i.yourfiledownloader.com

Via Advertising Group Limited

Domain Information

The domain hosts the content delivery (CDN) for the ad-supported download manager, YourFileDownloader which includes adware browser extensions such as Bueno Search. The domain i.yourfiledownloader.com registered by Whois Privacy Corp. was initially registered in April of 2012 through INTERNET.BS CORP.. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the EU (Ireland) region datacenter. The domain is associated with the publisher Via Advertising Group Limited who is located in Nicosia, CY.
Remove Malware from i.yourfiledownloader.com - Powered by Reason Core Security
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Dublin City, Ireland (IE)

Create date:
Thursday, April 26, 2012

Expires date:
Tuesday, April 26, 2016

Updated date:
Wednesday, December 02, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ViaAdvertisingGroupLimited.d, PUP.Startup.ViaAdvertisingGroupLimited.O, PUP.ViaAdvertisingGroupLimited.Y, PUP.ViaAdvertisingGroupLimited.?, PUP.ViaAdvertisingGroupLimited.g, PUP.ViaAdvertisingGroupLimited.Q, PUP.ViaAdvertisingGroupLimited.u, PUP.ViaAdvertisingGroupLimited.i, PUP.ViaAdvertisingGroupLimited.m, PUP.ViaAdvertisingGroupLimited.S, PUP.ViaAdvertisingGroupLimited.s, PUP.ViaAdvertisingGroupLimited.q, Threat.Win.Reputation.IMP, PUP.ViaAdvertisingGroupLimited.Z, PUP.Via Advertising.ViaAdvertisingGroupLimited, PUP.Bundler.Via Advertising, PUP.Via Advertising.Bundler, Threat.Via Advertising.Bundler, PUP.Via Advertising.ViaAdvertisingGroup.Bundler (M)
98.00%

VIPRE Antivirus
Threat.4758264, Via Advertising
60.00%

avast!
Win32:Downloader-UEO [PUP]
60.00%

Malwarebytes
PUP.Optional.YourFileDownloader, PUP.Optional.YourfileDownloader
60.00%

Dr.Web
Threat.Undefined, Adware.Downware.5658, Adware.Downware.6444, Adware.Downware.1451, Trojan.StartPage.56734, infected with Trojan.StartPage.56734
58.00%

K7 AntiVirus
Adware , Unwanted-Program , Riskware
58.00%

Avira AntiVirus
APPL/ExpressDownloader.B.12, APPL/Downloader.Gen, Adware/Babylon.O, Adware/Babylon.E, TR/EDownload.I, Adware/BrowseFox.aox, W32/Sality.AT
58.00%

NANO AntiVirus
Riskware.Win32.Babylon.dffshm, Riskware.Win32.Amonetize.cvaajw, Trojan.Nsis.BrowseFox.dnxihk, Trojan.Win32.Siggen6.droatj
58.00%

K7 Gateway Antivirus
Adware , Unwanted-Program , Riskware
56.00%

Sophos
YourFile Downloader, PUA 'YourFile Downloader' (of type Adware)
56.00%

ESET NOD32
Win32/ExpressDownloader.I potentially unwanted application
50.00%

AVG
Adware Generic_r, Adware BundleApp.EG, Adware Generic_r.PF, Adware Generic_r.LB, Adware BundleApp_r.AE, Adware BundleApp_r.AA
46.00%

G Data
Win32.Application.ExpressDownloader, Adware.Generic.589825, Gen:Variant.Application.Kazy.133001, Gen:Variant.Application.Bundler.28
42.00%

Fortinet FortiGate
Riskware/Generic.AC.2244355, Adware/Fam.NB
42.00%

Zillya! Antivirus
Trojan.Black.Win32.17596, Trojan.Black.Win32.18392, Trojan.Black.Win32.17420, Trojan.Black.Win32.17778, Trojan.Black.Win32.17712
34.00%

The domain i.yourfiledownloader.com has been seen to resolve to the following 5 IP addresses.

199.195.196.180.static.midphase.com
October 19, 2015

209.95.43.22.static.midphase.com
May 5, 2015

November 10, 2014

ec2-54-72-9-51.eu-west-1.compute.amazonaws.com
July 31, 2014

March 14, 2014

File downloads found at URLs served by i.yourfiledownloader.com.

35 / 68    (Adware)

1 / 68      (Adware)
http://i.yourfiledownloader.com/j5G3UmPU4lRo2KRRb5O3LHyXszV3pfIibKW/.../IBCiPrTRpPG20jGktwf  (read_online_for_free_izabella_st_james_bunny_tales_downloader.exe)

 
Latest 30 of 298 download URLs

The following 7 files have been seen to comunicate with i.yourfiledownloader.com in live environments.

URL:
http://i.yourfiledownloader.com/

Title:
“SmileFiles”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.2.1 (PHP/5.3.3-7+squeeze19)

Notes from the site - “YourFileDownloader is designed to make your download experience easier and quicker than ever. Now you don’t have to spend your valuable time and energy for finding desired programs and get forwarded all across the internet as you can download it all with YourFileDownloader. It’s extremely simple in use, fast and so good looking.”
Remove Malware from i.yourfiledownloader.com - Powered by Reason Core Security