home

performersoft.com

Performersoft LLC

Domain Information

The domain performersoft.com registered by iBario LTD was initially registered in April of 2010 through Moniker Online Services. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Reston, Virginia within the United States which resides on the Tiggee LLC network. The domain is associated with the publisher Performersoft LLC who is located in Beaverton, Oregon in the United States.
Registrar:
Moniker Online Services

Server location:
Virginia, United States (US)

Create date:
Wednesday, April 14, 2010

Expires date:
Friday, April 14, 2017

Updated date:
Sunday, April 3, 2016

ASN:
AS16552 TIGGEE - Tiggee LLC,US

Whois:
5 performersoft.com records

Scanner detections:
Detections  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Zugo.H, PUP.Zugo.M, PUP.Zugo.L, PUP.Installer.PerformerSoft.X
80.00%

ESET NOD32
Win32/Toolbar.Zugo
60.00%

Dr.Web
Adware.Searcher.73, Adware.Zugo.49
60.00%

Norman
Downloader, W32/Downloader
40.00%

Clam AntiVirus
Adware.Searchbar-33
20.00%

nProtect
Abuse-Worry/W32.Searchbar.446864
20.00%

Malwarebytes
PUP.Adware.Agent
20.00%

Comodo Security
UnclassifiedMalware
20.00%

Avira AntiVirus
Adware/Searchbar.a.87
20.00%

ViRobot
Adware.Searchbar.446864
20.00%

Qihoo 360 Security
Win32/Virus.Adware.ea8
20.00%

McAfee
Artemis!43D37C256BE8
20.00%

Trend Micro House Call
TROJ_GEN.F47V1014
20.00%

F-Prot
File is damaged
20.00%

The domain performersoft.com has been seen to resolve to the following 8 IP addresses.

96.45.83.113
systems.tiggee.net
September 2, 2014

96.45.82.193
systems.tiggee.net
September 2, 2014

96.45.82.26
systems.tiggee.net
September 2, 2014

96.45.83.233
systems.tiggee.net
September 2, 2014

96.45.82.197
http-redirection-d1.dnsmadeeasy.com
January 8, 2014

96.45.82.133
http-redirection-c1.dnsmadeeasy.com
January 8, 2014

96.45.82.5
http-redirection-a1.dnsmadeeasy.com
January 8, 2014

96.45.82.69
http-redirection-b1.dnsmadeeasy.com
January 8, 2014

File downloads found at URLs served by performersoft.com.

1 / 68      (Adware)
http://performersoft.com/drivers/.../DriverPerformer_V15.exe  (driverperformer_v15i.exe)

10 / 68    (Adware)
http://performersoft.com/.../driverperformer_Zsetup.exe  (canondrivers.exe)

1 / 68      (inconclusive)
http://performersoft.com/.../DriverPerformerSetup2.exe  (bbd656fa45ca147232a0004a6e1589b6)

6 / 68      (Adware)
http://performersoft.com/.../pcperformer.exe  (43d37c256be8f2fca2d8e9140d1f7d5d)

4 / 68      (Adware)
http://performersoft.com/drivers/.../Drivers.exe  (824a5f98d60619774973b9762a5aec9d)

The following 12 files have been seen to comunicate with performersoft.com in live environments.

TCP » 96.45.82.193:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.83.233:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.26:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.83.113:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.26:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.26:80
browser.exe (Browser)

TCP » 96.45.83.113:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.193:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 96.45.83.233:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.193:80
browser.exe (Browser)

TCP » 96.45.83.233:80
browser.exe (Browser)

TCP » 96.45.83.113:80
UCBrowser.exe (by UCWeb)

TCP » 96.45.82.26:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.83.113:80
browser.exe (Browser)

TCP » 96.45.82.26:80
UCBrowser.exe (by UCWeb)

TCP » 96.45.83.113:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.193:80
UCBrowser.exe (by UCWeb)

TCP » 96.45.82.193:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 96.45.82.26:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 96.45.83.233:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 29 files

October 13, 2015
cdn.performersoft.com

July 16, 2015
download.performersoft.com

January 17, 2014
www.performersoft.com

URL:
http://performersoft.com/

Google Analytics:
UA-42277600

Title:
“PerformerSoft”

Web server:
nginx (PHP/5.4.17)

Facebook:
Likes:  12,929
Shares:  45
Comments:  8

Statistics above are for the previous month of March 2024.

ibbalance.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.