d.exfriendalert.com

Steve Iverson

Domain Information

The domain d.exfriendalert.com registered by Steve Iverson was initially registered in November of 2012 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from d.exfriendalert.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Saturday, November 17, 2012

Expires date:
Monday, November 17, 2014

Updated date:
Sunday, December 29, 2013

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Root domain:

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.CloudCanvas.F, PUP.Installer.GenTechnologiesApps.F
100.00%

Comodo Security
Heur.Suspicious
66.67%

Dr.Web
Adware.Plugin.36, Threat.Undefined, Adware.Yontoo.55
66.67%

Trend Micro House Call
TROJ_GEN.F47V0725, TROJ_GEN.F47V0205, TROJ_GEN.F47V0925, TROJ_GE.3630F48E
44.44%

ESET NOD32
Win32/InstallMonetizer.AN, Win32/ExFriendAlert
44.44%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-PKR.G, Heuristic.BehavesLike.Win32.Suspicious-PKR.S, BehavesLike.Win32.AdwareSweet.tc
33.33%

VIPRE Antivirus
Conduit, Threat.4784449, Threat.4150696
33.33%

avast!
Win32:BHO-AMO [PUP]
33.33%

McAfee
Artemis!3BDE17284F11, Artemis!93B26FE36BB8
22.22%

Malwarebytes
PUP.Optional.ExFriendAlert.A
22.22%

ESET NOD32
Win32/ExFriendAlert.B potentially unwanted application, Win32/ExFriendAlert.A potentially unwanted application
22.22%

K7 Gateway Antivirus
Unwanted-Program , Trojan
22.22%

K7 AntiVirus
Unwanted-Program , Trojan
22.22%

Kingsoft AntiVirus
VIRUS_UNKNOWN
22.22%

IKARUS anti.virus
AdWare.Win32.ExFriendAlert, PUA.ExFriendAlert
22.22%

The domain d.exfriendalert.com has been seen to resolve to the following IP address.

ip-184-168-221-72.ip.secureserver.net
April 14, 2014

File downloads found at URLs served by d.exfriendalert.com.

15 / 68    (Adware)

2 / 68      (Adware)

5 / 68      (Adware)

11 / 68    (PUP)

2 / 68      (Adware)

2 / 68      (Adware)

11 / 68    (Adware)

8 / 68      (Adware)

4 / 68      (Adware)

0 / 68

0 / 68

0 / 68

The following 4 files have been seen to comunicate with d.exfriendalert.com in live environments.

URL:
http://d.exfriendalert.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

Remove Malware from d.exfriendalert.com - Powered by Reason Core Security