The domain www.video-media-download.com registered by China Capital Investment Limited was initially registered in April of 2015 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrant:
China Capital Investment Limited
Registrar:
BULLRUNDOMAINS.COM LLC
Server location:
Arizona, United States (US)
Create date:
Friday, April 24, 2015
Expires date:
Monday, April 24, 2017
Updated date:
Tuesday, March 15, 2016
ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC
Scanner detections:
Detections (97% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.Amonetizeltd.e, PUP.Installer.JottixinternationalmediaGM2007.AA, PUP.JottixinternationalmediaGM2007.Y, PUP.Installer.JottixinternationalmediaGM2007.G, PUP.Installer.PremiumInstaller.F, PUP.Installer.Linkular.F, PUP.JottixinternationalmediaGM2007.Installer (M), PUP.Jottix.JottixinternationalmediaGM2007.Installer (M), PUP.Jottix.Jottixin.Installer (M), PUP.Jottix (M), PUP.Adknowledge (M)
94.44%
Malwarebytes
PUP.Optional.Amonetize.AS, PUP.Downware, PUP.Optional.iBryte, PUP.Optional.InstallCore, PUP.Optional.InstallCore.A, Adware.Linkular
61.11%
Dr.Web
Adware.Downware.1528, Adware.Downware.1402, Trojan.DownLoader10.21545, Adware.Downware.1489, Adware.Downware.1479, Adware.InstallCore.125, Adware.InstallCore.122
61.11%
VIPRE Antivirus
Amonetize, Jottix, Trojan.Win32.Generic, Threat.4784450, Optimum Installer, InstallCore, Threat.4150696
61.11%
avast!
Win32:Amonetize-Q [PUP], Win32:Adware-AZL [Adw], Win32:Installer-K [PUP], Win32:Installer-I [PUP], Win32:InstallCore-HG [PUP]
61.11%
Sophos
Amonetize, Jottix, PUA 'Jottix', PUA 'iBryte Optimum Installer', PUA 'Install Core Click run software', PUA 'Linkular'
58.33%
AVG
MalSign.Generic, Adware AdInstaller.ExpressInstall, Adware Skodna.Bundle.BD, Adware Generic_c.UA
58.33%
SUPERAntiSpyware
PUP.Downloader/Variant, PUP.InstallCore/Variant, Trojan.Agent/Gen-DarkKomet
52.78%
Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:Downloader.Win32.Agent, not-a-virus:AdWare.Win32.iBryte
44.44%
K7 AntiVirus
Unwanted-Program , Adware , Riskware
41.67%
Vba32 AntiVirus
AdWare.iBryte, Downloader.Agent, suspected of Trojan.Downloader.gen.h, BScope.Malware-Cryptor.iBryte, Downware.InstallCore
41.67%
Rising Antivirus
Trojan.Win32.Generic.137A42C9, PE:Trojan.Win32.Generic.137A42C9!326779593, PE:AdWare.Win32.Fednu.eg!1075354752, PE:Malware.InstallCore!6.4
36.11%
ESET NOD32
Win32/DownWare.G potentially unwanted application, Win32/AdWare.iBryte.K.gen application, Win32/InstallCore.BG potentially unwanted application
33.33%
McAfee
Artemis!633B2300C6F8, Artemis!61720B7C5351, Artemis!FCE530B942DB, Artemis!23895E0067D2, Artemis!78C79A100801, Artemis!9A6FEDEF65BC, Artemis!BA4449262EA7, Artemis!56DF0483970F, Artemis!7652B2724173
30.56%
Qihoo 360 Security
HEUR/Malware.QVM06.Gen, Win32/Trojan.a16, Malware.QVM10.Gen
30.56%
The domain www.video-media-download.com has been seen to resolve to the following 6 IP addresses.
192.230.92.93.ip.incapdns.net
September 13, 2016
199.83.132.93.ip.incapdns.net
June 22, 2016
ip-184-168-221-43.ip.secureserver.net
February 25, 2015
File downloads found at URLs served by www.video-media-download.com.
Latest 30 of 49 download URLs
The following 153 files have been seen to comunicate with www.video-media-download.com in live environments.
URL:
http://www.video-media-download.com/