home

ividi.org

c/o whoisproxy.com Ltd.

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
Key-Systems GmbH

Server location:
Bayern, Germany (DE)

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH,DE

Whois:
4 ividi.org records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Bkav FE
W32.Clod4d6.Trojan, W32.Clod933.Trojan
100.00%

Malwarebytes
PUP.Optional.Topmedia, Adware.Montiera
100.00%

Dr.Web
Adware.Plugin.131, Adware.Downware.1540
100.00%

VIPRE Antivirus
Ividi
100.00%

ESET NOD32
Win32/TopMedia (variant), Win32/Toolbar.Montiera
100.00%

McAfee
Artemis!C97A0355FEF3
50.00%

K7 AntiVirus
Unwanted-Program
50.00%

Trend Micro House Call
TROJ_SPNR.08LB13
50.00%

avast!
NSIS:Adware-LK [PUP]
50.00%

Clam AntiVirus
Win.Adware.Delbar
50.00%

Kaspersky
not-a-virus:AdWare.Win32.DelBar
50.00%

Comodo Security
Application.Win32.Babylon.TK
50.00%

Trend Micro
TROJ_SPNR.08LB13
50.00%

Sophos
Generic PUA LJ
50.00%

Vba32 AntiVirus
AdWare.DelBar
50.00%

The domain ividi.org has been seen to resolve to the following 11 IP addresses.

144.76.1.130
static.130.1.76.144.clients.your-server.de
April 3, 2016

144.76.0.242
static.242.0.76.144.clients.your-server.de
April 3, 2016

78.46.179.134
static.134.179.46.78.clients.your-server.de
October 13, 2015

209.15.13.134
September 12, 2015

216.8.179.25
ptr-216-8-179-25.ptr.nextdimensioninc.com
May 5, 2015

216.8.179.23
ptr-216-8-179-23.ptr.nextdimensioninc.com
January 12, 2015

209.222.14.3
209.222.14.3.choopa.net
November 17, 2014

104.28.8.94
August 10, 2014

104.28.9.94
August 10, 2014

108.162.197.251
(CloudFlare)
December 26, 2013

108.162.196.251
(CloudFlare)
December 26, 2013

File downloads found at URLs served by ividi.org.

5 / 68      (PUP)
http://ividi.org/.../download  (iVIDIPlugin.exe)

19 / 68    (PUP)
http://ividi.org/.../download?aff=3&lpt=3&fln=Steinberg_Cubase_5.1_-_Advanced_Music_Production_System  (Steinberg_Cubase_5.1_-_Advanced_Music_Production_System.exe)

5 / 68      (PUP)
http://ividi.org/sites/ividi_org/.../iVIDIPlugin.exe  (73a54e58b3578a9d28ba7d2a156421a7)

The following 27 files have been seen to comunicate with ividi.org in live environments.

TCP » 144.76.0.242:80
jingling.exe

TCP » 144.76.0.242:80
Trezaa.Service.exe (Trezaa.Service by Microsoft)

TCP » 144.76.0.242:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 144.76.0.242:80
setupv.exe (project1 by Microsoft)

TCP » 144.76.1.130:443
apptrailers.exe

TCP » 144.76.0.242:443
online-guardian-v2.0.9.exe

TCP » 144.76.0.242:80
AdxEngine.exe (MPC AdCleaner by DotC United Inc)

TCP » 144.76.0.242:80
microsoft toolkit 2.6.6__9465_il667.exe

TCP » 144.76.1.130:80
microsoft toolkit 2.6.6__9465_il667.exe

TCP » 144.76.0.242:80
kmspico10.2.1__8174_il55.exe

TCP » 144.76.0.242:25
init.exe

TCP » 144.76.0.242:80
UCBrowser.exe (by UCWeb)

TCP » 144.76.1.130:80
kdlink32.exe (KDLink by QuestPRO Software)

TCP » 209.222.14.3:80
bitcomet_x64.exe (BitComet 64-bit by www.BitComet.com)

TCP » 144.76.0.242:80
setup__2140_il20839.exe (arsenal by Emirates)

TCP » 144.76.0.242:80
kmspico10.2.1__11516_il55.exe

TCP » 144.76.0.242:80
windowsupdatekb12695__7428_il1.exe

TCP » 144.76.0.242:80
setup__15200_i1936892346_il29444.exe

TCP » 144.76.1.130:80
setup__2140_il20839.exe (arsenal by Emirates)

TCP » 144.76.1.130:80
kmspico10.2.1__11516_il55.exe

 
Latest 20 of 34 files

December 26, 2013
dl.ividi.org

URL:
http://ividi.org/

Google Analytics:
UA-43967021

Title:
“ividi.org”

Web server:
nginx (PHP/5.3.10-1ubuntu3.21)

205descargas.com

aihahconsumerproductexposed.net

apparil.com

appatan.com

appcoun.com

appoder.com

clever-those.ru

describesnort.ru

dfg-downloads.com

downloadmoviesfree.net

evidence-cleaner.net

ftuszhv1sb.ru

getdownload.net

gimp28.com

healthcaregovtool.com

humipapp.com

juksr.com

noisewitness.ru

of1dkj3867.ru

pat-clutch-ignore.ru

peemoteenfidelity.net

perhaps481.ru

pro-sea-portal.ru

probaystroy.ru

prospeedstore.ru

shoogpowersellingonline.org

softologicsd.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.