home

www.usb-guardian.com

Brains 2

Domain Information

The domain www.usb-guardian.com registered by Brains 2 was initially registered in February of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kihei, Hawaii within the United States which resides on the ThePlanet.com Internet Services, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Hawaii, United States (US)

Create date:
Monday, February 8, 2010

Expires date:
Wednesday, February 8, 2017

Updated date:
Thursday, March 3, 2016

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:
usb-guardian.com

Whois:
3 usb-guardian.com records

Scanner detections:
Detections  (78% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.HipgnosisVision.Z, PUP.Installer.HipgnosisVision.S, PUP.HipgnosisVision.Installer (M)
66.67%

ESET NOD32
MSIL/HipgnosisBrains.A potentially unwanted application, Win32/Delf.QJF trojan, Win32/Sality.NBA virus
44.44%

avast!
Malware-gen, Win32:Delf-TJJ [Trj], Win32:SaliCode
33.33%

McAfee
Trojan.Artemis!E0A541E0D9F7, Trojan.Generic-FAEK!20DDE00A9E47
22.22%

Dr.Web
riskware program Program.Unwanted.362, Trojan.Inject1.64015
22.22%

AVG
Generic, Worm/AutoRun.PQ
22.22%

Microsoft Security Essentials
Threat.Undefined
22.22%

F-Prot
W32/Delf.EA.gen, W32/Sality.gen2
22.22%

Bkav FE
W32.HfsAdware
11.11%

Trend Micro House Call
Suspicious_GEN.F47V0516
11.11%

Baidu Antivirus
Adware.Win32.DownWare
11.11%

AhnLab V3 Security
PUP/Win32.Installer
11.11%

Zillya! Antivirus
Worm.VBNA.Win32.256496
11.11%

Emsisoft Anti-Malware
Trojan.Generic.8698094
11.11%

VIPRE Antivirus
Threat.4150696
11.11%

The domain www.usb-guardian.com has been seen to resolve to the following 4 IP addresses.

40.78.96.61
April 12, 2016

184.173.253.242
184.173.253.242-static.reverse.softlayer.com
October 13, 2015

72.21.81.253
January 2, 2015

72.21.91.19
July 31, 2014

File downloads found at URLs served by www.usb-guardian.com.

4 / 68      (Malware)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (fcd78faab4e1c08ed34b6a28ab06de86)

1 / 68      (inconclusive)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (update1.exe)

12 / 68    (Malware)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (20dde00a9e47337c45e212929e52d06f)

1 / 68      (PUP)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (95e7c0cf9eccd9db3edf719b00259632)

2 / 68      (inconclusive)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (update1.exe)

1 / 68      (PUP)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (3e4b07e12833aec888a97577927f320e)

9 / 68      (PUP)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (e0a541e0d9f7ccf195d8222c521ad591)

1 / 68      (PUP)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (930a46d67f927bd9b37bafc88718937d)

2 / 68      (PUP)
http://www.usb-guardian.com/.../usb-guardian-setup.exe  (usb-guardian-setup - copy.exe)

The following 87 files have been seen to comunicate with www.usb-guardian.com in live environments.

TCP » 184.173.253.242:80
utorrentspeeduppro_setup.exe (uTorrent SpeedUp Pro by BoostYourDownload)

TCP » 184.173.253.242:80
usb-guardian-setup.exe (USB Guardian by USB-Guardian)

TCP » 184.173.253.242:80
utorrent-acceleration-tool-free.exe (uTorrent Acceleration Tool by P2pAccelerators)

TCP » 184.173.253.242:80
utorrentturboaccelerator_installer.exe (uTorrent Turbo Accelerator by WebSpeeders)

TCP » 184.173.253.242:80
setup.exe (Aktiv Player by GoForSharing)

TCP » 184.173.253.242:80
quantum-setup.exe (Quantum by Quantum)

TCP » 184.173.253.242:80
update2.exe

TCP » 184.173.253.242:80
hanso-burner-setup.exe (Hanso Burner by HansoTools)

TCP » 184.173.253.242:80
limezilla-setup.exe (LimeZilla by ShareZillas)

TCP » 184.173.253.242:80
bittorrent-turbo-accelerator_370.exe (BitTorrent Turbo Accelerator by WebSpeeders)

TCP » 184.173.253.242:80
47749-92108-bittorrent-turbo-accelerator.exe (BitTorrent Turbo Accelerator by WebSpeeders)

TCP » 184.173.253.242:80
96a6790cca6e9b3a3e51b51219e3528300e4c8da09c0925c2537c075d361015a (WinMX Music by AresGalaxyOnline)

TCP » 184.173.253.242:80
free-movies-box-setup.exe (Free Movies Box by Free Movies Box)

TCP » 184.173.253.242:80
bearshare_mp3_free.exe (BearShare MP3 by AresGalaxyOnline)

TCP » 184.173.253.242:80
ultra accelerator.exe (uTorrent Ultra Accelerator by TrafficSpeeders)

TCP » 184.173.253.242:80
p2p-rocket-free.exe (P2P Rocket by P2P Rocket)

TCP » 184.173.253.242:80
vip-torrent-setup-free.exe (VIP Torrent by VipRumor)

TCP » 184.173.253.242:80
utorrentturboaccelerator_installer.exe (uTorrent Turbo Accelerator by WebSpeeders)

TCP » 184.173.253.242:80
0aa424af_stp.exe (BitTorrent Ultra Accelerator by TrafficSpeeders)

TCP » 184.173.253.242:80
update1.exe (DexterWire by DexterWire)

 
Latest 20 of 87 files

URL:
http://www.usb-guardian.com/

Title:
“USB Guardian – Scan USB for Worms and Viruses”

Title (7/31/2014):
“USB Guardian - Scan USB for Worms and Viruses”

Title (10/13/2015):
“USB Guardian | Scan USB for Worms and Viruses”

Web server:
Apache/2.4.7 (Ubuntu) (PHP/5.5.9-1ubuntu4.14)

Facebook:
Likes:  103
Shares:  54
Comments:  43

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.