file.org

File.org

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pittsburgh, Pennsylvania within the United States which resides on the pair Networks network.
Remove Malware from file.org - Powered by Reason Core Security
Registrar:
eNom, Inc.

Server location:
Pennsylvania, United States (US)

ASN:
AS7859 PAIR-NETWORKS - pair Networks

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InstallX.S, PUP.Installer.TrustedSoftwareAps.T, PUP.Installer.TrustedSoftwareAps.m, PUP.Optional.Installer.T, PUP.Installer.TrustedSoftwareAps.FF, PUP.TrustedSoftwareAps.Bundler (M), PUP.Air Software.DownloadAssistant.Bundler (M), PUP.installCore.Fileorg.Installer (M), PUP.TrustedSoftware.Bundler (M), PUP.installCore.KawagaSoft.Installer (M)
91.30%

Dr.Web
Adware.W3i.32, Trojan.Packed.25266, Trojan.MulDrop5.10078, Adware.InstallCore.119, Adware.Downware.4757, Adware.W3i.25, Trojan.InstallCore.24
58.70%

VIPRE Antivirus
InstallIQ Installer, Threat.5063361, Adware.Win32.InstallCore.ba, Threat.4837543, ADWARE.InstallCore.Gen9, Trojan.Win32.Generic, Threat.4788237
50.00%

Avira AntiVirus
Adware/InstallIQ.B.5, ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen9, APPL/InstallIQ.Gen5, Adware/InstallCore.723280, Adware/InstallCo.AK
47.83%

Sophos
InstallQ, Install Core Click run software, Install Core (PUA), PUA 'Install Core'
43.48%

ESET NOD32
Win32/InstallIQ (variant), Win32/Bundled.Toolbar.Ask (variant), Win32/InstallCore.JE.gen (variant), Win32/InstallCore.BL
43.48%

K7 AntiVirus
Riskware, Unwanted-Program , Trojan
36.96%

K7 Gateway Antivirus
Riskware, Unwanted-Program , Trojan
36.96%

McAfee
Artemis!01D43CE950BA, Program.Artemis!8078D66F4655, Artemis!371968CC1AE0, Artemis!E88AA19D5C33, Artemis!5978C4EE1D54, Artemis!B6CEDF4EBB1D, Artemis!22C089AD548A, Artemis!1EA775EABF78, Artemis!E6CFA29C13F4, Artemis!1136A7BBF562, Artemis!E3E9A3D693F6, Artemis!9B2C8B265F4E, Artemis!CBED2DC14704
32.61%

McAfee Web Gateway
Artemis!01D43CE950BA, Artemis!371968CC1AE0, Artemis!E88AA19D5C33, Artemis!5978C4EE1D54, Artemis!B6CEDF4EBB1D, BehavesLike.Win32.CryptInno.bc
30.43%

Trend Micro House Call
TROJ_GEN.F47V0727, TROJ_GEN.F47V0303, TROJ_GEN.F47V0319, TROJ_GEN.F47V0626, TROJ_GEN.F47V0205, Suspicious_GEN.F47V0623, Suspicious_GEN.F47V0808
28.26%

Comodo Security
Application.Win32.InstallIQ.B, UnclassifiedMalware, Application.Win32.InstallCore.BWAN, ApplicUnwnt, Application.Win32.Installcore.PC
26.09%

Fortinet FortiGate
Adware/Fam.NB, Riskware/InstallCore_JE, W32/FirseriaInstaller.A, W32/InstallCore.BL, W32/InstallCore.CC
26.09%

F-Prot
W32/InstallCore.R2.gen, W32/InstallCore.R3.gen, W32/InstallCore.R4.gen, W32/A-dbe1ec51, W32/InstallCore.R.gen
26.09%

Malwarebytes
PUP.Optional.InstallIQ, PUP.Optional.TSA, PUP.Optional.InstallCore.A, PUP.Optional.Installcore, PUP.Optional.DownloadAssistant
23.91%

The domain file.org has been seen to resolve to the following IP address.

file.org
January 4, 2014

File downloads found at URLs served by file.org.

1 / 68      (Adware)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=8631360&p=zbsb  (adobereadersetup-8631360-zbsb.exe)

8 / 68      (Adware)

19 / 68    (PUP)

2 / 68      (inconclusive)
http://file.org/.../dl.php?fid=983357&a=upd  (SetupImgBurn_2.5.7.0.exe)

13 / 68    (PUP)
http://file.org/.../dl.php?fid=19264053&p=None&a=upd&v=20120228  (adobeshockwaveplayersetup-19264053-none.exe)

14 / 68    (PUP)

10 / 68    (PUP)

1 / 68      (Adware)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=10123328&p=pmfsb  (skypesetup-10123328-pmfsb.exe)

1 / 68      (Adware)

0 / 68
http://file.org/.../dl.php?pid=882  (thunderbirdsetup-23458942.exe)

0 / 68
http://file.org/.../dl.php?pid=1354  (winzipsetup-23297250.exe)

0 / 68
http://file.org/.../dl.php?pid=1016  (mediaplayerclassic-homecinemasetup-12208686.exe)

0 / 68
http://file.org/.../dl.php?pid=853  (7-zipsetup-1662.exe)

24 / 68    (Adware)
http://file.org/.../dl-ai.php?fid=22796401&p=None&a=upd&v=20120913  (AdobeFlashPlayerActiveXSetup-22796401.exe)

4 / 68      (PUP)

15 / 68    (PUP)
http://file.org/.../dl.php?fid=10585460&p=vffsb  (openofficebasesetup-10585460-vffsb.exe)

7 / 68      (PUP)
http://file.org/.../dl.php?fid=3232884&p=vffsb  (amazonkindlesetup-3232884-vffsb.exe)

12 / 68    (PUP)
http://file.org/.../dl.php?fid=7290941&p=None  (icloudsetup-7290941-none.exe)

12 / 68    (PUP)

1 / 68      (Adware)

1 / 68      (PUP)
http://file.org/.../dl.php?fid=17958509&p=vffsb&a=upd&v=20121006  (adobeflashplayeractivexsetup-17958509-vffsb.exe)

1 / 68      (Adware)
http://file.org/.../dl.php?fid=14090455&p=tfsb&a=upd  (adobeshockwaveplayersetup-14090455-tfsb.exe)

6 / 68      (PUP)
http://file.org/.../dl.php?fid=10714825&p=None  (vlcmediaplayersetup-10714825-none.exe)

15 / 68    (PUP)
http://file.org/.../dl.php?fid=11727605&p=None&a=upd  (adobereadersetup-11727605-none.exe)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (Adware)

1 / 68      (Adware)

 
Latest 30 of 412 download URLs

The following 2 files have been seen to comunicate with file.org in live environments.

February 6, 2014

May 1, 2014

February 6, 2014

September 3, 2014

URL:
http://file.org/

Google Analytics:
UA-20040237

Title:
“File.org - We help you open your files!”

Web server:
Apache/2.2.31

Facebook:
Likes:  1,924
Shares:  190
Comments:  67

Statistics above are for the previous month of November 2016.

Remove Malware from file.org - Powered by Reason Core Security