www.fileopenerapp.com

ADLSoft  (via a Proxy Registrant)

Domain Information

The domain www.fileopenerapp.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in October of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform. The domain is associated with the publisher ADLSoft who is located in Tel Aviv, Israel.
Remove Malware from www.fileopenerapp.com - Powered by Reason Core Security
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Virginia, United States (US)

Create date:
Tuesday, October 15, 2013

Expires date:
Saturday, October 15, 2016

Updated date:
Thursday, September 24, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.New Media Holdings, PUP.Installer.PersonalCleaner.P, PUP.Bundler.New Media Holdings, PUP.Installer.ironSource, PUP.Installer.NewMedia.Installer, PUP.NewMedia.Installer.New Media Holdings.Installer (M), PUP.PersonalCleaner.Installer (M), PUP.ComboApps.Installer (M), PUP.installCore.ADLSoft.Installer (M), PUP.installCore.PersonalCleaner.Installer (M), PUP.NewMedia.Installer.installCore.Installer (M)
90.00%

VIPRE Antivirus
Threat.4788237, Threat.4729122, Threat.4150696, Trojan.Win32.Generic, InstallCore.b, Threat.5063361
48.00%

Avira AntiVirus
Adware/InstallCore.Y, Adware/InstallCore.811408, TR/Trash.Gen, Adware/InstallCore.A.1335, ADWARE/InstallCore.Gen, Adware/InstallCore.806960
42.00%

Dr.Web
Trojan.InstallCore.12, Trojan.MulDrop5.10078, Trojan.Packed.24524, infected with Trojan.InstallCore.978
40.00%

ESET NOD32
Win32/InstallCore.SB potentially unwanted application, Win32/InstallCore.RY potentially unwanted application, Win32/InstallCore.RK potentially unwanted application, Win32/InstallCore.RR potentially unwanted application, Win32/InstallCore.RV potentially unwanted application
38.00%

NANO AntiVirus
Riskware.Win32.InstallCore.djocrv, Riskware.Win32.InstallCore.dimyyn, Riskware.Win32.InstallCore.dimyxs, Riskware.Win32.InstallCore.dkahql
36.00%

Sophos
Install Core Click run software, PUA 'Install Core Click run software'
36.00%

G Data
Win32.Application.InstallCore.CZ, Win32.Application.InstallCore.AE
36.00%

K7 AntiVirus
Unwanted-Program , Adware
34.00%

K7 Gateway Antivirus
Unwanted-Program , Adware
34.00%

AVG
Generic, Adware InstallCore.ADF, MalSign.InstallC
34.00%

F-Prot
W32/A-9430b6c0, W32/InstallCore.AG.gen, W32/InstallCore.AC.gen
24.00%

Comodo Security
Application.Win32.InstallCore.TSOO, Application.Win32.InstallCore.RO, Application.Win32.InstallCore.JAWU, Application.Win32.Installcore.PRC
22.00%

herdProtect (fuzzy)
a variant of bd29edd46962dc1b720560e8f120d00ad326ae31, a variant of a0080021f72d3e1d0f2e66d4bb6dfa15519323ae, a variant of ad0cadf4f45047f81cfa3709ae54a071dead3dae
22.00%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.PersonalCleaner, PUP.Optional.Adlsoft
18.00%

The domain www.fileopenerapp.com has been seen to resolve to the following 29 IP addresses.

ec2-52-22-149-102.compute-1.amazonaws.com
February 12, 2016

ec2-54-88-19-50.compute-1.amazonaws.com
January 31, 2016

ec2-52-71-119-31.compute-1.amazonaws.com
January 27, 2016

ec2-54-165-16-203.compute-1.amazonaws.com
September 10, 2015

ec2-54-165-201-145.compute-1.amazonaws.com
July 23, 2015

ec2-54-174-79-49.compute-1.amazonaws.com
July 1, 2015

ec2-54-164-50-216.compute-1.amazonaws.com
May 6, 2015

ec2-107-21-27-226.compute-1.amazonaws.com
November 10, 2014

ec2-54-69-83-9.us-west-2.compute.amazonaws.com
October 20, 2014

ec2-54-210-142-26.compute-1.amazonaws.com
October 9, 2014

ec2-54-164-190-20.compute-1.amazonaws.com
October 9, 2014

ec2-54-210-100-130.compute-1.amazonaws.com
September 30, 2014

ec2-54-210-0-183.compute-1.amazonaws.com
September 27, 2014

ec2-54-209-189-234.compute-1.amazonaws.com
August 16, 2014

ec2-107-23-191-83.compute-1.amazonaws.com
August 12, 2014

ec2-54-236-110-108.compute-1.amazonaws.com
August 12, 2014

ec2-54-210-212-240.compute-1.amazonaws.com
August 7, 2014

ec2-54-236-96-84.compute-1.amazonaws.com
August 7, 2014

ec2-54-88-80-88.compute-1.amazonaws.com
August 1, 2014

ec2-54-229-93-133.eu-west-1.compute.amazonaws.com
July 7, 2014

ec2-176-34-137-180.eu-west-1.compute.amazonaws.com
July 7, 2014

ec2-54-72-29-182.eu-west-1.compute.amazonaws.com
May 28, 2014

ec2-54-72-148-55.eu-west-1.compute.amazonaws.com
May 28, 2014

ec2-54-76-30-22.eu-west-1.compute.amazonaws.com
May 21, 2014

ec2-54-194-21-203.eu-west-1.compute.amazonaws.com
May 21, 2014

ec2-54-246-129-129.eu-west-1.compute.amazonaws.com
April 23, 2014

ec2-54-229-15-149.eu-west-1.compute.amazonaws.com
April 23, 2014

ec2-54-72-107-225.eu-west-1.compute.amazonaws.com
April 14, 2014

ec2-54-229-38-248.eu-west-1.compute.amazonaws.com
April 14, 2014

File downloads found at URLs served by www.fileopenerapp.com.

1 / 68      (Adware)

URL:
http://www.fileopenerapp.com/

Google Analytics:
UA-44873109

Title:
“File-Opener”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.4.7

Facebook:
Shares:  2

Statistics are for the previous month.

Remove Malware from www.fileopenerapp.com - Powered by Reason Core Security