home

file.org

File.org

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pittsburgh, Pennsylvania within the United States which resides on the pair Networks network.
Registrar:
eNom, Inc.

Server location:
Pennsylvania, United States (US)

ASN:
AS7859 PAIR-NETWORKS - pair Networks

Whois:
4 file.org records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Fileorg.T, PUP.Installer.Fileorg.X, PUP.Installer.Fileorg.W, PUP.installCore.Fileorg.Installer (M), PUP.installCore.MaxSetup.Installer (M), PUP.TrustedS.Bundler (M), PUP.installCore.KawagaSo.Installer (M), PUP.Covus.Freemium.Bundler (M), PUP.Air Software.Download.Bundler (M), PUP.installCore.KawagaSo (M), PUP.InstallCore.RES (M), PUP (M), PUP.Air Software (M), PUP.installCore (M), PUP.Vittalia (M), PUP.DownloadAssistant.Bundler (M)
97.96%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/InstallCore.Gen7
10.20%

Dr.Web
Adware.Downware.4757, Trojan.InstallCore.24, Trojan.InstallCore.1479, Adware.InstallCore.133, Trojan.InstallCore.1479, Adware.InstallCore.122
10.20%

ESET NOD32
Win32/InstallCore.PC, Win32/InstallCore.PR (variant), Win32/InstallCore.QF (variant), Win32/InstallCore.BL
8.16%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, InstallCore.b
8.16%

K7 AntiVirus
Trojan , Unwanted-Program
8.16%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
8.16%

ESET NOD32
Win32/InstallCore.QF potentially unwanted application, Win32/InstallCore.BX potentially unwanted application, Win32/InstallCore.BY potentially unwanted application
8.16%

herdProtect (fuzzy)
a variant of 36e9d2ccdd9d371bac59be2e2e19e9f0f1386724, a variant of 7557d0efa8db124532e72b798eb5f670186b08d9
4.08%

McAfee
Artemis!9552988A6E38, Artemis!C686D29ECBEA
4.08%

AhnLab V3 Security
PUP/Win32.Downloader
4.08%

F-Prot
W32/InstallCore.R2.gen, W32/InstallCore.R.gen
4.08%

Vba32 AntiVirus
Downware.InstallCore
2.04%

Fortinet FortiGate
Riskware/InstallCore
2.04%

Qihoo 360 Security
Win32/Virus.Adware.f22
2.04%

The domain file.org has been seen to resolve to the following IP address.

66.39.64.146
file.org
January 4, 2014

File downloads found at URLs served by file.org.

1 / 68      (Adware)
http://file.org/.../dl.php?fid=22256851&p=None&a=upd&v=20130408  (AdobeAIRSetup-22256851.exe)

3 / 68      (PUP)
http://file.org/.../dl.php?fid=10585460&p=pmfsb  (openofficebasesetup-10585460-pmfsb.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=22796854&p=pmoiafgsf&a=upd&v=20140521  (AdobeReaderSetup-22796854.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?fid=9135178&p=pmfsb&a=upd&v=20130408  (divxconvertersetup-9135178.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=24914853&p=None&a=upd&v=20120228  (GoogleChromeSetup-24914853.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=25594491&p=pmfsb&a=upd&v=20130408  (ccleanersetup-25594491.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=20958618&p=tfsb&a=upd&v=20130408  (WinRARSetup-20958618.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?pid=149  (openofficewritersetup-10585466-tfsb.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=15080275&p=tfsb&a=upd&v=20121006  (adobeflashplayerpluginsetup-15080275-tfsb.exe)

1 / 68      (Adware)
http://file.org/.../rc2.html?r=760x300  (regcleanpro.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=1419208  (systoolsemlviewersetup-22187970.exe)

1 / 68      (PUP)
http://file.org/.../dl-ai.php?fid=14333767&p=vffsb&a=upd&v=20140325  (RealPlayerSetup-14333767.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=25037756&p=vffsb&a=upd&v=20140325  (SkypeSetup-25037756.exe)

12 / 68    (PUP)
http://file.org/.../dl.php?fid=3942361&p=None  (bullzippdfprintersetup-3942361-none.exe)

0 / 68
http://file.org/.../dl.php?pid=802  (vlcmediaplayersetup.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=96680  (kmplayersetup-21239551.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=24470958&p=pmoiafgsf&a=upd&v=20130408  (AdobeFlashPlayerActiveXSetup-24470958.exe)

4 / 68      (PUP)
http://file.org/.../dl.php?fid=18163618&p=vffsb&a=upd&v=20140506  (softwareupdatesetup.exe)

8 / 68      (PUP)
http://file.org/.../dl.php?fid=20588997&p=vffsb&a=upd&v=20140506  (googlechromeupdatesetup.exe)

10 / 68    (PUP)
http://file.org/.../dl.php?fid=21250564&p=None&a=upd&v=20140506  (adobereaderupdatesetup.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=24906876&p=pmfsb&a=upd&v=20140325  (AdobeFlashPlayerActiveXSetup-24906876.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=1061  (microsoftpowerpointviewersetup-22271-vffsb.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?fid=17957533&p=vffsb&a=upd&v=20121006  (adobeairsetup.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?pid=997467  (snappeasetup-2407728-pmfsb.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=22614800&p=pmfsb&a=upd&v=20130408  (FirefoxSetup-22614800.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=14089539&p=None&a=upd  (adobeairsetup-14089539-none.exe)

1 / 68      (Adware)
http://file.org/.../dl-ai.php?fid=24906911&p=zbsb&a=upd&v=20141202  (AdobeAIRSetup-24906911.exe)

4 / 68      (Adware)
http://file.org/.../dl.php?fid=10585460&p=None&a=upd  (openofficebasesetup-10585460-none.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=10585466&p=None&a=upd  (openofficewritersetup-10585466-none.exe)

1 / 68      (PUP)
http://file.org/.../dl.php?pid=1354  (winzipsetup-23297250.exe)

 
Latest 30 of 657 download URLs

The following 16 files have been seen to comunicate with file.org in live environments.

TCP » 66.39.64.146:80
unins000.exe

TCP » 66.39.64.146:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 66.39.64.146:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.39.64.146:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.39.64.146:80
tsassist.exe (The File Type Assistant by Trusted Software ApS)

TCP » 66.39.64.146:80
tsassist.exe (The File Type Assistant by FTA ApS)

TCP » 66.39.64.146:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 66.39.64.146:80
UCBrowser.exe (by UCWeb)

TCP » 66.39.64.146:80
tsassist.exe (The File Type Assistant by FTA ApS)

TCP » 66.39.64.146:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 66.39.64.146:80
adobeflashplayeractivexupdatesetup.exe (Adobe Flash Player ActiveX by Download Assistant)

TCP » 66.39.64.146:80
adobeairsetup.exe (File.org download accelerator by Trusted Software)

TCP » 66.39.64.146:80
tsassist.exe (The File Type Assistant by Trusted Software ApS)

TCP » 66.39.64.146:80
tsassist.exe (The File Type Assistant by Trusted Software ApS)

TCP » 66.39.64.146:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 66.39.64.146:80
tsassist.exe (The File Type Assistant by Trusted Software ApS)

February 6, 2014
cdn1.file.org

May 1, 2014
dl01eu.file.org

February 6, 2014
dl01us.file.org

September 3, 2014
dl03us.file.org

URL:
http://file.org/

Google Analytics:
UA-20040237

Title:
“File.org - We help you open your files!”

Web server:
Apache/2.2.31

Facebook:
Likes:  1,918
Shares:  190
Comments:  67

Statistics above are for the previous month of March 2024.

filetypeinfo.com

trustedsoftware.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.