app.prntscr.com

Skillbrains

Domain Information

The domain app.prntscr.com registered by Skillbrains was initially registered in January of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in West McLean, Virginia within the United States which resides on the Latin American and Caribbean IP address Regional Registry network.
Remove Malware from app.prntscr.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Thursday, January 07, 2010

Expires date:
Monday, January 07, 2019

Updated date:
Friday, January 08, 2016

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

Scanner detections:
Detections  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.OOOKango.L, PUP.Installer.OOOKango.P, PUP.Installer.OOOKango.V, PUP.Installer.OOOKango.U, PUP.Installer.OOOKango.W
91.67%

Dr.Web
Adware.Plugin.111, Win32.HLLP.Neshta, Win32.Parite.2, Win32.Sector.30
19.44%

Clam AntiVirus
Win.Adware.Agent-7758, W32.Neshuta.A, Heuristics.W32.Parite.B
8.33%

Bkav FE
W32.NeshtaB.PE, W32.Pinfi.B, W32.Sality.PE
8.33%

MicroWorld eScan
Win32.Neshta.A, Win32.Parite.B, Win32.Sality.3
8.33%

nProtect
Virus/W32.Neshta, Virus/W32.Parite.C, Virus/W32.Sality.D
8.33%

Quick Heal
W32.Neshta.C8, W32.Perite.A, W32.Sality.U
8.33%

The Hacker
W32/Netshta.gen, W32/Pate.B, W32/Sality.gen
8.33%

K7 Gateway Antivirus
Virus
8.33%

K7 AntiVirus
Virus
8.33%

Agnitum Outpost
Win32.Neshta.A, Win32.Parite.B, Win32.Sality.BK
8.33%

F-Prot
W32/HLLP.41472, W32/Parite.B, W32/Sality.gen2
8.33%

Norman
Neshta.C, Win32.Parite.B, Win32.Sality.3
8.33%

Total Defense
Win32/Neshta.A, Win32/Pinfi.A, Win32/Sality.AA
8.33%

Trend Micro House Call
PE_NESHTA.A, PE_PARITE.A, PE_SALITY.RL
8.33%

The domain app.prntscr.com has been seen to resolve to the following 9 IP addresses.

October 15, 2015

October 15, 2015

cf-190-93-254-122.cloudflare.com
November 17, 2014

cf-190-93-255-122.cloudflare.com
November 17, 2014

December 27, 2013

December 27, 2013

December 27, 2013

December 27, 2013

December 27, 2013

File downloads found at URLs served by app.prntscr.com.

1 / 68      (inconclusive)
http://app.prntscr.com/.../setup-lightshot.exe  (0f49e394f4badc550b89bb2496e09a98)

1 / 68      (PUP)

1 / 68      (PUP)
http://app.prntscr.com/build/.../setup-lightshot.exe  (ea9a13bcd0a553e280dd69b4b4630f4e)

URL:
http://app.prntscr.com/

Google Analytics:
UA-34258828

Title:
“Lightshot — screenshot tool for Mac & Win”

SSL certificate subject:
CN=ssl276658.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Likes:  217
Shares:  5,201
Comments:  619

Statistics are for the previous month.

Remove Malware from app.prntscr.com - Powered by Reason Core Security