iframe.guidehoome.com

Volodymyr Lepine c/o Dynadot Privacy

Domain Information

The domain iframe.guidehoome.com registered by Volodymyr Lepine c/o Dynadot Privacy was initially registered in February of 2014 through DYNADOT, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from iframe.guidehoome.com - Powered by Reason Core Security
Registrar:
DYNADOT, LLC

Server location:
Oregon, United States (US)

Create date:
Thursday, February 20, 2014

Expires date:
Friday, February 20, 2015

Updated date:
Thursday, March 06, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer.Z, Adware.WebPick.Installer.I, Adware.WebPick.Installer.j, Adware.WebPick.Installer.CC, Adware.WebPick.Installer.d, Adware.WebPick.Installer.?, Adware.WebPick.Installer.k, Adware.WebPick.Installer (M)
100.00%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic
80.00%

Quick Heal
Trojan.AntiFW.A5
80.00%

Malwarebytes
PUP.Optional.InstalleRex, PUP.Optional.Excellent4App
80.00%

avast!
Win32:InstalleRex-BT [Trj], Win32:PUP-gen [PUP], Win32:InstalleRex-BY [PUP], Win32:InstalleRex-BW [PUP], Win32:InstalleRex-BQ [PUP]
80.00%

Kaspersky
Trojan.Win32.AntiFW
80.00%

NANO AntiVirus
Riskware.Win32.InfoLeak.cvgqot
80.00%

Sophos
InstallRex, PUA 'InstallRex'
80.00%

Comodo Security
Application.Win32.InstalleRex.KG
80.00%

Dr.Web
Adware.Downware.2108, Trojan.WebPick.2540, Trojan.WebPick.2579, Trojan.WebPick.2452
80.00%

Avira AntiVirus
TR/AntiFW.b.109, Adware/InstallRex.HI, TR/Visucius.20, Adware/InstallRex.HH, Adware/InstallRex.ode.17
80.00%

Antiy Labs AVL
RiskWare[Downloader:not-a-virus,HEUR]/Win32.AdLoad, Trojan/Win32.TSGeneric, Trojan/Win32.AntiFW.b
80.00%

Kingsoft AntiVirus
Win32.Troj.AntiFW.b.(kcloud)
80.00%

Vba32 AntiVirus
Downloader.AdLoad, Downware.TSU
80.00%

AVG
Generic
80.00%

The domain iframe.guidehoome.com has been seen to resolve to the following IP address.

ec2-54-200-139-91.us-west-2.compute.amazonaws.com
May 28, 2014

File downloads found at URLs served by iframe.guidehoome.com.

URL:
http://iframe.guidehoome.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
ngx_openresty (PHP/5.4.19)

Remove Malware from iframe.guidehoome.com - Powered by Reason Core Security