstaller!1.9DDF, PE:Trojan.ConvertAd!1.A36E [F]
7.41%
Qihoo 360 Security
HEUR/QVM40.1.Malware.Gen, HEUR/QVM20.1.Malware.Gen
7.41%
Microsoft Security Essentials
Worm:Win32/NeksMiner.A
3.70%
F-Secure
Application:W32/Generic.70053c248f!Online
3.70%
Malwarebytes
PUP.Optional.Bundle
3.70%
VIPRE Antivirus
Threat.4786240
3.70%
Dr.Web
Adware.Downware.12954, Adware.Downware.9973
3.70%
ESET NOD32
Win32/OpenDownloadManager.A potentially unwanted application
3.70%
MicroWorld eScan
Gen:Variant.Graftor.179595
3.70%
Trend Micro House Call
Suspicious_GEN.F47V0220
3.70%
Bitdefender
Gen:Variant.Graftor.179595
3.70%
Lavasoft Ad-Aware
Gen:Variant.Graftor.179595
3.70%
Emsisoft Anti-Malware
Gen:Variant.Graftor.179595
3.70%
F-Secure
Gen:Variant.Graftor.179595
3.70%
The domain windowssoftwaresite.com has been seen to resolve to the following 10 IP addresses.
File downloads found at URLs served by windowssoftwaresite.com.
URL:
http://windowssoftwaresite.com/
SSL certificate subject:
CN=ssl359298.cloudflaressl.com, O="CloudFlare, Inc.", L=San Francisco, S=California, C=US
SSL certificate issuer:
CN=GlobalSign Organization Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE
Web server:
cloudflare-nginx