fileforever.net

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain fileforever.net is registered by proxy through NAME.COM, INC. and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Gosport, England within United Kingdom which resides on the RIPE Network Coordination Centre network.
Remove Malware from fileforever.net - Powered by Reason Core Security
Registrar:
NAME.COM, INC.

Server location:
England, United Kingdom (GB)

Create date:
Wednesday, October 23, 2013

Expires date:
Friday, October 23, 2015

Updated date:
Friday, November 29, 2013

ASN:
AS35662 REDSTATION Redstation Limited,GB

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SomotoIsrael.b, PUP.SomotoIsrael.h, PUP.SomotoIsrael.c, PUP.SomotoIsrael.EE, PUP.Installer.SomotoIsrael.CC, PUP.SomotoIsrael.AA, PUP.SomotoLimited.Z, PUP.SomotoLimited.FF, PUP.SomotoLimited.AA, PUP.Somoto.DD
100.00%

Clam AntiVirus
Trojan.Agent-267630, Win.Adware.Somoto
78.26%

VIPRE Antivirus
Trojan.Win32.Generic, BetterInstaller, Threat.4150696
73.91%

ESET NOD32
Win32/Somoto
65.22%

Malwarebytes
PUP.Optional.Somoto.A
56.52%

K7 Gateway Antivirus
Unwanted-Program , Trojan
56.52%

Sophos
Somoto BetterInstaller, Generic PUA HO, Generic PUA KO
56.52%

Dr.Web
Trojan.MulDrop4.11744, Trojan.Packed.27732
56.52%

Panda Antivirus
PUP/MultiToolbar.A, Adware/MultiToolbar, Trj/OCJ.F, Trj/Genetic.gen, Trj/Chgt.A, Trj/CI.A
52.17%

Kaspersky
not-a-virus:AdWare.Win32.Agent
52.17%

MicroWorld eScan
Application.Bundler.Somoto.G, Application.Bundler.Somoto.J
47.83%

Bitdefender
Application.Bundler.Somoto.G, Application.Bundler.Somoto.J
47.83%

Lavasoft Ad-Aware
Application.Bundler.Somoto.G, Application.Bundler.Somoto.J
47.83%

F-Secure
Application.Bundler.Somoto, Application.Bundler.Somoto.J
47.83%

K7 AntiVirus
Unwanted-Program , Trojan
43.48%

The domain fileforever.net has been seen to resolve to the following 3 IP addresses.

redstation.com
October 20, 2014

h31-3-225-10.host.redstation.co.uk
June 20, 2014

redstation.com
February 27, 2014

File downloads found at URLs served by fileforever.net.

26 / 68    (Adware)
http://fileforever.net/.../That_downloader-IerWts4LX.exe  (947ff95a0dfb345d3cbf349564f70281)

1 / 68      (Adware)

23 / 68    (Adware)
http://fileforever.net/.../Videos_downloader-7eG9PIxD.exe  (54971aa606631bbe7836bce756f50218)

20 / 68    (Adware)

24 / 68    (Adware)

21 / 68    (Adware)

16 / 68    (Adware)

1 / 68      (Adware)
http://fileforever.net/.../2222_downloader-I5estHGbT.exe  (74b02b049b4f5f46daa1225490d8562f)

23 / 68    (Adware)
http://fileforever.net/.../user_downloader-0BrZROd8.exe  (a0875bfd2d21ebd9372642f90c304bf0)

23 / 68    (Adware)

11 / 68    (Adware)

11 / 68    (Adware)

12 / 68    (Adware)
http://fileforever.net/.../IDM_downloader-cBUHrDEX.exe  (d4d70b20d9a7b5e81b4cead7796c16c4)

5 / 68      (Adware)

10 / 68    (Adware)

22 / 68    (Adware)
http://fileforever.net/.../?????????????????????????????????????_downloader-4PJObs2Y.exe  (الحكمةفيالدعوةإلىاللهتعالىتعريفوتطبيق_downloader-4pjobs2y.exe)

15 / 68    (Adware)
http://fileforever.net/.../Arabic_downloader-3eCsashX.exe  (1f848797bad140e00daf0cd5af724dec)

15 / 68    (Adware)

19 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

15 / 68    (Adware)

1 / 68      (Adware)

URL:
http://fileforever.net/

Google Analytics:
UA-51106521

Title:
“FileForever > Fast , Safe And Keep Files Forever”

Description:
“FileForever - Free file upload service”

Web server:
Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4

Facebook:
Likes:  110
Shares:  86
Comments:  50

Twitter:
Shares:  3

Statistics above are for the previous month of November 2016.

Remove Malware from fileforever.net - Powered by Reason Core Security