home

www.toursheadfiles.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
toursheadfiles.com

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
(M), PUP.Bundle.Offer, PUP.InstallCore.FC.Installer (M), PUP.InstallCore.FC (M)
97.96%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
2.04%

F-Secure
Application:W32/Generic.70053c248f!Online
2.04%

SUPERAntiSpyware
Trojan.Agent/Gen-Agent
2.04%

ESET NOD32
Detection.Undefined
2.04%

The domain www.toursheadfiles.com has been seen to resolve to the following 8 IP addresses.

52.25.41.73
ec2-52-25-41-73.us-west-2.compute.amazonaws.com
May 5, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
May 5, 2016

54.69.11.66
ec2-54-69-11-66.us-west-2.compute.amazonaws.com
April 21, 2016

52.88.159.85
ec2-52-88-159-85.us-west-2.compute.amazonaws.com
April 21, 2016

52.35.10.15
ec2-52-35-10-15.us-west-2.compute.amazonaws.com
April 21, 2016

52.26.95.11
ec2-52-26-95-11.us-west-2.compute.amazonaws.com
April 21, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
April 21, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
April 21, 2016

File downloads found at URLs served by www.toursheadfiles.com.

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQWEJsVGxkTVlVdDZURTlQVkhwMFQydDJPWEZEUm10TVJWcGtZV2d6V0d0SWVVNXdjek5vTVZsNlRrMGxNMFFtWXoxemJsWjZWWE5JZDBoeVRXMVZiRzgyU0Vod1JtbDBibVI0VWtoM1lTVXlRbk5UV2xWSlNsb3lTbWxhYVVkSlpGbFVRWGRQZDFOdFVUZFdRa3RGVVhoNVlXSjJNV1JTVWxGQkpUSkdOVklsTWtaYWIwaHpRM0p6VVVaVWRVRm5RbEEzVTI0ek5IcDNjRTkxTUhkNFUwVm5lbGwzZGtJeFVVNXJWVU5QYlRnNFpWTkhXVFZhWmlaa2IzZHViRzloWkVGelBXbHVjM1JoYkd3dVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdVoyVnVhWFZ6TFhKdmRYUmxjaTVqYjIwbE1rWTNlamt6T0M1bGVHVT0=  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVEV4U1dSQ05WUm9Nbmh2VWpoYU9WZHNiV05WU1VkM1VHTm9URlU0V0hoRFMwZENUVE5GVTBwS2JXOGxNMFFtWXoxcmEzWTRabVJpU1VOdlJra2xNa1l4VkdScGNteFJkMEpyTURCbFlVbHZPQ1V5UW1Kc01FeHNWbEJ2ZDJaUk9WVm9aMmhXTWxFM1VqbFhiWEpsTW5sNU4wcG1ORzlMZW1sM1ZGTTJVVUpDVjBwSlZXSmxSRzE0WlVOR1dVcEhKVEpDVUU1dFNWWlFabEpMVjFnbE1rWmlUbFpOSlRKQ2NIWkJTemR1YXpGTlNsaGpTR3M0Y1ZGT1lsY21aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVTl4ZVRWYVZrVlNZV0Z1SlRKQ1JsUnBhbkpOUzJWa1pHVmlaMWRrUW1Ob1FWWm5Vblp2Wm5kWGJtSlNjeVV6UkNaalBXRkNWM04zUnlVeVFrUlpRV3MzVTNkaWJGWndTRFpLTVdrNEpUSkNUbmRqT0RkMmNEWmFVbkJxU1RGcldXNVllbE14U21NbE1rSjRZbFkwT1VGclVHVjNjbnBTUTFjd1NrZFpRak5SZFVsTmF6QnNPRFpOUW1sb1dEbFRTVzVMVDFodU1pVXlRbUZWTVVGSlJYSldZVmw2ZEdwVk9XNUhiRVZSV1NVeVJrSkNkalIyUlU4NU9IWk9hU1prYjNkdWJHOWhaRUZ6UFdsdWMzUmhiR3d1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR1ptbHNaWE11WjJWdWFYVnpMWEp2ZFhSbGNpNWpiMjBsTWtZM2Vqa3pPQzVsZUdVPQ==  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVlJqY0dsNE9GZENKVEpHZFVjNFlXTlhiWE5WZGtVNFNFVlZURGszZEhZNWNXUkViemxVVURaVFMzaGlTU1V6UkNaalBXZENVa1E0WWt4SlEySnRKVEpHWkZCclNHdHhlVmh4VEdGUmNFaEdiRUZZT0d0SlExUklPV04wYVdaSGNFWkhOMUY2U1hobFVtdHFRblJIUnpZeFVXMUlkbEIzVDAxMWVrNDVWMllsTWtac2RFeERiM280YTJOM2RsRkNhbmRYWkRsSWJXY3lhM1JXV1U5VFozTTJRVU5IZURKclNUTktVM2hXVm1STmN6Uk9jREpHTlNaa2IzZHViRzloWkVGelBXbHVjM1JoYkd3dVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdWMzUjViR1Z0ZVhObGJHWXVibVYwSlRKR04zbzVNemd1WlhobA==  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVkZ2Y1hKQ1YzSlVZVkpYVVdzME1XbFdjRmRGT0ZJMWNYQlZOMWhFTW5sMlNHMXFjMU0xZVZaUWQxVWxNMFFtWXowd04xTTBabVpLVVdGQ09XMXBWMVJqSlRKQ1dVb3pPVTB4Y2s1Nk5qSnRUR2wwUjBWdFFXTnhKVEpDVGs5S1dETmFjMnRYWkZac1MzUTFlVEpMV1hSVVJqYzROV1pxUWpFelNYZHNVRmhDU2pKRmRXZFJWWE5vUkdkTGMzcHdWMGRzV1NVeVJsSlNiRGQxZEhkSFpsTm5TRlZUZVRobVlVSXdlVkpGWVhsTk1EWndkVFI1YVNaa2IzZHViRzloWkVGelBXbHVjM1JoYkd3dVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdWMzUjViR1Z0ZVhObGJHWXVibVYwSlRKR04zbzVNemd1WlhobA==  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQV0pMUVZOd1JVUm1TakYyY0hKUk9WRjZlR1pXVkRGSFdXNVNWelFsTWtadmVGVTFhRTh4TURVMWRsWnRUU1V6UkNaalBVcDNSM3B4UTFwVE9GSjNaR1J4VVUxRGVWbE1lV1pVTldKT1lrRldNM1ZGU1hoNU1VSlpWM0pzVnlVeVFqVnpKVEpHUnpWWE1ubFFZV2hOYkRRekpUSkdORFZWZVU4MFNYSlVXa1ZYVTFZbE1rWmtlWHBtZEdaeWJ6QTRjVmRCZVVOWFoyNU1VWHBHTWxSRE1sRlJORVpWUzI0MVoySkphQ1V5Um10cVNHOTBjREJSUVROaVFqbGhkeVprYjNkdWJHOWhaRUZ6UFdsdWMzUmhiR3d1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR1ptbHNaWE11YzNSNWJHVnRlWE5sYkdZdWJtVjBKVEpHTjNvNU16Z3VaWGhs  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVk5IVEV4TVNHUnpSMGtsTWtaS2VGQnBRaVV5UmtsMFlXVllkRVZRY1hJNVQwMWxUVVJMVTNrNVFYUTNNV0Z2SlRORUptTTlPWGxxUjBoRk1ERTJPV3hTV1VNekpUSkNOM0ZRUzBRMlRWcHRZbVVsTWtKeFUwcERKVEpDWTJadU5FWlRTekVsTWtKSVdIUjZPV1U0TnpkMlNHVTVUMVZtVFhveU5HOWtSbXQyY0ZSdWFXeHZOWGhtYzJSVFZHd3dSWEJXZGpFMWMwbzJReVV5UW1wTU5YbFVOVlprWVd4MlV6VlViRkVsTWtabFMwbzFPRTFaUlZOd1pGVklTRVZwWjBRbVpHOTNibXh2WVdSQmN6MXBibk4wWVd4c0xtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbVpwYkdWekxuTjBlV3hsYlhselpXeG1MbTVsZENVeVJqZDZPVE00TG1WNFpRPT0=  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQWE5IU1VKMVIxQmtTaVV5UmpGSUpUSkdWRE5WT1d0VFdXZDJSa3hyVTBsVk1sWWxNa0p3UzNOV1JXVTFlVlEzTVVVbE0wUW1ZejFJY0UxRVFUSk1NVXgzZFdkdVNEVlZRMHBIUldWaWVFd3lUbFpQV0RCelZYUjNWbVFsTWtKemFsZ3hURnB0V2prbE1rWldOU1V5UWpRMFFtNW5ibkJHVTFsMlQwd2xNa0l3UWxaNGVYWnRORFZEUnpsemRVSkNWVmRXY1VkWE5ESXliQ1V5Um1sSVVHVm1TbE5FYlU0MGVIWlhRVTlrYlVSSGIyVTBNVWx1TlZkeGNWZFdWaVV5UWxneGFDWmtiM2R1Ykc5aFpFRnpQV2x1YzNSaGJHd3VaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHWm1sc1pYTXVjM1I1YkdWdGVYTmxiR1l1Ym1WMEpUSkdOM281TXpndVpYaGw=  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/c?x=w5W55sTZE 2lV6yiYHcFl3uzMjnM7XgRVJPszeYTyXY=&c=fSEY/jboMtAYqHpwnBYPOJ7 34NeQLkw33omlLxZybarGG RvgBYEs03iGRTn/TwmjvCkK9isyc49CQWMTCstoYI9um6EeG9Zgxyo9LtfQDsXxqvCg8e4S2tvJmuiEWz&downloadAs=install.exe&fallback_url=http://.../7z938.exe  (ad1aafb3941a04a9a96658cdf09767a7)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVTVxZEVSNk1IYzBaRXR1YTJsd1EzVllVbkJwVlU4eUpUSkNWbXRNU2xoTWVsQkdZM1JSUjAxc1pFbFdPQ1V6UkNaalBXdE5lVEo2VVdvNFRVNW9aMHcxZEZwTk9YUllSRUZsUTNwRFJ6VnBTazBsTWtKd1MxRmpaR0pzV1dweFRWTjVVRzFMVGtwWU9UTTNkVUl6TkNVeVFsRTVlak5KY1U1SWRtUlpha0Z3ZWtwb1pHdExZbVI0UkNVeVJuTkhkbWxaTm1KQ2VtWTFUVkpQZUdNM1kwOHhZMEpGZDFKMFNFeDZhMUZFVEZsVWEzSm9XRFJ0VVZGeEptUnZkMjVzYjJGa1FYTTlhVzV6ZEdGc2JDNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ptYVd4bGN5NXpkSGxzWlcxNWMyVnNaaTV1WlhRbE1rWTNlamt6T0M1bGVHVT0=  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVGhuVEVveFNtZG1lakZTUld4a04weE9kRzlzSlRKQ2NIWjFNak0yV2lVeVJqazNha0k1Y0hkWVNXZzBaalZSSlRORUptTTlVRlVsTWtJeU5teFlTRVp4T0d0emRVZFZlbWhuWWxKTmRHRkJjMGQ2UlNVeVFsazVSR1JrTmpRMmJXYzNkazFvWm14NU1DVXlSblY2VEU5S2JubEZhVWRHYTIxaFVYQkNZbUo1TW5seVZVdDVRVzlJTVc5WmIxVjBTeVV5UW1KcGVFazJVbUp6YkhWVGN6aGFVbFpKVGtKdGNIQndjRXRuUVRKek1XSmtXa1J2U3pORGMyMHphaVprYjNkdWJHOWhaRUZ6UFdsdWMzUmhiR3d1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR1ptbHNaWE11YzNSNWJHVnRlWE5sYkdZdWJtVjBKVEpHTjNvNU16Z3VaWGhs  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQWFkyT0hveFkxb3hWMHc0TUdaSFVtRnlRbGsyVkRSUVRpVXlRbFpXV1cxcldFMDBZM2hxTkhCVVR6ZHVieVV6UkNaalBTVXlSbWswVVdGTldHZFpOMjF6YlZSc2EzQk1XRlV5VkhoMmNEUjZXV2gxUXlVeVJuQk9KVEpHVkU5NVVVUnNRaVV5UmpGdEpUSkNkVkZtV21wRk1GbGlZMUZ3YVhBMFRFNXNVbmg2ZERkYU5HaDJaMjlFVDFjeFRFTkphVU5MV0hoNmIyMTNKVEpHVjAxaVEwSk9RVkp6VGpWUkpUSkNOMmxKVDFnMFNsWmlTSFJxZVU1bFYycFdZM2xrWW5vbVpHOTNibXh2WVdSQmN6MXBibk4wWVd4c0xtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbVpwYkdWekxuTjBlV3hsYlhselpXeG1MbTVsZENVeVJqZDZPVE00TG1WNFpRPT0=  (icreinstall_install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVFpUYVRoWmR5VXlRa0ZGV2twSU9UWjJWM00xYjB0c1prdExOVUpQYUc4bE1rSm5VVWRqYjJwWVIzaDRPRUozSlRORUptTTlXR293V2s4MWFIaFZORlJYVVVWU1ZVZ3hiRmxFSlRKR1ppVXlRbmcwYzJsc1prYzJVVUp0VjJaR2NHVllWRWhuZFcxM2FERkpkVUo1TnpaSk56bFFjVVZKZERkcmJrNDJTa1ZSVFZsWk9XMVpWVkpWYUZkdlFtaGFhaVV5UmxoRFNEVklVekJWU21KalUzWnRSM1ZUVEV4M1JHTnpUbnBOZFZJMGREQnNORTlJYXpSb1VWTW1aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVXBCUTNVMWNEWnhNWFJ3WjFoMlNITlBiWG8zT1RKQmVFaHRRM0F3VG1wYWRqSk9aemRYVkZNMFdqZ2xNMFFtWXoxMFdqQlJXV1JHTVdzMVR6bFNOVzFIYjBaVU9ITmxSa1pSYldOQ1NHZGhOSHBpUzNwQlZYVjRTbFp3T1VKTVQyUnJNVEJGVkVweWRWZFRaRlpYVVZsblJEUklkRk5DZWpabVkzUTBKVEpDZVVkUVJHaFdUVmxhYkROcE1VNVdUVVJoU201a2JuZFZSbm96TTFRMmVtZFFSV2hRTURWYVYwNDFlazB5UVVSTmJWZG1KbVJ2ZDI1c2IyRmtRWE05YVc1emRHRnNiQzVsZUdVbVptRnNiR0poWTJ0ZmRYSnNQV2gwZEhBbE0wRWxNa1lsTWtabWFXeGxjeTV6ZEhsc1pXMTVjMlZzWmk1dVpYUWxNa1kzZWprek9DNWxlR1U9  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVzE2WjJzelJsUkRabTlKYXpjeEpUSkdUbVprVGtwaU4zYzNjbGxUZHpCTU9FSnRSRGhzWTJRbE1rSmpPVWRuSlRORUptTTlVbWRKUmlVeVFtSjRWM0owUVhwTlMzZ3hOMjFZY0UxbFJ6TkRTalJOTTFST1NWSjFUMlp1VmxnMmVWbFJUSFJWU0VaVFNXcFhjMk5sZWxKdVVtaGFURkZrUmxFeFR6bDZSa2M0Um1ZeGJHeE9PV0ZHWjJORkpUSkdUVmMzUXpWcFVpVXlRa2RsWjBjNGRtNU1iM1JMZWtsa1QyOXNSMFUxU2pCSFJYYzFWM2RwTVc5T04zWW1aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

3 / 68      (PUP)
http://www.toursheadfiles.com/WVl6OTRQV0ZRTmpkcWNGbHhRazVxUzFWNVlrZFFibmRPYzFBMUpUSkdiRmx3Vm5jNVNrSlFiRGRKZGxBNVZ6TlROQ1V6UkNaalBYbE1kbWNsTWtKWVNXcEJNblZYUW10NU1qVXdUakF5TVVKMmRsSXhVVzVwSlRKR2JtOWFTWEl3YkdodGJHTm5KVEpHYVZGc05EWmxiM05EVlRac05TVXlSamR5ZFVFMk9FRjRUVEI2VWpsbE1rWnRVa2RpYVdSeFRuWjBZVzR5YlV4UEpUSkdWbWhvTWpoUGNIVkRNRkF4V2tKUmFuRnFSMmgzTWxGUmJsRm9iRTlNV213M1FqWkdSQ1prYjNkdWJHOWhaRUZ6UFdsdWMzUmhiR3d1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR1ptbHNaWE11YzNSNWJHVnRlWE5sYkdZdWJtVjBKVEpHTjNvNU16Z3VaWGhs  (7zip.exe)

1 / 68      (Malware)
http://www.toursheadfiles.com/WVl6OTRQVUZ3ZUZsUUpUSkNSbWhIU1dKeFZtcEJkbVpZVkV0NFJFSkVTbVI0TjJVbE1rSXhkamRGVkU1UlRFSTNha3BWSlRORUptTTlZamRZUTBsclRVbE5WbGQwTjFOR1ZrOTNTek5uSlRKQ2VUTjFjaVV5UmpSUGFuazVlREV4WjBONmFGTTBVRkZLT0hWUlF6Uk5WREpSVHpKbGRDVXlRbFpUUVVGT1NqSmxNWGhTTW1kU1JUVTJkMmROYUZONmR6aHZkRzFtUWpReFltVlNkMHRYT0cwMWMzQlVaM0JFUVhJeFIwaFpOMFJzTTI5Q1ZrVldiV1I0VlZJeGRGWW1aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (7z938.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVXRDWVhsMFRURWxNa0pHVURGdmVXZERWVGxFSlRKQ05XZzBVakJKV0VocU5ubHNiR28yZUZOeU0xUnVWRlJKSlRORUptTTlNakIxY3pORFlVcG5NWFZzU2lVeVFqUWxNa0psVURFbE1rWXlOVU40UlVSSFVXeDBTVEZGV1d4c2FrUllOVmxSZHpWcFVESnZhalJRUlhGQ1VVcENWbGxhU1VKT1VXOVVRVmRGWlhCTVkyMHdaVlZsZW1SdWEzUmlXQ1V5Um1JNUpUSkdlRGh1U2pNbE1rWklXSFY2UWtoRVpERkZWME41VG5Sd1QyZExPRkJwVjBob1JVb3dabGRuZFZZbVpHOTNibXh2WVdSQmN6MXBibk4wWVd4c0xtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbVpwYkdWekxuTjBlV3hsYlhselpXeG1MbTVsZENVeVJqZDZPVE00TG1WNFpRPT0=  (install.exe)

3 / 68      (PUP)
http://www.toursheadfiles.com/WVl6OTRQVEZ5VFRrMk1WSmtiRkYxYVhVMU1FaEVRVGRtY0dsQmJrWkNibUZCYVdweGR6WlBTRWwxTVZWTWQzTWxNMFFtWXoxMVJqWm5PVVpJVlRjNWF5VXlSblJTTkZWQ2JsUmhibTlQZFZCa2QwTlpPV1ptZUdWTVNHZEZlSGRGV0ZoNGQwTTRUM2xyVEZoMWQzUkJUVE42VmpnMlVHTXlaMDlxT0hGVmVtMTRRMGhJUkRRbE1rSmhSa2sxT0d4d2JGcFZabEJ0UmpSR05XRmtWbWh3YVRsRE1HazJUbTVFTkc1NmJESTJTVTF4YmpnM09UbDJkVmttWkc5M2JteHZZV1JCY3oxcGJuTjBZV3hzTG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJtWnBiR1Z6TG5OMGVXeGxiWGx6Wld4bUxtNWxkQ1V5UmpkNk9UTTRMbVY0WlE9PQ==  (7zip.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVmRoWTJWTWRtOVJlbTV2WWxwVlNTVXlSa1pyWTBaR1VGWjJURkZSWkRCalZGUjFWVFU0WlVRNFdTVXlSbGRKSlRORUptTTlWaVV5Um1WV2NVSnZjMkZTTWtjd2RtcHdKVEpHTVU5R2VVSWxNa0pDYm01MU5FUm5Za3Q1TnpSUVdFNVlKVEpHWWt3NVJFaFdhbm96TkZaUmVtZExZVVJtVW5oNFZHYzJKVEpHU0dkcU9GWWxNa1pGWmt3MmRucDFhbHBLU2pCdU55VXlRa2hTZGtkMmJXOVNSV0ZQZEhkeVlsRkJiMlJpZEd4TFVVVjJRM040T1ZsV1JuaFVaMG8yYkRNMWJ5WmtiM2R1Ykc5aFpFRnpQV2x1YzNSaGJHd3VaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHWm1sc1pYTXVjM1I1YkdWdGVYTmxiR1l1Ym1WMEpUSkdOM281TXpndVpYaGw=  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVkpRUlhoVGFtZFFaVEJ5ZDBkQmNXSlZVakY1WWpodE5IZGhWR2RwY1ZZM2JtSjZTSEZVT1V4SGRtTWxNMFFtWXoxQlZXdHNNRGh0YTFWUlVqRnBlRUpHVFhwTmRYcEdiVGxVY1ZsVWNEaDZPVnBOY1dGU016TldaRk50YjA1T0pUSkNWRmw2VGtKRlpFRlBhM0k0Wlc0MlZIbzFla0ZGYVRoRlRqUnpPRk5MU2lVeVJtUnhSblJQZEU1YVpVSjRXRlJXWlZCTlRFOTJNemRTZUV4dmNXcDJPVmRaTkRZeU5pVXlRbEZEVEZSbk0wUkJWMWsyYnlaa2IzZHViRzloWkVGelBXbHVjM1JoYkd3dVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdWMzUjViR1Z0ZVhObGJHWXVibVYwSlRKR04zbzVNemd1WlhobA==  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQV2d4VFd4U1RsTnBUMFowYkRWNFJVaFpVSE5OZW1sSFZIQjRaRXQyTTFkUFQySTVkamREUmxCR1QwMGxNMFFtWXoxWlRVcHFaMVppWlVWemEwNDVUWFZuTW10NWJXVjZSbGwxTldJd00ycHlOM2czY20wMFR5VXlSbW80Tm1acVFVSTVWSFpDWVVsVWVrdFJiRUp0ZEd0SFZVTkJjVzlQVlVsRFEwcEZaMUZpYzNodFJqRlhTV1JvVUhBbE1rSmhka1I2VVVOMFVuVXpjU1V5UW5sUVdFMVVhMkZSZUVScE5UUXhja0p1VFVNMldYbDVZMjFFUVNaa2IzZHViRzloWkVGelBXbHVjM1JoYkd3dVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdVoyVnVhWFZ6TFhKdmRYUmxjaTVqYjIwbE1rWTNlamt6T0M1bGVHVT0=  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVFJaVTFoTU1XMVFTV0pIUzNCQ1pGWlFSbFExYkRWMmMwUmpaRzE1YkdkbWJXVjVKVEpHUldrNE56WlNheVV6UkNaalBUZGlWamhITUdJMVpFWk5la2MwWlZselkzYzNabkZEV1VwU1NFTlBielZLY2pBd00yZGFhMGMxWXpKMGJtVmpURzAwTkhOVlNtbzFhM0ZUWVUxT1NsWTFORE0yZGlVeVFrOXdTVGhwTlZoSU9EZ2xNa0puUXpJbE1rSTBlRW81UzB4d1JuVlFZMVo1VDFwa05FcEpZemxzTWtGdVNYQnFVV2c0UmxrbE1rWjJhMHBzT0hBNE56Z21aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbWRsYm1sMWN5MXliM1YwWlhJdVkyOXRKVEpHTjNvNU16Z3VaWGhs  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVE5NVm1SaFJHRm5OWEF4Wkc5SFEyWk5UMjRsTWtaSk0zcERlVVpwT0c1S1NYa2xNa1puUm0xaVltNTFiVEJqSlRORUptTTlabkZST1d0UFluWkVaRGxQTkU5UVExbEJWV1lsTWtKNVozbE9NM2hzTmxkNk9EQm5WQ1V5Um1OQlFYZE1WMUpoYVhnMFVXMXJTM0ZuZHpsakpUSkdhR2c0YlVwdFdXSmlObEpYVnpGVVpqUmtNRVZFVVVkNVJXVldUWGczZUUxR01EUnBaeVV5Um10UlNFUm5TVk51YldKaFNGa3lXbGR1T1ZsVVIwaG1NRFJESlRKR1NtNHpURUZPSm1SdmQyNXNiMkZrUVhNOWFXNXpkR0ZzYkM1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWm1hV3hsY3k1emRIbHNaVzE1YzJWc1ppNXVaWFFsTWtZM2Vqa3pPQzVsZUdVPQ==  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQV0oyTTNwb1UyNWlVSGRyZERCaWVUaEVZM2RPYzI1eFEwRlhSRTlwVVZCYVpFRlRRMVpuYlhKT1VXOGxNMFFtWXoxSFJEbHhlU1V5UWs5a1RVeGpZMHBuVlZkUGJHaERNREJWUlZSWGRETnhhbXMzZFdnemFsWXpPRkZDYVhCcVFVSkVSMmcxY2xkdlNTVXlRa2xQYmpsWlVWZzNKVEpDVTJkdmNTVXlSbEJOV25GYVQzcEdSalp3ZVhwV1dFZHpVRnBVTlZaMmVsTklabG8wYVU1UFVrUndlVFl4TlZKNk1uTnVhbHB0T1ZCVFkyaHJUWFpHTlU5akptUnZkMjVzYjJGa1FYTTlhVzV6ZEdGc2JDNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ptYVd4bGN5NW5aVzVwZFhNdGNtOTFkR1Z5TG1OdmJTVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQWHB3VkZCSkpUSkdVazgzZUhWbWJEVnBiMGRyYVNVeVJuZFBRMnBIU1VOTFNtbDNNVlY2U0dOUVlVZFZjWGRuSlRORUptTTlaSE4wWVRCM1dYbEliRFJqTWsxaWJVaEtTak5tYjNSak9FRjRXbVp4U3pWQmMxQjVKVEpDTVRBbE1rWlFPRzAxT1ZWUlFsaE9WRmg2Um00M1RIcDBVMkZGTTFkS1dsbHFjRUpGTTNWWGFGaDVURkJpYjJOeU9FRkpRMHByVkdaa2JXWjFaRlU0T1ROMmJHZ3dWVGhFUTFSbWFuVlliR05JTjFKdFpuWmhKVEpHZFVGVlZUVW1aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVFl6TVhaWVVUQndhbTlpYm1rNGJEQkhVWHBOU2tweEpUSkdSSFpLV0cxdVFrOXRZbVJuVjBSWFIybHhjeVV6UkNaalBUaHFUWFozV25OQlpIWjFkVWhRWkhKaFYxTkRPVGQ0YkVjMFpUSk5aazgxT1haeUpUSkdORm8wUnpaMVdHMVpVMVl4ZHpJeU5HTndibTh6VW5SUlRFNDVjRFZSTlhreWJEQkhVbUoyZVdScE0xSnFXRGw2Wm1sM1FVbEtiR2RvVlRaQkpUSkdSSGtsTWtaekpUSkdRbTFFWVRRNVkyMHdSRFZqVVVoc1FrZDFTVmcyYUZkRVRUQW1aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVlZHZW05RmFqSlhhVEZHVEZkdGFXNWtkalE1UTB0TWNXTnhWRGhpVjFod1pUVTNaWFZ1Ym5SQ1dWa2xNMFFtWXoxT04wUnZhVmwzWW01RE5WZHpZblJ5VG1KS1RsZ3hZWFpvU21aSVZHeExhWFY2ZEhsbmVrdzRZbFZJUW1od1RUZExSM1pMZWxOQ1ExUklhREE0VlNVeVJrWlhkVU00TkZkNWJtNXJOREZ5V0dVbE1rWkhSU1V5Um1wNk5tZG9NVEp3Wm1oSWFrOHhVVTFwZFd0bmRsSkhXVEJ4ZWt4cGRubGpObXB4YmpZeE1tdFpNMkpCWWlaa2IzZHViRzloWkVGelBXbHVjM1JoYkd3dVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdVoyVnVhWFZ6TFhKdmRYUmxjaTVqYjIwbE1rWTNlamt6T0M1bGVHVT0=  (install.exe)

2 / 68      (false positives)
http://www.toursheadfiles.com/c?x=HOLAEzOfMS3c9Rf3lL1Y9r1RBSDfV2aUupy92vRU5y8=&c=cqV6G5ZBId7ham/BdS6Eg 0p61M0OFGVzhpVyP5qhKzs/hU8ESO/AShnlvJl9zwVOJ/aws1/a66tRhGyLn4telcgawVx23TpZcQPyLY7H5 EJmwlq8DnShmEV7NAWk2R&downloadAs=install.exe&fallback_url=http://.../7z938.exe  (wrar420.exe)

1 / 68      (Adware)
http://www.toursheadfiles.com/WVl6OTRQVVJLZEd4bFFuUm1URlp4Y2xwMlVGaElTMjVZZEdwamJHWjBTa3R2TjFsMFNYVkthMVl6VVRFNE1sa2xNMFFtWXoxRWEwOVVhbEIxYmtNNU1tTkxZelZVYW5OeWNGSm1NMEozZGpnNE1EWnVRMUpCY0VjbE1rSXdRM2dsTWtaUVozZHlhM2hJU21ZNVdUUWxNa1pEWkRkd1RsaGFPVFZpZW14dFUxQlZUeVV5UWxBNFFXNDJielZKZVhvNWJXSndiVWgzVG5WVFlsQlhlbTFyTkRsdk1EbEVkVTk1UmlVeVFsbFRPVnBuYVhBemJFaENkbXh1TjBJeFpqWW1aRzkzYm14dllXUkJjejFwYm5OMFlXeHNMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbk4wZVd4bGJYbHpaV3htTG01bGRDVXlSamQ2T1RNNExtVjRaUT09  (install.exe)

 
Latest 30 of 232 download URLs

The following 6 files have been seen to comunicate with www.toursheadfiles.com in live environments.

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
Proxomitron.exe (Proxomitron by Groom-A-Zebu (tm))

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.