home

install.hidefinstall.com

Corp New Ventures Services

Domain Information

The domain install.hidefinstall.com registered by Corp New Ventures Services was initially registered in July of 2014 through BARONOFDOMAINS.COM LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Road Town, British Virgin Islands within VG which resides on the Confluence Networks Inc network.
Registrar:
BARONOFDOMAINS.COM LLC

Server location:
British Virgin Islands, VG (VG)

Create date:
Monday, July 14, 2014

Expires date:
Thursday, July 14, 2016

Updated date:
Tuesday, September 22, 2015

ASN:
AS40034 CONFLUENCE-NETWORK-INC - Confluence Networks Inc,VG

Root domain:
hidefinstall.com

Whois:
2 hidefinstall.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.FUSIONINSTALLER.F, PUP.Air Software.AirSoftware.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M)
100.00%

VIPRE Antivirus
Threat.4150696, AirInstaller
40.00%

MicroWorld eScan
Gen:Variant.Application.Bundler.OptimumInstaller.1, Gen:Variant.Application.Bundler.AirInstaller.4
40.00%

Malwarebytes
PUP.Optional.OptimumInstaller.A, PUP.Optional.AirInstaller
40.00%

NANO AntiVirus
Trojan.Win32.Zusy.cyhpmk, Riskware.Win32.Downware.cwfgel
40.00%

avast!
Win32:Adware-gen [Adw], Win32:Installer-L [PUP]
40.00%

Kaspersky
not-a-virus:AdWare.Win32.iBryte, not-a-virus:WebToolbar.Win32.Agent
40.00%

Bitdefender
Gen:Variant.Application.Bundler.OptimumInstaller.1, Gen:Variant.Application.Bundler.AirInstaller.4
40.00%

Agnitum Outpost
PUA.Agent, PUA.Toolbar.Agent
40.00%

Comodo Security
Application.Win32.iBryte.WRP, Application.Win32.AirAdInstaller.A
40.00%

Sophos
iBryte Optimum Installer, AirInstaller
40.00%

G Data
Gen:Variant.Application.Bundler.OptimumInstaller, Win32.Adware.Airadinstaller
40.00%

Panda Antivirus
PUP/iBryte, Adware/AirInstaller
40.00%

Rising Antivirus
PE:Malware.iBryte!6.197B, PE:PUF.Airinstall!1.9C4C
40.00%

AVG
Adware AdPlugin.QR, Generic_r
40.00%

The domain install.hidefinstall.com has been seen to resolve to the following 3 IP addresses.

208.91.197.46
August 10, 2016

204.11.56.48
February 24, 2016

204.11.56.26
October 9, 2014

File downloads found at URLs served by install.hidefinstall.com.

1 / 68      (Adware)
http://install.hidefinstall.com/get/click/.../?filename=Setup  (setup.exe)

1 / 68      (Adware)
http://install.hidefinstall.com/get/click/.../?filename=Setup  (setup.exe)

1 / 68      (Adware)
http://install.hidefinstall.com/get/click/.../?filename=Setup  (setup.exe)

34 / 68    (Adware)
http://install.hidefinstall.com/get/click/.../?filename=Setup  (setup.exe)

33 / 68    (Adware)
http://install.hidefinstall.com/get/click/.../?filename=Setup  (setup.exe)

The following 2 files have been seen to comunicate with install.hidefinstall.com in live environments.

TCP » 204.11.56.48:80
chrome.crx

TCP » 204.11.56.48:80
chrome.crx

URL:
http://install.hidefinstall.com/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.