t.go-for-files.com

Whois Privacy Corp.

Domain Information

The domain t.go-for-files.com registered by Whois Privacy Corp. was initially registered in October of 2013 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Remove Malware from t.go-for-files.com - Powered by Reason Core Security
Registrar:
INTERNET DOMAIN SERVICE BS CORP

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Tuesday, October 08, 2013

Expires date:
Saturday, October 08, 2016

Updated date:
Sunday, December 13, 2015

ASN:
AS16265 LEASEWEB LeaseWeb B.V.

Root domain:

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.RighwayTechnologies.k, PUP.RighwayTechnologies.R, PUP.RighwayTechnologies.P, PUP.RighwayTechnologies.Q, PUP.RighwayTechnologies.FF, PUP.RighwayTechnologies.j, PUP.RighwayTechnologies.a, PUP.RighwayTechnologies.d, PUP.RighwayTechnologies.h, PUP.RighwayTechnologies.AA, PUP.RighwayTechnologies.X, PUP.RighwayTechnologies.?, PUP.RighwayTechnologies.EE, PUP.RighwayTechnologies.g, PUP.RighwayTechnologies., PUP.RighwayTechnologies.V, Threat.RighwayTechnologies, Threat.Win.Reputation.IMP, PUP.RighwayTechnologies (M), PUP.Via Advertising.RighwayTechnologies.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.GoForFiles.A
67.44%

Sophos
Go For Files, PUA 'Go For Files'
67.44%

VIPRE Antivirus
ExpressFiles Installer, Threat.4925438, Threat.4783941, Threat.4791953, Yontoo
67.44%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Adware
53.49%

K7 AntiVirus
Unwanted-Program , Adware
51.16%

AhnLab V3 Security
PUP/Win32.ExpressFiles
48.84%

Dr.Web
Adware.Downware.4798, Adware.Downware.4798, Adware.Downware.4798, Adware.Downware.3112, Adware.Downware.825, Threat.Undefined
46.51%

G Data
Gen:Variant.Adware.Kazy.426646, Win32.Application.Expressdownloader, Adware.Agent.OCE, Win32.Application.ExpressDownloader
46.51%

AVG
Righway Technologies, MalSign.Righway Technologies, Skodna.Generic_r
44.19%

avast!
Win32:Malware-gen, Win32:Dropper-gen [Drp], Win32:PUP-gen [PUP], Win32:Adware-gen [Adw]
41.86%

ESET NOD32
Win32/ExpressDownloader.H potentially unwanted application
37.21%

McAfee Web Gateway
Artemis!EE3BB8C03DCB, Artemis!75828DD12967, Artemis!8BD8FCBBD91E, Artemis!AC86091B2C94, Artemis!6ED35167E0B0, Artemis!B3C6B875F3EA
34.88%

McAfee
Artemis!EE3BB8C03DCB, Artemis!75828DD12967, Artemis!8BD8FCBBD91E, Artemis!AC86091B2C94, Artemis!6ED35167E0B0, Artemis!B3C6B875F3EA, Artemis!B393249E1CBA, Artemis!3D06EBC0F208
32.56%

ESET NOD32
Win32/ExpressDownloader (variant), Win32/YourFileDownloader (variant)
32.56%

The domain t.go-for-files.com has been seen to resolve to the following 4 IP addresses.

199.195.196.180.static.midphase.com
October 13, 2015

October 9, 2014

mail.goforfiles.com
May 23, 2014

December 18, 2013

File downloads found at URLs served by t.go-for-files.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
http://t.go-for-files.com/j5GhWHXepVRn0O1IYtmlMG/MpWdnrq0 feSuLne7lD157IY/.../BJrZ5  (download_whatsapp_untuk_samsung_champ_c3303i_downloader.exe)

1 / 68      (Adware)

11 / 68    (Adware)

17 / 68    (Adware)

16 / 68    (Adware)
http://t.go-for-files.com/.../SnvOJ7M=  (uninstall10039912.exe)

11 / 68    (Adware)
http://t.go-for-files.com/j5GQWXbVuxti0aMfSMqkIGXZu2FlrbAvK/.../HUQDVwV0=  (full_version_of_winbrick_downloader_fr_99028.exe)

12 / 68    (Adware)
http://t.go-for-files.com/j5GrUHHVu1JjxuBMZdn/.../ZwVME3NsbSdUwQAbfPUB0xTpD  (va_now_disney_princess_cd2_2013_amb_zip_downloader_gb_99370.exe)

15 / 68    (Adware)

6 / 68      (Adware)
http://t.go-for-files.com/j5GLXG3DoBBV3aZaZt29aEfdszV7q7hgVbakZFy6hDZ6o4h8E nRbACgnmIb68lVHOzNVALX3xhDhooCU4w8Rg7KchorlDRPd8U=  (jean_de_la_craiova_-_urca-te_pe_bar_2013_[cd_originala]_[exclusiv]_downloader_it_50.exe)

 
Latest 30 of 222 download URLs

Remove Malware from t.go-for-files.com - Powered by Reason Core Security