The domain www.guideforeign.com registered by Jaysolutions was initially registered in December of 2014 through NAME.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kirkland, Washington within the United States which resides on the eNom, Incorporated network.
Server location:
Washington, United States (US)
Create date:
Friday, December 19, 2014
Expires date:
Monday, December 19, 2016
Updated date:
Saturday, January 30, 2016
ASN:
AS21740 ENOMAS1 - eNom, Incorporated,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Zillya! Antivirus
Adware.SoftPulse.Win32.14, Adware.SoftPulse.Win32.59, Adware.SoftPulse.Win32.88, Adware.Agent.Win32.28165, Adware.SoftPulse.Win32.22
100.00%
Reason Heuristics
PUP.Installer.PluginUpdateSL.F, PUP.Installer.Softpulse, PUP.Installer.VideoPluginsoftware, PUP.Softpulse.PluginUpdate.Bundler (M)
100.00%
AVG
Found Win32/DH{gRIxfX5QgQd5VE8VUYEVgQkcU4ETQYEP}, Generic, PSW.Agent, Win.Threat.High
100.00%
Dr.Web
Adware.SoftPules.3, Trojan.Domaiq.28, Trojan.Domaiq.107, Adware.SoftPules.3, Trojan.DownLoader11.54695, Adware.SoftPules.3, Trojan.Domaiq.21
100.00%
ESET NOD32
Win32/SoftPulse.R potentially unwanted application, Win32/SoftPulse.S potentially unwanted application, Win32/SoftPulse.U potentially unwanted application
100.00%
Avira AntiVirus
TR/Dropper.Gen, APPL/Softpulse.aone, PUA/SoftPulse.oant, PUA/SoftPulse.aone, APPL/Softpulse.1014112, TR/Agent.1107846
100.00%
VIPRE Antivirus
Threat.4783235, Threat.4150696, Threat.5064683
100.00%
Kaspersky
not-a-virus:AdWare.Win32.SoftPulse, not-a-virus:Downloader.Win32.DriverUpd, not-a-virus:HEUR:AdWare.Win32.SoftPulse
100.00%
F-Prot
W32/A-3f31f6a7, W32/S-2ac88d1e, W32/S-e8f52f8c, W32/S-8fb093ec, W32/S-49a6a1c8, W32/S-c792ca2a, W32/S-c5c4d057
100.00%
Comodo Security
Application.Win32.SoftPulse.D
100.00%
Sophos
PUA 'SoftPulse' (of type Adware)
100.00%
G Data
Win32.Application.SoftPulse, Gen:Variant.Adware.Strictor.73783, Gen:Variant.Strictor.79303, Gen:Variant.Strictor.71680, Application.Bundler.SoftPulse.AY
100.00%
AhnLab V3 Security
Win-PUP/SoftPulse, PUP/Win32.SoftPulse
100.00%
McAfee
Program.SoftPulse
100.00%
Vba32 AntiVirus
Signed-Adware.Softpulse, AdWare.SoftPulse
100.00%
The domain www.guideforeign.com has been seen to resolve to the following 4 IP addresses.
ip-166-62-28-106.ip.secureserver.net
February 12, 2016
rc2.sjl01.dmtracker.com
January 28, 2016
ec2-107-21-31-231.compute-1.amazonaws.com
May 3, 2015
ec2-107-23-40-12.compute-1.amazonaws.com
January 13, 2015
File downloads found at URLs served by www.guideforeign.com.
The following 36 files have been seen to comunicate with www.guideforeign.com in live environments.
URL:
http://www.guideforeign.com/
Title (5/3/2015):
“Welcome to nginx!”
Title (1/28/2016):
“Guideforeign.com”
Description:
“Pligg is an open source content management system that lets you easily <a href='http://pligg.com'>create your own user-powered website</a>.”
Web server:
Apache/2.4.12 (PHP/5.4.43)