www.po114.us

xianlin xie

Domain Information

The domain www.po114.us registered by xianlin xie was initially registered in October of 2013 through GODADDY.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Washington, District of Columbia within the United States which resides on the SoftLayer Technologies Inc. network.
Remove Malware from www.po114.us - Powered by Reason Core Security
Registrar:
GODADDY.COM, INC.

Server location:
District of Columbia, United States (US)

Create date:
Thursday, October 24, 2013

Expires date:
Tuesday, October 23, 2018

Updated date:
Friday, December 19, 2014

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Mutabaha.42, Adware.Mutabaha.41, Adware.Downware.1605, Adware.Mutabaha.54
100.00%

Baidu Antivirus
Trojan.Win32.Elex, Adware.Win32.ELEX
100.00%

Reason Heuristics
PUP.SkytouchTechnologyCoLimited.O, PUP.SkytouchTechnologyCoLimited.K, PUP.SkytouchTechnologyCoLimited.E, PUP.HefeiZhimingxingtongSoftwareTechnologyCo.Q
100.00%

Trend Micro House Call
TROJ_GEN.F47V1227, TROJ_GEN.F47V1214, TROJ_GEN.F47V1109, TROJ_GEN.F47V1126, Suspicious_GEN.F47V0613
100.00%

Agnitum Outpost
Riskware.Agent
100.00%

McAfee
Artemis!BFCAFDAC7317, Artemis!B5B6B59BE79E, Artemis!A9CBCC924433
80.00%

Malwarebytes
PUP.Optional.SkyTech.A
80.00%

McAfee Web Gateway
Artemis!BFCAFDAC7317, Artemis!B5B6B59BE79E, Artemis!A9CBCC924433
80.00%

ESET NOD32
Win32/ELEX, Win32/ELEX (variant)
60.00%

Fortinet FortiGate
Riskware/Elex
60.00%

herdProtect (fuzzy)
a variant of 568b70d8d1993c12ee3b6a09925a6c4688af9d63, a variant of e7a90f8ab02f51b3ced2b5a8c8720bf4f9e362a1, a variant of 011635e7aa9d5244bdd43f51db16dc2bbb000e10
60.00%

Emsisoft Anti-Malware
Adware.Win32.AppInstall, Adware.DealPly, Application.Downloader.SV
60.00%

VIPRE Antivirus
Trojan.StartPage, Threat.4895345
60.00%

avast!
Win32:Malware-gen, Win32:Adware-gen [Adw]
40.00%

Panda Antivirus
Application/HomePageChanger
40.00%

The domain www.po114.us has been seen to resolve to the following 4 IP addresses.

173.193.180.132-static.reverse.softlayer.com
January 25, 2014

208.43.232.116-static.reverse.softlayer.com
January 25, 2014

208.43.232.118-static.reverse.softlayer.com
January 25, 2014

173.193.180.130-static.reverse.softlayer.com
January 25, 2014

File downloads found at URLs served by www.po114.us.

12 / 68    (PUP)
http://www.po114.us/hpnt/.../lly_webssearches.exe  (a9cbcc92443360e4a0493b15d6b51a86)

11 / 68    (Adware)

20 / 68    (Adware)
http://www.po114.us/hpnt/.../tugs_qone8.exe  (c3731247baaa29d326b442691240ae80)

14 / 68    (Adware)
http://www.po114.us/hpnt/.../amt_nationzoom.exe  (489dfc673dd1ba9c1c2f42af5a4c7471)

17 / 68    (Adware)
http://www.po114.us/hpnt/.../tugs_awesomehp.exe  (bfcafdac7317f0174554134696093812)

The following 12 files have been seen to comunicate with www.po114.us in live environments.

Remove Malware from www.po114.us - Powered by Reason Core Security