home

www.registrywinner.com

WHOIS PRIVACY PROTECTION SERVICE, INC.  (Proxy Registrant)

Domain Information

The domain www.registrywinner.com is registered by proxy through ENOM, INC. and was originally registered in September of 2008. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the ThePlanet.com Internet Services, Inc. network.
Registrar:
ENOM, INC.

Server location:
Texas, United States (US)

Create date:
Friday, September 19, 2008

Expires date:
Monday, September 19, 2016

Updated date:
Wednesday, December 9, 2015

ASN:
AS21844 THEPLANET-AS - ThePlanet.com Internet Services, Inc.,US

Root domain:
registrywinner.com

Whois:
3 registrywinner.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.U, PUP.Optional.ALIKETSO.Installer
100.00%

Trend Micro House Call
TROJ_GEN.F47V0312, Suspicious_GEN.F47V0613, Suspicious_GEN.F47V0515
75.00%

ESET NOD32
Detection.Undefined, Win32/Adware.RegistryVictor.A application
75.00%

Comodo Security
ApplicUnwnt
50.00%

ESET NOD32
Win32/Adware.RegistryVictor (variant)
50.00%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
50.00%

Bkav FE
W32.HfsAdware
50.00%

Baidu Antivirus
Adware.Win32.RegistryVictor
50.00%

Fortinet FortiGate
Riskware/RegistryVictor
50.00%

AVG
Generic6
50.00%

McAfee
Artemis!372C5FEB4595
25.00%

Agnitum Outpost
PUA.RegistryVictor
25.00%

Dr.Web
riskware program Program.Unwanted.948
25.00%

Zillya! Antivirus
Worm.VBNA.Win32.257144
25.00%

The domain www.registrywinner.com has been seen to resolve to the following IP address.

67.19.87.34
agence.theplanet.host
June 5, 2014

File downloads found at URLs served by www.registrywinner.com.

9 / 68      (PUP)
http://www.registrywinner.com/RegistryWinner_Setup.exe  (7ee342b1da99a9ee94ffd155aaf86119)

10 / 68    (PUP)
http://www.registrywinner.com/RegistryWinner_Setup.exe  (registry.winner.6.9.11.6_soft98.ir.exe)

5 / 68      (PUP)
http://www.registrywinner.com/RegistryWinner_Setup.exe  (372c5feb45956a38b6f34cda7bd1790f)

4 / 68      (PUP)
http://www.registrywinner.com/RegistryWinner_Setup.exe  (acc3e44670ab8f6ba4fcb7fa03b877ae)

The following file have been seen to comunicate with www.registrywinner.com in live environments.

TCP » 67.19.87.34:80
RegistryWinner.exe (Registry Winner by RegistryWinner.com)

URL:
http://www.registrywinner.com/

Title:
“Registry Winner™ - Download Registry Cleaner for Windows 7, Vista, XP, 2000”

Description:
“Registry Winner is an advanced multi-language registry cleaner in pc diagnosis and repair. It can do a complete scan of the pc errors such as system slowdown, freezing, crashing and deadlock. Safely optimize the speed of the system and set your P...”

Web server:
Microsoft-IIS/6.0 (ASP.NET,PHP/5.2.6)

Facebook:
Likes:  17
Shares:  98
Comments:  2

Statistics are for the previous month.

privacywinner.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.