home

www.wkwindowsflash.com

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain www.wkwindowsflash.com is registered by proxy through NAME.COM, INC. and was originally registered in October of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Airmont, New York within the United States which resides on the Google Inc. network.
Registrar:
NAME.COM, INC.

Server location:
New York, United States (US)

Create date:
Thursday, October 16, 2014

Expires date:
Friday, October 16, 2015

Updated date:
Thursday, October 16, 2014

ASN:
AS15169 GOOGLE - Google Inc.,US

Root domain:
wkwindowsflash.com

Whois:
1 wkwindowsflash.com record

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Installer.PluginUpdateSL.F, PUP.Softpulse.PluginUpdate.Bundler (M), PUP.Softpulse.PluginUp.Bundler (M)
100.00%

Dr.Web
Trojan.DownLoader11.36367, Adware.SoftPules.3, Trojan.DownLoader11.36367
27.27%

avast!
Win32:GenMalicious-ADB [PUP], Win32:SoftPulse-AM [PUP]
27.27%

MicroWorld eScan
Gen:Variant.Application.Bundler.20, Gen:Variant.Application.Bundler.SoftPulse.2
27.27%

McAfee
Softpulse.a, Artemis!9DE8EC494A6C, SoftPulse.a, Program.SoftPulse.a
27.27%

Malwarebytes
PUP.Optional.DomaIQ
27.27%

K7 AntiVirus
Unwanted-Program
27.27%

Norman
Kryptik.CDHN, Gen:Variant.Application.Bundler.20
27.27%

Bitdefender
Gen:Variant.Application.Bundler.20, Gen:Variant.Application.Bundler.SoftPulse.2
27.27%

Sophos
SoftPulse, Smart Secure Software, PUA 'SoftPulse' (of type Adware)
27.27%

Avira AntiVirus
APPL/Bundler.20, APPL/Softpulse.aone
27.27%

G Data
Gen:Variant.Application.Bundler.20, Gen:Variant.Application.Bundler.SoftPulse
27.27%

AhnLab V3 Security
PUP/Win32.SoftPulse, Win-PUP/DomaIQ.Gen
27.27%

AVG
Generic
27.27%

VIPRE Antivirus
Threat.4150696, DomaIQ
27.27%

The domain www.wkwindowsflash.com has been seen to resolve to the following 13 IP addresses.

74.125.21.103
yv-in-f103.1e100.net
May 3, 2015

74.125.21.99
yv-in-f99.1e100.net
May 3, 2015

74.125.21.104
yv-in-f104.1e100.net
May 3, 2015

74.125.21.106
yv-in-f106.1e100.net
May 3, 2015

74.125.21.105
yv-in-f105.1e100.net
May 3, 2015

74.125.21.147
yv-in-f147.1e100.net
May 3, 2015

74.125.228.242
iad23s24-in-f18.1e100.net
October 24, 2014

74.125.228.241
iad23s24-in-f17.1e100.net
October 24, 2014

74.125.228.240
iad23s24-in-f16.1e100.net
October 24, 2014

74.125.228.244
iad23s24-in-f20.1e100.net
October 24, 2014

74.125.228.243
iad23s24-in-f19.1e100.net
October 24, 2014

104.28.7.38
October 20, 2014

104.28.6.38
October 20, 2014

File downloads found at URLs served by www.wkwindowsflash.com.

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=261&dv1=ad255-gb&kw1=ad255-gb-xx&uuid=86031311-239f-4fe2-6c61-31185fc74c49&dv3=86031311-239f-4fe2-6c61-31185fc74c49  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=161&dv1=ad155-gb&kw1=ad155-gb-xx&uuid=38e62c0a-635c-4059-531c-db908792c3ad&dv3=38e62c0a-635c-4059-531c-db908792c3ad  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=161&dv1=ad155-gb&kw1=ad155-gb-xx&uuid=513abab9-018e-49d0-4e1d-30362c4bfa49&dv3=513abab9-018e-49d0-4e1d-30362c4bfa49  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=261&dv1=ad255-gb&kw1=ad255-gb-xx&uuid=ac86a270-afcc-4772-78d3-b1a6dffd361a&dv3=ac86a270-afcc-4772-78d3-b1a6dffd361a  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=160&dv1=ad154-gb&kw1=ad154-gb-xx&uuid=4202d844-7ec4-4091-7f78-28234c5ba375&dv3=4202d844-7ec4-4091-7f78-28234c5ba375  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=261&dv1=ad255-gb&kw1=ad255-gb-xx&uuid=c43b11bf-7ec3-4da0-4481-a7306c9b8c78&dv3=c43b11bf-7ec3-4da0-4481-a7306c9b8c78  (setup.exe)

0 / 68
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=4ba4b030-8d50-4143-67c8-4922711b02a9&dv3=4ba4b030-8d50-4143-67c8-4922711b02a9  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=161&dv1=ad155-gb&kw1=ad155-gb-xx&uuid=8c7938d8-dd85-4170-64f2-4fe4f2314744&dv3=8c7938d8-dd85-4170-64f2-4fe4f2314744  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=a06cc553-b2cd-47ab-71c8-8dbdefb0db46&dv3=a06cc553-b2cd-47ab-71c8-8dbdefb0db46  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=261&dv1=ad255-gb&kw1=ad255-gb-xx&uuid=1fa19ae5-3d75-4d8f-5bec-36f3ded3c610&dv3=1fa19ae5-3d75-4d8f-5bec-36f3ded3c610  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=160&dv1=ad154-gb&kw1=ad154-gb-xx&uuid=6e41f024-5e41-4e0a-7919-57db8396514f&dv3=6e41f024-5e41-4e0a-7919-57db8396514f  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=161&dv1=ad155-gb&kw1=ad155-gb-xx&uuid=739425a0-7554-47d0-707c-bdbc9bd0d430&dv3=739425a0-7554-47d0-707c-bdbc9bd0d430  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=160&dv1=ad154-gb&kw1=ad154-gb-xx&uuid=e6e833fc-13bf-41a4-7055-3fa98baa0c05&dv3=e6e833fc-13bf-41a4-7055-3fa98baa0c05  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=161&dv1=ad155-gb&kw1=ad155-gb-xx&uuid=f2f94f9f-c318-4ca0-6fa8-8259cc1d6215&dv3=f2f94f9f-c318-4ca0-6fa8-8259cc1d6215  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=214&dv1=ad208-gb&kw1=ad208-gb-xx&uuid=d7b7ce74-134e-4b62-4ddd-5ad1cfbed4bd&dv3=d7b7ce74-134e-4b62-4ddd-5ad1cfbed4bd  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=261&dv1=ad255-gb&kw1=ad255-gb-xx&uuid=d483fbf0-59af-4919-7b56-37a069b19d3b&dv3=d483fbf0-59af-4919-7b56-37a069b19d3b  (setup.exe)

1 / 68      (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=158&dv1=ad152-gb&kw1=ad152-gb-xx&uuid=f496b452-0bb5-4938-67dd-a453b397e8be&dv3=f496b452-0bb5-4938-67dd-a453b397e8be  (setup.exe)

0 / 68
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=c3eaa1ab-4cc1-4ddf-5cc9-9985a42ea32f&dv3=c3eaa1ab-4cc1-4ddf-5cc9-9985a42ea32f  (setup.exe)

31 / 68    (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=99489bac-5197-41b5-42cb-334ed84a4469&dv3=99489bac-5197-41b5-42cb-334ed84a4469  (setup.exe)

31 / 68    (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=73d36cd4-eb93-45a1-79f6-ec588291ddc3&dv3=73d36cd4-eb93-45a1-79f6-ec588291ddc3  (setup.exe)

32 / 68    (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=a497c2b8-8de8-4618-69d1-c2013bd4d490&dv3=a497c2b8-8de8-4618-69d1-c2013bd4d490  (setup.exe)

31 / 68    (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=c7aa64f0-917d-4be9-4631-1477ce15291f&dv3=c7aa64f0-917d-4be9-4631-1477ce15291f  (setup.exe)

25 / 68    (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=284&dv1=ad278-gb&kw1=ad278-gb-xx&uuid=35d7b42b-5834-462e-566a-59a2c7efe000&dv3=35d7b42b-5834-462e-566a-59a2c7efe000  (setup.exe)

20 / 68    (Adware)
http://www.wkwindowsflash.com/down/flash/.../down.php?sid=161&dv1=ad155-gb&kw1=ad155-gb-xx&uuid=9ed1a719-3a73-46c5-40a9-fd802e62c4c0&dv3=9ed1a719-3a73-46c5-40a9-fd802e62c4c0  (setup.exe)

The following 32 files have been seen to comunicate with www.wkwindowsflash.com in live environments.

TCP » 74.125.21.106:80
avwebgrd.exe (Avira Professional Security by Avira Operations GmbH & Co. KG)

TCP » 74.125.21.106:443
UCBrowser.exe (by UCWeb)

TCP » 74.125.21.103:80
panda_url_filtering.exe (Anti-phishing Domain Advisor (Powered by Panda Security) by Visicom Media)

TCP » 74.125.21.103:443
beaglebrowser.exe (BeagleBrowser by The BeagleBrowser Authors)

TCP » 74.125.21.104:80
Toaster.exe (Dell Backup And Recovery by SoftThinks - Dell)

TCP » 74.125.21.104:443
WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

TCP » 74.125.21.104:80
axqqaovu.exe (StproW)

TCP » 74.125.21.104:443
whatsapptime.exe

TCP » 74.125.21.104:80
gupd.exe

TCP » 74.125.21.104:443
ServiceHostApp.exe (Service Host App by Pokki)

TCP » 74.125.21.104:443
beaglebrowser.exe (BeagleBrowser by The BeagleBrowser Authors)

TCP » 74.125.21.105:443
googledesktop.exe (Google Desktop by Google)

TCP » 74.125.21.105:443
ContentFinder.exe (ContentFinder by ContentFinder Company)

TCP » 74.125.21.105:80
aug14_pcspeedboost-setup.tmp

TCP » 74.125.21.105:443
crossbrowse.exe (Crossbrowse)

TCP » 74.125.21.105:443
beaglebrowser.exe (BeagleBrowser by The BeagleBrowser Authors)

TCP » 74.125.21.106:80
SolutoService.exe (Soluto)

TCP » 74.125.21.106:443
htcnat.exe (htcnat Application)

TCP » 74.125.21.106:80
Client.exe

TCP » 74.125.21.106:80
PastaLeadsService.exe (PastaLeadsService)

 
Latest 20 of 37 files

URL:
http://www.wkwindowsflash.com/

Title:
“Google”

Description:
“Search the world's information, including webpages, images, videos and more. Google has many special features to help you find exactly what you're looking for.”

Web server:
gws

hackerbot.net

iconempire.com

google.com

googlecode.com

pcflvdownload.com

applefutures.com

blogger.com

google-analytics.com

googleapis.com

googlegroups.com

googlevideo.com

softwinupdate.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.