cntb.express-files.com

Faglaro Enterprises Limited

Domain Information

The domain cntb.express-files.com registered by Faglaro Enterprises Limited was initially registered in December of 2011 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Denver, Colorado within the United States which resides on the FDCservers.net network.
Remove Malware from cntb.express-files.com - Powered by Reason Core Security
Registrar:
INTERNET.BS CORP.

Server location:
Colorado, United States (US)

Create date:
Tuesday, December 06, 2011

Expires date:
Sunday, December 06, 2015

Updated date:
Thursday, November 20, 2014

ASN:
AS30058 FDCSERVERS - FDCservers.net

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ViaAdvertisingGroupLimited.Q, PUP.Installer.FaglaroEnterprisesLimited.j, PUP.Installer.FaglaroEnterprisesLimited.AA, PUP.Installer.FaglaroEnterprisesLimited.Q
93.75%

VIPRE Antivirus
Via Advertising, ExpressFiles Installer, Threat.4783941
87.50%

ESET NOD32
Win32/YourFileDownloader (variant), Win32/ExpressFiles (variant)
81.25%

Trend Micro House Call
TROJ_SPNR.28I112, TROJ_GEN.F47V0820, TROJ_GEN.F47V0928, TROJ_GEN.FCBHZKN, TROJ_GEN.F47V0109, HV_ZYX_BL1329AD.TOMC, TROJ_GEN.F47V0808, HV_ZYX_BK08341C.TOMC
62.50%

Dr.Web
Tool.DownLoader.42, Adware.Downware.747
50.00%

McAfee Web Gateway
Artemis!F12E0521859D, Artemis!332D3639F52B, Artemis!F8C9E52C9818, Artemis!293972EFFDD5, Artemis!3637553529E0, BehavesLike.Win32.Downloader.tc
50.00%

G Data
Win32.Application.ExpressFiles
50.00%

McAfee
Artemis!F12E0521859D, Artemis!332D3639F52B, Artemis!F8C9E52C9818, Artemis!293972EFFDD5, Artemis!3637553529E0
43.75%

avast!
Win32:Downloader-UGW [PUP], Win32:Expressfiles-A [PUP], Win32:PUP-gen [PUP]
37.50%

Emsisoft Anti-Malware
Riskware.Win32.ExpressFiles, Trojan.Win32.ExpressFiles.AMN, Trojan.Win32.Buzus!IK
37.50%

MicroWorld eScan
Win32/ExpressFiles
25.00%

Agnitum Outpost
Riskware.ExpressFiles
25.00%

K7 Gateway Antivirus
Unwanted-Program , Unwanted-File
12.50%

F-Prot
W32/Backdoor2.HMVS, W32/A-464331fe
12.50%

IKARUS anti.virus
AdWare.Win32.ExpressFiles, Trojan.Win32.Buzus
12.50%

The domain cntb.express-files.com has been seen to resolve to the following IP address.

February 6, 2014

File downloads found at URLs served by cntb.express-files.com.

4 / 68      (Adware)

6 / 68      (PUP)

9 / 68      (Adware)
http://cntb.express-files.com/.../  (loquillo_-_la_nave_de_los_locos__downloader_128.exe)

12 / 68    (Adware)

5 / 68      (Adware)

5 / 68      (Adware)
http://cntb.express-files.com/j5GBRWfRpBBO27hMb56lMDON5nMr9e9zL/.../NVmBKOcOVG5hDsX4clbHOQ=  (intouchables.2011.french.dvdrip.xvid-bloodymary.avi_downloader_98828.exe)

4 / 68      (Adware)
http://cntb.express-files.com/?wmid=001&q= creamy mami ova long goodbay&subwmid=98803b&ca=1b3102d03ffbd99b89460e9ac6a8d662  (brotherhood_dvdrip_(taegukgi_hwinalrimyeo)_-_with_english_subtitles_torrent_downloader_98803b.exe)

9 / 68      (Adware)
http://cntb.express-files.com/.../KdgIgh2QSIsk5Tns=  (loquillo_-_la_nave_de_los_locos__downloader_128.exe)

5 / 68      (Adware)
http://cntb.express-files.com/j5GMWXbfvFhu1a9Tb8v/.../KUEVvGjRgL1c5bA900RQbcNFE1nWAfe8Q9TmyLZOE5kXzjbzkhs2Q8  (intouchables.2011.french.dvdrip.xvid-bloodymary.avi_downloader_98828.exe)

5 / 68      (Adware)
http://cntb.express-files.com/j5GnVGPDoF8t2eZNb876OWfM8zNh/.../bqdi382Wo4u4g Ru3ZaxfynipIr5wKSuHHUgU=  (earl_klugh_discography_[lossless_mp3]_(1978-2011)_downloader_128.exe)

4 / 68      (Adware)

6 / 68      (Adware)

URL:
http://cntb.express-files.com/

Title:
“Express Files”

Web server:
nginx/1.2.1 (PHP/5.4.4-14+deb7u10)

Remove Malware from cntb.express-files.com - Powered by Reason Core Security