www.pdfebooksx.com

ZHANG XIAO

Domain Information

The domain www.pdfebooksx.com registered by ZHANG XIAO was initially registered in August of 2013 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Remove Malware from www.pdfebooksx.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Arizona, United States (US)

Create date:
Friday, August 30, 2013

Expires date:
Sunday, August 30, 2015

Updated date:
Monday, September 15, 2014

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ArturKozak.AA, PUP.Optional.Installer.p, Adware.WebPick.Installer.r, Adware.WebPick.Installer.b, Adware.WebPick.Installer.M, Adware.WebPick.Installer.R, Adware.WebPick.Installer.y, Adware.WebPick.Installer.FF, Adware.WebPick.Installer.s, Adware.WebPick.Installer.f, Adware.WebPick.Installer.AA
86.67%

NANO AntiVirus
Riskware.Win32.Downware.csjrwt, Trojan.Win32.AntiFW.cvgqot, Riskware.Win32.Downware.crcxkc, Riskware.Win32.InfoLeak.cvgqot
66.67%

Comodo Security
Application.Win32.InstalleRex.KG, Application.Win32.MultiPlug.PNU
66.67%

Avira AntiVirus
Adware/InstallRex.S, TR/Kazy.324119.11, TR/AntiFW.b.86, Adware/Adload.ger, Adware/Bloggo.A, TR/Crypt.XPACK.Gen5, TR/Kazy.324119.2
66.67%

G Data
Win32.Application.InstalleRex, Trojan.Generic.11424417, Trojan.Generic.11228699, Gen:Variant.Adware.MPlug.10, Gen:Variant.Strictor.65565
66.67%

Malwarebytes
PUP.Optional.InstalleRex, PUP.Optional.Installrex, PUP.Optional.Tarma, PUP.Optional.Installex
53.33%

K7 Gateway Antivirus
Unwanted-Program , Trojan
53.33%

avast!
Win32:InstalleRex-AH [PUP], Win32:InstalleRex-BI [PUP]
53.33%

Kaspersky
not-a-virus:Downloader.Win32.AdLoad, Trojan.Win32.AntiFW
53.33%

Dr.Web
Trojan.WebPick.4, Trojan.WebPick.29, Adware.Downware.1719, Adware.Downware.1541
53.33%

VIPRE Antivirus
Trojan.Win32.Generic, Installerex/WebPick, Threat.4753027, Threat.4150696
53.33%

Sophos
InstallRex
53.33%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.AntiFW.b.(kcloud), Win32.Troj.DownAdLoad.f.(kcloud), Win32.Troj.DownAdLoad.g.(kcloud)
53.33%

Vba32 AntiVirus
Downware.TSU, Downloader.AdLoad
53.33%

Rising Antivirus
PE:PUF.InstallRex!1.9E4C, PE:Malware.Adload!6.1085, PE:Trojan.AntiFW!6.17D6, PE:Malware.Adload!6.13C0, PE:Trojan.AntiFW!6.15B9
53.33%

The domain www.pdfebooksx.com has been seen to resolve to the following 6 IP addresses.

October 9, 2014

October 9, 2014

July 23, 2014

July 23, 2014

(CloudFlare)
January 18, 2014

(CloudFlare)
January 18, 2014

File downloads found at URLs served by www.pdfebooksx.com.

12 / 68    (PUP)

33 / 68    (Adware)

36 / 68    (Adware)

33 / 68    (Adware)

34 / 68    (Adware)

29 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

URL:
http://www.pdfebooksx.com/

Title:
“Free Books Download - FREE”

Description:
“Free Books - Free Books Online, All books will shipped from Amazon, The #1 Free Online Books Site that You can Get Free Books”

Web server:
cloudflare-nginx (PHP/5.3.28)

Facebook:
Shares:  3
Comments:  1

Statistics are for the previous month.

Remove Malware from www.pdfebooksx.com - Powered by Reason Core Security