www.guideforeign.com

Jaysolutions

Domain Information

The domain www.guideforeign.com registered by Jaysolutions was initially registered in December of 2014 through NAME.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kirkland, Washington within the United States which resides on the eNom, Incorporated network.
Registrar:
NAME.COM, INC.

Server location:
Washington, United States (US)

Create date:
Friday, December 19, 2014

Expires date:
Monday, December 19, 2016

Updated date:
Saturday, January 30, 2016

ASN:
AS21740 ENOMAS1 - eNom, Incorporated,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Zillya! Antivirus
Adware.SoftPulse.Win32.14, Adware.SoftPulse.Win32.59, Adware.SoftPulse.Win32.88, Adware.Agent.Win32.28165, Adware.SoftPulse.Win32.22
100.00%

Reason Heuristics
PUP.Installer.PluginUpdateSL.F, PUP.Installer.Softpulse, PUP.Installer.VideoPluginsoftware, PUP.Softpulse.PluginUpdate.Bundler (M)
100.00%

AVG
Found Win32/DH{gRIxfX5QgQd5VE8VUYEVgQkcU4ETQYEP}, Generic, PSW.Agent, Win.Threat.High
100.00%

Dr.Web
Adware.SoftPules.3, Trojan.Domaiq.28, Trojan.Domaiq.107, Adware.SoftPules.3, Trojan.DownLoader11.54695, Adware.SoftPules.3, Trojan.Domaiq.21
100.00%

ESET NOD32
Win32/SoftPulse.R potentially unwanted application, Win32/SoftPulse.S potentially unwanted application, Win32/SoftPulse.U potentially unwanted application
100.00%

Avira AntiVirus
TR/Dropper.Gen, APPL/Softpulse.aone, PUA/SoftPulse.oant, PUA/SoftPulse.aone, APPL/Softpulse.1014112, TR/Agent.1107846
100.00%

VIPRE Antivirus
Threat.4783235, Threat.4150696, Threat.5064683
100.00%

Kaspersky
not-a-virus:AdWare.Win32.SoftPulse, not-a-virus:Downloader.Win32.DriverUpd, not-a-virus:HEUR:AdWare.Win32.SoftPulse
100.00%

F-Prot
W32/A-3f31f6a7, W32/S-2ac88d1e, W32/S-e8f52f8c, W32/S-8fb093ec, W32/S-49a6a1c8, W32/S-c792ca2a, W32/S-c5c4d057
100.00%

Comodo Security
Application.Win32.SoftPulse.D
100.00%

Sophos
PUA 'SoftPulse' (of type Adware)
100.00%

G Data
Win32.Application.SoftPulse, Gen:Variant.Adware.Strictor.73783, Gen:Variant.Strictor.79303, Gen:Variant.Strictor.71680, Application.Bundler.SoftPulse.AY
100.00%

AhnLab V3 Security
Win-PUP/SoftPulse, PUP/Win32.SoftPulse
100.00%

McAfee
Program.SoftPulse
100.00%

Vba32 AntiVirus
Signed-Adware.Softpulse, AdWare.SoftPulse
100.00%

The domain www.guideforeign.com has been seen to resolve to the following 4 IP addresses.

ip-166-62-28-106.ip.secureserver.net
February 12, 2016

rc2.sjl01.dmtracker.com
January 28, 2016

ec2-107-21-31-231.compute-1.amazonaws.com
May 3, 2015

ec2-107-23-40-12.compute-1.amazonaws.com
January 13, 2015

File downloads found at URLs served by www.guideforeign.com.

The following 36 files have been seen to comunicate with www.guideforeign.com in live environments.

 
Latest 20 of 49 files

URL:
http://www.guideforeign.com/

Title:
“guide foreign”

Title (5/3/2015):
“Welcome to nginx!”

Title (1/28/2016):
“Guideforeign.com”

Description:
“Pligg is an open source content management system that lets you easily <a href='http://pligg.com'>create your own user-powered website</a>.”

Web server:
Apache/2.4.12 (PHP/5.4.43)