The domain 4threquest.me is registered by proxy through eNom Inc R32-ME (48) and was originally registered in September of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beauharnois, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrant:
WhoisGuard, Inc.
Registrar:
eNom Inc R32-ME (48)
Server location:
Quebec, Canada (CA)
Create date:
Tuesday, September 2, 2014
Expires date:
Friday, September 2, 2016
Updated date:
Friday, January 29, 2016
ASN:
AS16276 OVH OVH SAS,FR
Scanner detections:
Detections (94% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Ma Lin, PUP.Installer.Yontoo, Threat.Ma Lin.ShulanHou, (M), PUP.Ma Lin.ShulanHou (M), PUP.Liyan Liu.LiMo (M), PUP.ZhuoLi.Installer (M), PUP.ELEX.LiMo (M), PUP.Yontoo.SearchVortex.Installer (M), PUP.AdPeak.CNBTECHNOLOGIES.Installer (M), PUP.ELEX.YuxinWANG (M), PUP.ELEX.ShulanHou (M), PUP.Gencolabs.Installer (M), PUP.Adload.DEVSTATI.Installer (M), PUP.Gencolab.Installer (M), PUP.Adload (M)
77.08%
Dr.Web
Adware.Mutabaha.220, Trojan.Yontoo.1734, Trojan.Amonetize.3133, Adware.Mutabaha.508, Win32.Runonce.6652, Trojan.Amonetize.2697, Trojan.DownLoader14.20526
33.33%
Emsisoft Anti-Malware
Adware.BrowseFox.BJ, Trojan.GenericKD.2405264, Win32.Parite
20.83%
ESET NOD32
Win64/BrowseFox.BF potentially unwanted application, Win32/Parite.B virus, NSIS/TrojanDownloader.Adload.AU trojan
20.83%
Microsoft Security Essentials
Threat.Undefined, SoftwareBundler:Win32/Fourthrem
18.75%
Malwarebytes
PUP.Optional.MyStartSearch.A, PUP.Optional.ELEX, PUP.Optional.IStartSurf.A, PUP.Optional.Amonentize.A, PUP.Optional.IStartSurf.ShrtCln
14.58%
AVG
Potentially harmful program Downloader, BrowseFox, Generic, Win32/Parite, Downloader.NSIS
14.58%
Kaspersky
Trojan-Downloader.Win32.Genome, Virus.Win32.Parite, not-a-virus:AdWare.NSIS.Agent
14.58%
ESET NOD32
Win32/ELEX.CF potentially unwanted (variant), Win32/LiMo.C potentially unwanted (variant), Win32/ELEX.CL potentially unwanted (variant)
12.50%
Baidu Antivirus
Adware.Win32.ELEX, Adware.Win64.BrowseFox, PUA.Win32.LiMo, Adware.Win32.Genome
10.42%
avast!
BrowseFox-ID [PUP], Win32:Oncer, NSIS:Downloader-ACE [PUP], Win32:Parite
10.42%
Sophos
PUA 'Elex' (of type Adware), Generic PUA NG
8.33%
herdProtect (fuzzy)
a variant of 5f1f3668a8796b509ccd3c151334f6f7aca87903, a variant of 72e1175e0ed30b183a734c6dafc1964aeaa219c2, a variant of 556cff5372f1ecbd7d3cbbf6c480c8375e8f5855
8.33%
VIPRE Antivirus
Threat.4150696, Threat.219451, Amonetize, Threat.4785227
8.33%
McAfee
Artemis!BF0F7C8B9585, Virus.Artemis!2C6846F4FC53, Trojan.Artemis!36C2C181EA60, Trojan.Artemis!20073B8EBE3C
8.33%
The domain 4threquest.me has been seen to resolve to the following IP address.
File downloads found at URLs served by 4threquest.me.
Subdomains
Related Domains