home

www.torntv-downloader.com

China Capital Investment Limited

Domain Information

The domain www.torntv-downloader.com registered by China Capital Investment Limited was initially registered in May of 2015 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Francisco, California within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Northern California) region datacenter.
Registrar:
ADOMAINOFYOUROWN.COM LLC

Server location:
California, United States (US)

Create date:
Wednesday, May 27, 2015

Expires date:
Friday, May 27, 2016

Updated date:
Monday, March 7, 2016

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
torntv-downloader.com

Whois:
4 torntv-downloader.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Malwarebytes
PUP.Optional.OneClickDownloader.A
97.37%

Reason Heuristics
PUP.InstallLabltd.P, PUP.CoolMirage.k, PUP.CoolMirage.j, PUP.CoolMirage.?, PUP.CoolMirage.V, PUP.HARASANPRAPAPON.EE, PUP.HARASANPRAPAPON.?, PUP.CoolMirage.Installer (M)
97.37%

Qihoo 360 Security
Win32/Virus.Adware.47b, HEUR/Malware.QVM06.Gen
86.84%

G Data
NSIS.Adware.OneClickDownloader, NSIS.Application.OneClickDownloader, Application.Bundler.BK
73.68%

Trend Micro House Call
TROJ_GEN.F47V0322, TROJ_GEN.F47V0327, TROJ_GEN.F47V0331, TROJ_GEN.F47V0404, TROJ_GEN.F47V0514, TROJ_GEN.F47V0522, TROJ_GEN.F47V0529
63.16%

Dr.Web
Adware.Downware.1263, Trojan.DownLoad3.33864, Trojan.Click3.8961, Adware.Yontoo.11, Adware.Downware.6586, Adware.Downware.8319
47.37%

Avira AntiVirus
APPL/CoolMirage.A.3, APPL/CoolMirage.A.33, APPL/CoolMirage.AD.134, APPL/CoolMirage.Gen
42.11%

NANO AntiVirus
Riskware.Nsis.Tron.cvleaj, Riskware.Nsis.Downware.czyjkl, Trojan.Nsis.Yotoon.deckrr
34.21%

Sophos
CoolMirage, Install Core, FT Downloader, 1 Click Downloader
34.21%

VIPRE Antivirus
Conduit, CoolMirage Ltd, BubbleDock, Trojan.Win32.Generic
31.58%

McAfee
Artemis!E5BC179F37CA, Artemis!6833FB30FC34, Artemis!7CF9986E03FC, Artemis!2FE95CE9C873, Artemis!1CA8A22D3296, Artemis!8B3AC90D8EE9, Artemis!F35AEDA12976, Artemis!E551CEF475BC, Artemis!370806B8CC9D
28.95%

Panda Antivirus
PUP/MultiToolbar.A, Trj/Chgt.D
18.42%

Comodo Security
Application.Win32.MCool.E, Application.Win32.CoolMirage.~A, Application.Win32.CoolMirage.AS
18.42%

AVG
Generic, Rungnapa
15.79%

ESET NOD32
Win32/Adware.1ClickDownload.AJ, Win32/AdWare.1ClickDownload.AT
13.16%

The domain www.torntv-downloader.com has been seen to resolve to the following 12 IP addresses.

192.230.92.93
192.230.92.93.ip.incapdns.net
August 26, 2016

199.83.132.93
199.83.132.93.ip.incapdns.net
July 3, 2016

104.130.124.96
April 6, 2016

208.91.197.197
March 3, 2016

141.8.226.14
February 9, 2016

204.11.56.48
July 1, 2015

184.169.157.32
ec2-184-169-157-32.us-west-1.compute.amazonaws.com
January 21, 2015

50.18.168.176
ec2-50-18-168-176.us-west-1.compute.amazonaws.com
November 10, 2014

54.241.253.59
ec2-54-241-253-59.us-west-1.compute.amazonaws.com
September 2, 2014

50.18.104.209
ec2-50-18-104-209.us-west-1.compute.amazonaws.com
August 10, 2014

50.18.174.205
ec2-50-18-174-205.us-west-1.compute.amazonaws.com
May 10, 2014

184.169.175.49
ec2-184-169-175-49.us-west-1.compute.amazonaws.com
May 2, 2014

File downloads found at URLs served by www.torntv-downloader.com.

11 / 68    (Adware)
http://www.torntv-downloader.com/.../torrent.exe  (dark_souls_ii_flt_dark_souls_ii_pc__complete_edition_full_cracked_flt.exe)

1 / 68      (Adware)
http://www.torntv-downloader.com/.../Virtua_Cop_.exe  (644a12e1a660ac54bd440488a3b73f5a)

8 / 68      (Adware)
http://www.torntv-downloader.com/.../Vivid_Workshop_9.1._multi.exe  (alvin_superstar_2007_italian_dvdrip_xvid_t4p3.exe)

11 / 68    (Adware)
http://www.torntv-downloader.com/.../The_Mentalist_Season_5_Complete.exe  (yourdownload.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../Africa_Unite_-_Discografia_(1988_-_2006),_(Lossy_Mp3_128-320kbps).exe  (resurrection_us_s01e02_hdtv_x264-lol[ettv].exe)

7 / 68      (Adware)
http://www.torntv-downloader.com/.../Star_Vijay_Mahabharatham_in_Tamil.exe  (shakti__remember_shakti.exe)

5 / 68      (Adware)
http://www.torntv-downloader.com/.../Luis_Alberto_Spinetta_-_Discografia_Completa_(Almendra,_Pescado,_Invisible,_Jade_Y_Solista)_By_Chano.exe  (password_hacking_tools_2.exe)

12 / 68    (Adware)
http://www.torntv-downloader.com/.../FSX_-_German_Landmarks_Service_Pack_1.exe  (acoolsoft_ppt_to_video_pro_3_2_7_2_serial.exe)

11 / 68    (Adware)
http://www.torntv-downloader.com/.../House_of_Cards_Season_1_Complete.720p.BRrip.exe  (dark_souls_ii_flt_dark_souls_ii_pc__complete_edition_full_cracked_flt.exe)

6 / 68      (Adware)
http://www.torntv-downloader.com/.../Rio_2_(2014)_720p_BrRip_x264_-_YIFY.exe  (hannibal_s01_season_1_720p_bluray_x264-demand.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../Business_Plan_Pro_15th_Anniversary_Edition.exe  (aae_cs4_[rh]_rar_full.exe)

8 / 68      (Adware)
http://www.torntv-downloader.com/.../Classic.Albums.Stevie.Wonder.Songs.In.The.Key.Of.Life.x264.AC3.-.exe  (elvis_presley_1977_06_26_the_last_farewell_1_dvd_plg.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../Still_2_(Tai_Hong_Tai_Nian)(2014)DVDRip.XviD(Thai.exe  (aae_cs4_[rh]_rar_full.exe)

8 / 68      (Adware)
http://www.torntv-downloader.com/.../Family_Guy_ALL_seasons.exe  (alvin_superstar_2007_italian_dvdrip_xvid_t4p3.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../How_I_Met_Your_Mother_S09E01_The_Locket_WEB-DL_x264_AAC.exe  (command_and_conquer_4_crack_-_automated_patch___one_click_launcher.exe)

8 / 68      (Adware)
http://www.torntv-downloader.com/.../Amigos_De_Mas.exe  (meztelenek_es_bolondok_1979_xvid_hun-nogrp.exe)

5 / 68      (Adware)
http://www.torntv-downloader.com/.../American_Restoration_Season_1.exe  (eset_smart_security_keygen_rar.exe)

9 / 68      (PUP)
http://www.torntv-downloader.com/.../Bobby_Jasoos_(2014)_1CD_DvDScrRip_XviD_MP3_Team_ExDR.exe  (particle_fever_2014_dvdrip_xvid_taste.exe)

9 / 68      (Adware)
http://www.torntv-downloader.com/.../Mary_Kom_(2014)_Hindi_PreDVD_Rip_x264_xRG.exe  (grip_op_de_groep_van_engelen_verified.exe)

5 / 68      (Adware)
http://www.torntv-downloader.com/.../Saturday_Saturday_-_Humpty_Sharma_Ki_Dulhania_-(2014)_1080p_-_HD_-_MP4_-_(_(_(_Supper_Uploader_)_)_)--(RTRG).exe  (hobolema_2010-01-06.exe)

4 / 68      (Adware)
http://www.torntv-downloader.com/.../L'Age_de_glace_1-fr.exe  ({blocked}.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../Louis_CK_Oh_My_God_HDTV_2013_(SeedBox).exe  (resurrection_us_s01e02_hdtv_x264-lol[ettv].exe)

9 / 68      (Adware)
http://www.torntv-downloader.com/.../The_Walking_Dead_S04E01_HDTV_x264-ASAP_(eztv).exe  ({blocked}.exe)

9 / 68      (Adware)
http://www.torntv-downloader.com/.../The_Lego_Movie_(2014)_3D_BrRip_x264_-_YIFY.exe  (mp3_-_192kbps_oasis_-_stop_the_clocks.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../IRC_bookz_2013-12.exe  (resurrection_us_s01e02_hdtv_x264-lol[ettv].exe)

7 / 68      (Adware)
http://www.torntv-downloader.com/.../Whitburn_Country_1944-1975.exe  (medieval_ii_total_war_kingdoms_expansion.exe)

6 / 68      (Adware)
http://www.torntv-downloader.com/.../Noe_(2014)_BluRay_1080p_Dual_Audio_5.1CH.exe  (age_of_mythology_extended_edition.exe)

8 / 68      (Adware)
http://www.torntv-downloader.com/.../(StepmomVideos)_Kylie_Rogue,_Sasha_Summers_(Stepmom_Shows_How_To.exe  (download_side_effects__brrip_(xvid)_nl_subs._dmt_torrent_-_kickasstorrents.exe)

10 / 68    (Adware)
http://www.torntv-downloader.com/.../Eric_Dolphy_-_'Out_To_Lunch_!'_1964_-_320Kbps_-_Jazz_.exe  (elcomsoft_wireless_security_auditor_v2_12_0_319_przyprawykuchenne_zip.exe)

7 / 68      (Adware)
http://www.torntv-downloader.com/.../Rahsaan_Roland_Kirk_-_Rahsaan:_The_Complete_Mercury_Recordings_O.exe  (shakti__remember_shakti.exe)

 
Latest 30 of 66 download URLs

The following 8 files have been seen to comunicate with www.torntv-downloader.com in live environments.

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 141.8.226.14:80
google-bookmarks.crx

TCP » 204.11.56.48:80
chrome.crx

TCP » 204.11.56.48:80
chrome.crx

TCP » 50.18.104.209:80
shakti__remember_shakti.exe

URL:
http://www.torntv-downloader.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.8.1

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.