home

down.windoguide.com

windoguide

Domain Information

The domain down.windoguide.com registered by windoguide was initially registered in November of 2012 through MEGAZONE CORP. DBA HOSTING.KR. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seoul, Seoul-T'Ukpyolsi within Korea which resides on the Asia Pacific Network Information Centre network.
Registrar:
MEGAZONE CORP. DBA HOSTING.KR

Server location:
Seoul-T'Ukpyolsi, Korea (KR)

Create date:
Monday, November 19, 2012

Expires date:
Saturday, November 19, 2016

Updated date:
Friday, November 27, 2015

ASN:
AS3786 LGDACOM LG DACOM Corporation,KR

Root domain:
windoguide.com

Whois:
1 windoguide.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Bkav FE
W32.Clod1e6.Trojan
100.00%

nProtect
Adware/W32.Agent.233032
100.00%

McAfee
Artemis!4F144325ADD3
100.00%

Malwarebytes
Adware.KorAd
100.00%

Trend Micro House Call
ADW_KRADDARE
100.00%

Dr.Web
Adware.Shopper.342
100.00%

VIPRE Antivirus
Trojan.Win32.Generic!SB.0
100.00%

Trend Micro
ADW_KRADDARE
100.00%

ViRobot
Adware.Agent.233032
100.00%

AhnLab V3 Security
Win-PUP/Helper.WindoGuide.233032
100.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
100.00%

Reason Heuristics
PUP.Installer.winsys.T
100.00%

The domain down.windoguide.com has been seen to resolve to the following IP address.

114.108.128.18
April 7, 2016

File downloads found at URLs served by down.windoguide.com.

12 / 68    (Adware)
http://down.windoguide.com/setup_kid001_silent.exe  (4f144325add3e90259f008c513db722b)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.