home

files.yourfiledownloader.com

Via Advertising Group Limited

Domain Information

The domain files.yourfiledownloader.com registered by Whois Privacy Corp. was initially registered in April of 2012 through INTERNET.BS CORP.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Belfast, Northern Ireland within United Kingdom which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Via Advertising Group Limited who is located in Nicosia, CY.
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Northern Ireland, United Kingdom (GB)

Create date:
Thursday, April 26, 2012

Expires date:
Tuesday, April 26, 2016

Updated date:
Sunday, December 13, 2015

Root domain:
yourfiledownloader.com

Whois:
5 yourfiledownloader.com records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ViaAdvertisingGroupLimited.R, PUP.ViaAdvertisingGroupLimited.Q, PUP.ViaAdvertisingGroupLimited.J, PUP.ViaAdvertisingGroupLimited.i, PUP.ViaAdvertisingGroupLimited.p, PUP.Via Advertising.ViaAdvertisingGroup.Bundler (M), Threat.Win.Reputation.IMP
93.33%

Dr.Web
Tool.DownLoader.45, Tool.DownLoader.42
73.33%

VIPRE Antivirus
Via Advertising
73.33%

ESET NOD32
Win32/YourFileDownloader (variant)
73.33%

avast!
Win32:Downloader-UGW [PUP], Win32:PUP-gen [PUP]
66.67%

F-Prot
W32/Backdoor2.HMWF, W32/HLLP.41472
60.00%

K7 AntiVirus
Backdoor , Trojan , Riskware
40.00%

AVG
Skodna.Generic_r, Dropper.Generic7
40.00%

Bkav FE
W32.Clod5b9.Trojan, W32.Cloda77.Trojan, W32.Clodcb5.Trojan, W32.Clodf08.Trojan
33.33%

Fortinet FortiGate
Riskware/YourFileDownloader, W32/SPNR.08LI12!tr, W32/SPNR.08K712!tr
33.33%

McAfee
Artemis!FDBDDCC11EAD, Artemis!D2137BF605E6, Artemis!2B686DAB4FFB, Artemis!DD96DEA8062C, Artemis!6137078A3132
33.33%

Sophos
Generic PUA PH, Mal/Generic-S, YourFile Downloader
33.33%

herdProtect (fuzzy)
a variant of 66ecef5d18187954844cab9910e489fc625ce9f1, a variant of 6ae646f071ba76f4ed474555fda9473e7b9215a6, a variant of eab622cff6a82a438196dcfeecf5445b85df2b57
26.67%

Emsisoft Anti-Malware
Adware.Generic.574535, Trojan.Win32.YourFileDownloader.AMN
26.67%

Trend Micro House Call
TROJ_GEN.F47V1217, TROJ_SPNR.08K712, TROJ_GEN.RCBH1JB
20.00%

The domain files.yourfiledownloader.com has been seen to resolve to the following 4 IP addresses.

54.72.130.67
ns1.ibspark.com
May 15, 2016

199.195.196.180
199.195.196.180.static.midphase.com
February 5, 2016

92.242.140.21
unallocated.barefruit.co.uk
May 3, 2015

50.7.28.2
February 1, 2014

File downloads found at URLs served by files.yourfiledownloader.com.

6 / 68      (Adware)
http://files.yourfiledownloader.com/?q=X Force&wmid=133&subwmid=133a&ca=b96f0fc82992696e3e922ad4694e4db3  (uninstall42116385.exe)

2 / 68      (Malware)
http://files.yourfiledownloader.com/?q=CPWD RATE ANALYSIS free download&wmid=881&subwmid=98818a&ca=05804fcb128c7943b09543eccf6be982  (cpwd_rate_analysis_free_download_downloader_98818a.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=far cry 1 crack.rar&wmid=000&subwmid=224a&ca=9273cb2d0c0fcea8988ad4b83e22ec7c  (uninstall2166375.exe)

11 / 68    (Adware)
http://files.yourfiledownloader.com/?q=internet and web design by ramesh bangia free download&wmid=881&subwmid=98818a&ca=9a78892ba7f7a721e8b322cc2f7e5f81  (huawei_k3765_-hv_android_downloader_98818a.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=mazda 323 astina repair manual english&wmid=000&subwmid=257a&ca=7892da2a370ad8d9c8f2cf0a289c25f6  (uninstall2166375.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=greenpoison rc9 untethered jailbreak for ios 5.0.1..rar&wmid=000&subwmid=224a&ca=0a7c67d0b12b86de6e976d74616dac78  (uninstall2166375.exe)

20 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Adobe Reader 10 1 0&wmid=987&subwmid=2447a&r=1&ca=a7490f4af8c5bdb29dd34c9069471115  (uninstall.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Thin Lizzy - The Boys Are Back In Town.mp3&wmid=000&subwmid=98842a&ca=751b75d12d12f663d973335344fa8d9d  (uninstall2166375.exe)

6 / 68      (Adware)
http://files.yourfiledownloader.com/?q=nec3 contract free&wmid=000&subwmid=352a&ca=26ec9e1d6895b908afbc2e4116e2d18c  (uninstall84633256.exe)

1 / 68      (Malware)
http://files.yourfiledownloader.com/?q=not angka lagu garuda di dadaku&wmid=000&subwmid=352a&ca=e6cb07f10aed3d2f502b8d80d1b1496f  (not_angka_lagu_garuda_di_dadaku_downloader_352a.exe)

1 / 68      (Adware)
http://files.yourfiledownloader.com/?j5GhRWvGrEkt0b1MZdb6MHrFuTJh660zJ/XsaW2liDcj NJhBKTUPwCnmD1dtZgHE /.../UPRF7xTwddJY7GijJJOAqyiKwYzB67mY=  (uninstall909844.exe)

14 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Final Draft 8 Response Code&wmid=133&subwmid=133a&ca=3390a85b7a9c9c4e0b25665eedf2b55e  (magic_vocal_remover_1.0.11_downloader_133a.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Ultimate Password Hacker 2011 serial.rar&wmid=000&subwmid=224a&ca=024a82812897fdcb06f1546fe4f1666f  (uninstall2166375.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=kumpulan lirik lagu dangdut koplo&wmid=000&subwmid=352a&ca=fd13a5fe896f0a5bc30a402504a9ebf3  (uninstall2166375.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=fatherfarm rar&wmid=000&subwmid=257a&ca=95c3d4576f71c5e6b4a1cd16a5a96b16  (uninstall2166375.exe)

6 / 68      (Adware)
http://files.yourfiledownloader.com/?q=The Karate Kid&wmid=000&subwmid=98828a&ca=2a3af495bb1a2de88a4f345cad322a40  (uninstall84633256.exe)

6 / 68      (Adware)
http://files.yourfiledownloader.com/?q=xvideo-mobile&wmid=000&subwmid=98834a&ca=d323be66642c33ba1ea25505d8e7b6c8  (uninstall84633256.exe)

4 / 68      (Adware)
http://files.yourfiledownloader.com/?q=All About Katy Perry - July 2011 (HQ PDF)&wmid=000&subwmid=142a&ca=8063755153bf9c0bd51a28deda07b1a2  ({bernardostamateas-gentetoxica1.1.epub}_downloader_411a.exe)

6 / 68      (Adware)
http://files.yourfiledownloader.com/?q=EJ.Technologies.Exe4j.v4.4.1.LiNUX.Incl.Keygen-FALLEN.rar&wmid=000&subwmid=98842a&ca=8063755153bf9c0bd51a28deda07b1a2  (uninstall84633256.exe)

9 / 68      (Adware)
http://files.yourfiledownloader.com/?q=Beyond Compare 3.3.1.13971 Portable&wmid=881&subwmid=98818a&ca=be6938509d6635840a2d38c28b4700ec  (canon_pixma_mp198_driver_free_downloader_98818a.exe)

1 / 68      (Adware)
http://files.yourfiledownloader.com/?q=todd-wilbur-top-secret-restaurant-recipes-2-pdf-free_2011&wmid=491&t=e&subwmid=98838e&ca=44349a286ce622c86714d68ba932a353  (yourfiledownloader_98838e.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Bruno Mars - Marry You&wmid=000&subwmid=401a&ca=30696052440fb8a2a6398e3746a98c77  (uninstall2166375.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=this is my father 1998&wmid=000&subwmid=98842a&ca=5dc8e169294886f952b2ac361fab9901  (uninstall2166375.exe)

6 / 68      (Adware)
http://files.yourfiledownloader.com/?q=megaman calamix power fighters&wmid=000&subwmid=98842a&ca=43212f088f69ca9baf494c261b39ec7d  (uninstall84633256.exe)

9 / 68      (Adware)
http://files.yourfiledownloader.com/?q=lo mejor de barrio music vol&wmid=881&subwmid=98818a&ca=f1d8fea146046656fd2512e48d2963a7  (canon_pixma_mp198_driver_free_downloader_98818a.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Drake - Take Care (album).zip&wmid=000&subwmid=400a&ca=f1d8fea146046656fd2512e48d2963a7  (uninstall2166375.exe)

12 / 68    (Adware)
http://files.yourfiledownloader.com/?q=Sinbad - Der Herr der sieben Meere&wmid=492&t=b&subwmid=98881b&ca=e1dc99b5fc65bb0a878a63cb1c1021e1  (uninstall18067489.exe)

4 / 68      (Adware)
http://files.yourfiledownloader.com/?q=chief architect x4 key&wmid=000&subwmid=224a&ca=197aaeafebc1fec74cb8c1f506df746a  ({bernardostamateas-gentetoxica1.1.epub}_downloader_411a.exe)

10 / 68    (Adware)
http://files.yourfiledownloader.com/?q=2011-hadu-ini&wmid=000&subwmid=190a&r=1&ca=2060d01db7bdd59a42d4dc9f06de4e7e  (uninstall2166375.exe)

24 / 68    (Adware)
http://files.yourfiledownloader.com/?j5GmVnaE/As20eZWetqwMGvX7Gx/.../X2fjG7hnh8pYtxVb2APxvg2mkMrMwHCK ABUWNkA8L18hdXs5iEgPcMUR0lDhMd8RsHXjBKOYszXOyYDEhsmYyfL04OEOkaw==  (yourfiledownloader.exe)

 
Latest 30 of 66 download URLs

The following 391 files have been seen to comunicate with files.yourfiledownloader.com in live environments.

TCP » 54.72.130.67:80
simplefilesupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall12590625.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall5322109.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall190602.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 199.195.196.180:80
EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 92.242.140.21:80
smelled.exe (Smelled)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
googleupdate.exe

TCP » 54.72.130.67:80
browserserver.exe

TCP » 54.72.130.67:80
sm.exe (System Monitor)

TCP » 54.72.130.67:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.72.130.67:80
uninstall129231.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 199.195.196.180:80
EFupdater.exe

TCP » 54.72.130.67:80
sfupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 54.72.130.67:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 54.72.130.67:80
pepperzip.exe

TCP » 54.72.130.67:80
internetenhancer.exe (Internet Enhancer)

 
Latest 20 of 403 files

URL:
http://files.yourfiledownloader.com/

Title:
“SmileFiles”

Web server:
nginx/1.2.1 (PHP/5.4.45-0+deb7u2)

Facebook:
Likes:  6
Shares:  47
Comments:  27

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.