home

www.zhnxai.com

See PrivacyGuardian.org  (Proxy Registrant)

Domain Information

The domain www.zhnxai.com is registered by proxy through NAMESILO, LLC and was originally registered in November of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Frankfurt Am Main, Hessen within Germany which resides on the FDCservers.net network.
Registrar:
NAMESILO, LLC

Server location:
Hessen, Germany (DE)

Create date:
Saturday, November 8, 2014

Expires date:
Sunday, November 8, 2015

Updated date:
Saturday, November 8, 2014

ASN:
AS6461 ABOVENET - Abovenet Communications, Inc,US

Root domain:
zhnxai.com

Whois:
1 zhnxai.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PluginUpdateSL.F, PUP.Installer.InstallationSafe.F, PUP.Softpulse.PluginUpdate.Bundler (M), PUP.Softpulse.PluginUp.Bundler (M)
100.00%

Dr.Web
Adware.SoftPulseENT.1, Adware.Downware.9017, Adware.SoftPules.3
21.43%

VIPRE Antivirus
Threat.4150696, Threat.4783235, Threat.5063330
21.43%

ESET NOD32
Win32/SoftPulse.Q potentially unwanted application, Win32/AdGazelle.B potentially unwanted application, Win32/SoftPulse.R potentially unwanted application
21.43%

K7 AntiVirus
Unwanted-Program
21.43%

Clam AntiVirus
Win.Adware.Agent-30659, Win.Adware.Agent-31302, Win.Trojan.11906039, Win.Adware.Softpulse-20
21.43%

Avira AntiVirus
TR/Dropper.Gen, ADWARE/Adware.Gen2, APPL/Softpulse.958224
21.43%

avast!
Win32:SoftPulse-BB [PUP], Win32:SoftPulse-BE [PUP], Win32:SoftPulse-BP [PUP], Win32:Adware-gen [Adw]
17.86%

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.SoftPulse.4, Gen:Variant.Adware.Graftor.165890
14.29%

MicroWorld eScan
Gen:Variant.Application.Bundler.SoftPulse.4, Gen:Variant.Graftor.165890
14.29%

McAfee
Socrydo, SoftPulse, Program.SoftPulse
14.29%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.SmartSec
14.29%

NANO AntiVirus
Trojan.Win32.DriverUpd.divqcs, Trojan.Win32.DriverUpd.diotxp, Trojan.Win32.DriverUpd.djmoky
14.29%

Bitdefender
Gen:Variant.Application.Bundler.SoftPulse.4, Gen:Variant.Graftor.165890
14.29%

Comodo Security
Application.Win32.SmApps.VIX, Application.Win32.SoftPulse.D
14.29%

The domain www.zhnxai.com has been seen to resolve to the following IP address.

50.7.158.186
November 29, 2014

File downloads found at URLs served by www.zhnxai.com.

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-23&clickid=1416197878  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-19&clickid=1416185797  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-18&clickid=1416181848  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-23&clickid=1416197817  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-22&clickid=1416196415  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-22&clickid=1416194622  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-23&clickid=1416198540  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-19&clickid=1416182749  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-19&clickid=1416182922  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-19&clickid=1416183454  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-19&clickid=1416182580  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-22&clickid=1416194766  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-22&clickid=1416195724  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-22&clickid=1416195732  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=MX&dv1=MX_a183_pc_2014-11-16-22&clickid=1416195732  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-20&clickid=1416189474  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-20&clickid=1416189518  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-21&clickid=1416189628  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-21&clickid=1416189694  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-21&clickid=1416190010  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-20&clickid=1416188929  (setup.exe)

1 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-22&clickid=1416196030  (setup.exe)

9 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=GB&dv1=GB_a231_pc_2014-11-16-20&clickid=1416187991  (setup.exe)

29 / 68    (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-21&clickid=1416189949  (setup.exe)

28 / 68    (Adware)
http://www.zhnxai.com/file.php?geo=GB&dv1=GB_a231_pc_2014-11-16-20&clickid=1416187991  (setup.exe)

8 / 68      (Adware)
http://www.zhnxai.com/file.php?geo=GB&dv1=GB_a231_pc_2014-11-16-20&clickid=1416187991  (setup.exe)

25 / 68    (Adware)
http://www.zhnxai.com/file.php?geo=US&dv1=US_a208_pc_2014-11-16-23&clickid=1416197958  (setup.exe)

24 / 68    (Adware)
http://www.zhnxai.com/file.php?geo=GB&dv1=GB_a231_pc_2014-11-16-20&clickid=1416187991  (setup.exe)

URL:
http://www.zhnxai.com/

Web server:
nginx (PHP/5.2.17p1)

cdcxvi.com

cepbgt.com

cmmvqz.com

ctxxqp.com

feeuhk.com

ffzadw.com

yelwau.com

zapgfy.com

zbwhyb.com

zbwmkk.com

zdqynh.com

zdsucb.com

zefmjp.com

zgpedn.com

zinqtv.com

zixlvg.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.