The domain iframe.guidehoome.com registered by Volodymyr Lepine c/o Dynadot Privacy was initially registered in February of 2014 through DYNADOT, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Oregon, United States (US)
Thursday, February 20, 2014
Friday, February 20, 2015
Thursday, March 06, 2014
AS16509 AMAZON-02 - Amazon.com, Inc.
Detections (100% detected)
Adware.WebPick.Installer.Z, Adware.WebPick.Installer.I, Adware.WebPick.Installer.j, Adware.WebPick.Installer.CC, Adware.WebPick.Installer.d, Adware.WebPick.Installer.?, Adware.WebPick.Installer.k, Adware.WebPick.Installer (M), Adware (M)
Win32:InstalleRex-BT [Trj], Win32:PUP-gen [PUP], Win32:InstalleRex-BY [PUP], Win32:InstalleRex-BW [PUP], Win32:InstalleRex-BQ [PUP]
InstallRex, PUA 'InstallRex'
Adware.Downware.2108, Trojan.WebPick.2540, Trojan.WebPick.2579, Trojan.WebPick.2452
TR/AntiFW.b.109, Adware/InstallRex.HI, TR/Visucius.20, Adware/InstallRex.HH, Adware/InstallRex.ode.17
Antiy Labs AVL
RiskWare[Downloader:not-a-virus,HEUR]/Win32.AdLoad, Trojan/Win32.TSGeneric, Trojan/Win32.AntiFW.b
The domain iframe.guidehoome.com has been seen to resolve to the following IP address.
May 28, 2014
File downloads found at URLs served by iframe.guidehoome.com.
Amazon Web Services (AWS), running an EC2 instance