morevids.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain morevids.net is registered by proxy through ENOM, INC. and was originally registered in December of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Friday, December 12, 2014

Expires date:
Monday, December 12, 2016

Updated date:
Wednesday, December 16, 2015

ASN:
AS39572 ADVANCEDHOSTERS-AS ADVANCEDHOSTERS LIMITED

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

NANO AntiVirus
Riskware.Win32.Amonetize.dkinix
100.00%

Sophos
Generic PUA NP
100.00%

Avira AntiVirus
ADWARE/Adware.Gen4
100.00%

AhnLab V3 Security
PUP/Win32.Amonetiz
100.00%

ESET NOD32
Win32/Amonetize.CH (variant)
100.00%

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
100.00%

Reason Heuristics
PUP.Installer.AMGRUP.AA
100.00%

MicroWorld eScan
Gen:Variant.Adware.Netfilter.2
100.00%

McAfee
Artemis!EC49F86C537C
100.00%

K7 AntiVirus
Trojan
100.00%

Trend Micro House Call
TROJ_GEN.R0C1H09LG14
100.00%

avast!
Win32:Dropper-gen [Drp]
100.00%

Bitdefender
Gen:Variant.Adware.Netfilter.2
100.00%

Lavasoft Ad-Aware
Gen:Variant.Adware.Netfilter.2
100.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Netfilter
100.00%

The domain morevids.net has been seen to resolve to the following IP address.

November 13, 2015

File downloads found at URLs served by morevids.net.

18 / 68    (Adware)
http://morevids.net/download_player.php?a=124460  (herdprotect__2309_il250368.exe)

18 / 68    (Adware)
http://morevids.net/download_player.php?a=124550  (herdprotect__2309_il250368.exe)

URL:
http://morevids.net/

Title:
“HD movies online”

Web server:
Apache/2.2.23 (Unix) PHP/5.2.17 (PHP/5.2.17)