home

download.hideguard.ru

Private Person  (Proxy Registrant)

Domain Information

The domain download.hideguard.ru is registered by proxy through REGGI-RU and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.
Registrar:
REGGI-RU

Server location:
Moscow City, Russia (RU)

Create date:
Thursday, August 1, 2013

Expires date:
Monday, August 1, 2016

ASN:
AS199860 SDN-AS Stack Data Network LLC,RU

Root domain:
hideguard.ru

Whois:
2 hideguard.ru records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.Installer.iTVA.W, PUP.Installer.ITVA, PUP.ITVA.LimitedLiabilityCompany.Installer (M), PUP.ITVALimitedLiabilityCompany.Installer (M)
100.00%

Dr.Web
Adware.Downware.6456, Adware.Downware.10462, Adware.Downware.11337, Adware.Downware.11786
85.71%

ESET NOD32
Win32/Itva, Win32/Itva.D potentially unwanted (variant), Win32/Itva.E potentially unwanted
71.43%

Avira AntiVirus
TR/avti.A, TR/Avti.4107520
57.14%

IKARUS anti.virus
PUA.Itva
57.14%

McAfee
Artemis!4F4EECBF8C9E
42.86%

Trend Micro House Call
Suspicious_GEN.F47V0801
42.86%

AVG
nbsp;
42.86%

K7 AntiVirus
Trojan
42.86%

Agnitum Outpost
Riskware.Agent
42.86%

Sophos
Generic PUA MI
42.86%

Fortinet FortiGate
Riskware/Itva
42.86%

Qihoo 360 Security
HEUR/QVM18.1.Malware.Gen
14.29%

The domain download.hideguard.ru has been seen to resolve to the following 2 IP addresses.

185.44.14.130
April 6, 2015

83.222.97.53
April 4, 2014

File downloads found at URLs served by download.hideguard.ru.

1 / 68      (PUP)
http://download.hideguard.ru/HideguardVPNSetup.exe  (b233ad438742757e426dcdca578434c1)

5 / 68      (Adware)
http://download.hideguard.ru/HideguardVPNWebInstall.exe  (a4f5ddc63972537b21660e22ba39466a)

3 / 68      (PUP)
http://download.hideguard.ru/HideguardVPNSetup.exe  (d0029bfdd33332b928da2898750be9db)

3 / 68      (Adware)
http://download.hideguard.ru/HideguardVPNSetupRU.exe  (0c8fcf06b54764d468bde2212b4add17)

12 / 68    (PUP)
http://download.hideguard.ru/HideguardVPNWebInstall.exe  (1ddc52a060d742fc9b94636d750dbe93)

12 / 68    (PUP)
http://download.hideguard.ru/HideguardVPNWebInstall.exe  (74cb509346fdfcca9143dec3db7a27e7)

12 / 68    (PUP)
http://download.hideguard.ru/HideguardVPNSetupRU.exe  (e76f241d052a6827c40bcae0a93823f2)

URL:
http://download.hideguard.ru/

Web server:
nginx/1.9.9

atlasplayer.ru

audiovk.ru

checkfile.ru

coolverter.ru

dicter.ru

filetonet.com

installtraffic.com

internetdownloader.ru

kilotorrent.com

lovimusic.ru

loviotvet.ru

lovivideo.ru

lovivk.com

lovivkontakte.ru

mediafixer.ru

musicvk.com

onlineradioplayer.ru

pdfjpg.ru

pdfmaster.ru

pdfsign.ru

radiocent.ru

screencapture.ru

skachattorrent.ru

torrentplayer.ru

traytorrent.ru

trinixi.com

winarc.ru

windowscleaner.ru

windowscodecs.ru

windowsdefrag.ru

30 of 34 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.