home

gx.secure-fastfile.com

WHOIS PRIVACY PROTECTION SERVICE, INC.  (Proxy Registrant)

Domain Information

The domain gx.secure-fastfile.com is registered by proxy through ENOM, INC. and was originally registered in August of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Strasbourg, Alsace within France which resides on the RIPE Network Coordination Centre network.
Registrar:
ENOM, INC.

Server location:
Alsace, France (FR)

Create date:
Friday, August 9, 2013

Expires date:
Tuesday, August 9, 2016

Updated date:
Thursday, December 10, 2015

ASN:
AS8972 PLUSSERVER-AS PlusServer AG,DE

Root domain:
secure-fastfile.com

Whois:
1 secure-fastfile.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.Bundler.Air Software, PUP.Air Software.AirSoftware.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M)
100.00%

VIPRE Antivirus
Iminent
20.00%

ESET NOD32
Win32/AirAdInstaller.A potentially unwanted application
20.00%

F-Secure
Riskware.Application.Bundler.AirInstaller
20.00%

avast!
Win32:Malware-gen
20.00%

Dr.Web
Trojan.SMSSend.4790
20.00%

Emsisoft Anti-Malware
Application.Bundler.AirInstaller
20.00%

Lavasoft Ad-Aware
Application.Bundler.AirInstaller.B
20.00%

Clam AntiVirus
Win.Adware.Airadinstaller-17
20.00%

AVG
Adware InstallCore.QH
20.00%

Sophos
AirInstaller
20.00%

Norman
Application.Bundler.AirInstaller.B
20.00%

MicroWorld eScan
Application.Bundler.AirInstaller.B
20.00%

nProtect
Trojan-Clicker/W32.AirAdInstaller.862112
20.00%

Quick Heal
Adware.AirAdInstaller.I5
20.00%

The domain gx.secure-fastfile.com has been seen to resolve to the following 2 IP addresses.

62.75.207.166
static-ip-62-75-207-166.inaddr.ip-pool.com
April 1, 2016

173.192.195.228
173.192.195.228-static.reverse.softlayer.com
March 30, 2015

File downloads found at URLs served by gx.secure-fastfile.com.

1 / 68      (Adware)
http://gx.secure-fastfile.com/get/click/.../?filename=Unlimited Downloads&uid=1220013171.276029.d38a91f58b.4974  (unlimited downloads.exe)

1 / 68      (Adware)
http://gx.secure-fastfile.com/get/click/.../?filename=Unlimited Downloads&uid=1611987817.276029.6bdd9e1740.4974  (unlimited downloads.exe)

1 / 68      (Adware)
http://gx.secure-fastfile.com/get/click/.../?filename=Anchorman_2_2013_CAM DTeCH.avi  (anchorman_2_2013_cam dtech.avi.exe)

1 / 68      (Adware)
http://gx.secure-fastfile.com/get/click/.../?filename=Frozen_2013_CAM_READNFO_XViD_ _CHiLLYWiLLY.avi  (frozen_2013_cam_readnfo_xvid_ _chillywilly.avi.exe)

34 / 68    (Adware)
http://gx.secure-fastfile.com/get/click/.../?filename=Unlimited Downloads&uid=1672713628.276029.ee65b359bc.4974  (unlimited downloads.exe)

The following file have been seen to comunicate with gx.secure-fastfile.com in live environments.

TCP » 173.192.195.228:80
setup.exe (Software Updater by AirInstaller)

URL:
http://gx.secure-fastfile.com/

Web server:
cloudflare-nginx (PHP/5.3.3)

airdwnlas.com

airdwnlds.com

airinstaller.com

bestpcfiles.com

downloadd.org

downloadrockstar.com

downloadverse.com

dwnload.org

ez-downloads.com

fastdownloaders.com

getsoftfree.com

install-free.net

installs.co

pcfilehelp.com

pcfreefiles.com

redir.info

updatenowpro.com

updatersoft.com

updatesoftnow.com

browsersinfo.com

downloadb.net

downloadbin.net

downloadster.net

freedownloaders.net

freeinstallsetup.com

pcupgradenow.com

savvydl.com

simple-get.net

venturedownload.com

windownload.net

30 of 30 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.