www.poweriso.net

Lee Fenghua

Domain Information

The domain www.poweriso.net registered by Lee Fenghua was initially registered in January of 2008 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Atlanta, Georgia within the United States which resides on the Linode network.
Remove Malware from www.poweriso.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Georgia, United States (US)

Create date:
Tuesday, January 22, 2008

Expires date:
Monday, January 22, 2018

Updated date:
Friday, June 28, 2013

ASN:
AS3595 GNAXNET-AS - Global Net Access, LLC

Root domain:

Scanner detections:
Detections  (68% detected)

Scan engine
Details
Detections

Dr.Web
Adware.OpenCandy.4, Adware.Conduit.82, Threat.Undefined, Adware.OpenCandy.39, Adware.OpenCandy.115
92.00%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant)
92.00%

Malwarebytes
PUP.Optional.OpenCandy
88.00%

Trend Micro House Call
TROJ_GEN.F47V1028, TROJ_GEN.F47V0516, TROJ_GEN.F47V0522, Suspicious_GEN.F47V0702, Suspicious_GEN.F47V0718, Suspici.18E75054
88.00%

Comodo Security
TrojWare.Win32.Injector.JQFR, Application.Win32.Conduit.~A, Application.Win32.ClientConnect.~A
80.00%

McAfee
Artemis!EFCC0A6DDB36, Artemis!D50F148A7DDD, Artemis!32FCC775D046, Artemis!4AC877D2EC32, Artemis!3113497B7EF6, Artemis!95E952BC53F6, Artemis!20EAEB7E188F, Artemis!729748D4CCCA, Artemis!A11F82B3430E, Artemis!C639242A914F, Artemis!8E487CC74812
80.00%

Kaspersky
not-a-virus:Downloader.NSIS.Agent, not-a-virus:WebToolbar.Win32.Agent, not-a-virus:WebToolbar.NSIS.Agent
76.00%

Vba32 AntiVirus
Downloader.Agent
72.00%

McAfee Web Gateway
Artemis!EFCC0A6DDB36, Artemis!D50F148A7DDD, Artemis!32FCC775D046, Heuristic.BehavesLike.Win32.Suspicious-PKR.O
68.00%

Panda Antivirus
PUP/Conduit.A, Adware/Conduit, Trj/Chgt.A, Trj/Chgt.I
64.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
64.00%

Agnitum Outpost
Riskware.OpenCandy, Riskware.Agent
64.00%

Zillya! Antivirus
Worm.Mabezat.Win32.38296
64.00%

Reason Heuristics
PUP.Optional.Installer.N, PUP.Optional.Installer.J, PUP.Optional.Installer.M, Win32.Generic.PowerSoftware.Installer.Meta
60.00%

K7 Gateway Antivirus
Unwanted-Program , Unwanted-File , Trojan
56.00%

The domain www.poweriso.net has been seen to resolve to the following 3 IP addresses.

ip-166-62-59-171.ip.secureserver.net
May 3, 2015

li54-248.members.linode.com
November 29, 2014

li590-226.members.linode.com
July 30, 2013

File downloads found at URLs served by www.poweriso.net.

21 / 68    (PUP)
http://www.poweriso.net/PowerISO6.exe  (d3820c76386210af8ba961f6e714b224)

23 / 68    (PUP)
http://www.poweriso.net/PowerISO6-x64.exe  (ccbdca493f1134adddbb90d3676e9871)

24 / 68    (PUP)

23 / 68    (PUP)
http://www.poweriso.net/.../PowerISO6-x64.exe  (9bc380c8d350cd83ad17f7260e45ad66)

20 / 68    (PUP)
http://www.poweriso.net/.../PowerISO6-x64.exe  (8e487cc748125b3ec324272df984597d)

7 / 68      (PUP)
http://www.poweriso.net/.../PowerISO6.exe  (a11f82b3430ec11e6fdeed4f1892ae7c)

17 / 68    (PUP)
http://www.poweriso.net//PowerISO6-x64.exe  (9093cf613f0b2aadab521b978b092723)

12 / 68    (PUP)

11 / 68    (PUP)

20 / 68    (PUP)
http://www.poweriso.net/.../PowerISO6-x64.exe  (8e487cc748125b3ec324272df984597d)

17 / 68    (PUP)
http://www.poweriso.net/.../PowerISO6-x64.exe  (9093cf613f0b2aadab521b978b092723)

21 / 68    (PUP)
http://www.poweriso.net/.../PowerISO6.exe  (d3820c76386210af8ba961f6e714b224)

2 / 68      (inconclusive)
http://www.poweriso.net/.../PowerISO6.exe  (ceb27834f89b62176baad970bba20ab0)

19 / 68    (PUP)
http://www.poweriso.net/PowerISO5-x64.exe  (32fcc775d0467f34749242a41ffda65f)

0 / 68
http://www.poweriso.net/PowerISO48.exe  (ece265dffc8d08b501ddc74d47c74b8e)

URL:
http://www.poweriso.net/

Title:
“PowerISO”

Web server:
Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4

Compete.com:
US visitors:  8,277

Statistics are for the previous month.

Remove Malware from www.poweriso.net - Powered by Reason Core Security