fileforever.net

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain fileforever.net is registered by proxy through ENOM, INC. and was originally registered in October of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Gosport, England within United Kingdom which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
England, United Kingdom (GB)

Create date:
Wednesday, October 23, 2013

Expires date:
Tuesday, October 23, 2018

Updated date:
Monday, August 17, 2015

ASN:
AS35662 REDSTATION Redstation Limited,GB

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SomotoIsrael.b, PUP.SomotoIsrael.h, PUP.SomotoIsrael.c, PUP.SomotoIsrael.EE, PUP.Installer.SomotoIsrael.CC, PUP.SomotoIsrael.AA, PUP.SomotoLimited.Z, PUP.SomotoLimited.FF, PUP.SomotoLimited.AA, PUP.Somoto.DD, PUP.Somoto.Bundler (M), PUP.Somoto.SomotoIs.Bundler (M), Adware.Somoto.SomotoIs.Bundler.Meta (M)
100.00%

Clam AntiVirus
Trojan.Agent-267630, Win.Adware.Somoto
60.00%

VIPRE Antivirus
Trojan.Win32.Generic, BetterInstaller, Threat.4150696
56.67%

ESET NOD32
Win32/Somoto
50.00%

Malwarebytes
PUP.Optional.Somoto.A
43.33%

K7 Gateway Antivirus
Unwanted-Program , Trojan
43.33%

Sophos
Somoto BetterInstaller, Generic PUA HO, Generic PUA KO
43.33%

Dr.Web
Trojan.MulDrop4.11744, Trojan.Packed.27732
43.33%

Panda Antivirus
PUP/MultiToolbar.A, Adware/MultiToolbar, Trj/OCJ.F, Trj/Genetic.gen, Trj/Chgt.A, Trj/CI.A
40.00%

Kaspersky
not-a-virus:AdWare.Win32.Agent
40.00%

MicroWorld eScan
Application.Bundler.Somoto.G, Application.Bundler.Somoto.J
36.67%

Bitdefender
Application.Bundler.Somoto.G, Application.Bundler.Somoto.J
36.67%

Lavasoft Ad-Aware
Application.Bundler.Somoto.G, Application.Bundler.Somoto.J
36.67%

F-Secure
Application.Bundler.Somoto, Application.Bundler.Somoto.J
36.67%

K7 AntiVirus
Unwanted-Program , Trojan
33.33%

The domain fileforever.net has been seen to resolve to the following 4 IP addresses.

April 11, 2016

redstation.com
October 20, 2014

h31-3-225-10.host.redstation.co.uk
June 20, 2014

redstation.com
February 27, 2014

File downloads found at URLs served by fileforever.net.

1 / 68      (Adware)

1 / 68      (Adware)
http://fileforever.net/.../Alb_downloader-fCM5zgvn.exe  (cheatengine63_downloader-9dela7sm.exe)

1 / 68      (Adware)
http://fileforever.net/.../Alb_downloader-fCM5zgvn.exe  (872a085f5f64af9daab5f5d55526391d)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

26 / 68    (Adware)
http://fileforever.net/.../That_downloader-IerWts4LX.exe  (947ff95a0dfb345d3cbf349564f70281)

1 / 68      (Adware)

23 / 68    (Adware)
http://fileforever.net/.../Videos_downloader-7eG9PIxD.exe  (54971aa606631bbe7836bce756f50218)

20 / 68    (Adware)

24 / 68    (Adware)

21 / 68    (Adware)

16 / 68    (Adware)

1 / 68      (Adware)
http://fileforever.net/.../2222_downloader-I5estHGbT.exe  (74b02b049b4f5f46daa1225490d8562f)

23 / 68    (Adware)
http://fileforever.net/.../user_downloader-0BrZROd8.exe  (a0875bfd2d21ebd9372642f90c304bf0)

23 / 68    (Adware)

11 / 68    (Adware)

11 / 68    (Adware)

12 / 68    (Adware)
http://fileforever.net/.../IDM_downloader-cBUHrDEX.exe  (d4d70b20d9a7b5e81b4cead7796c16c4)

5 / 68      (Adware)

10 / 68    (Adware)

22 / 68    (Adware)
http://fileforever.net/.../?????????????????????????????????????_downloader-4PJObs2Y.exe  (الحكمةفيالدعوةإلىاللهتعالىتعريفوتطبيق_downloader-4pjobs2y.exe)

15 / 68    (Adware)
http://fileforever.net/.../Arabic_downloader-3eCsashX.exe  (1f848797bad140e00daf0cd5af724dec)

15 / 68    (Adware)

19 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

15 / 68    (Adware)

1 / 68      (Adware)

 
Latest 30 of 30 download URLs

URL:
http://fileforever.net/

Title:
“Manga Time | Raw Manga Download And Information”

Web server:
cloudflare-nginx