www.tusfiles.net

Artur Kozak  (via a Proxy Registrant)

Domain Information

TusFiles is a file hosting service that bills itself as a cloud backup platform, however the service is known to distributed various potentially unwanted software packages such as adware bundles through its wrapped download manager (signed by Artur Kozak, etc.). The domain www.tusfiles.net is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2010. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in London, England within United Kingdom which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher Artur Kozak who is located in Kyiv, Ukraine.
Remove Malware from www.tusfiles.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
England, United Kingdom (GB)

Create date:
Monday, May 17, 2010

Expires date:
Wednesday, May 17, 2017

Updated date:
Monday, May 18, 2015

ASN:
AS13213 UK2NET-AS UK2 - Ltd

Root domain:

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

AVG
Adware Generic5.BGKD, Adware Generic5.BGPZ, Adware Generic5.BLIG, Adware AdInstaller.P, Generic_r, Adware Generic_r.QP, InstallRex, Adware Generic_r.UH
93.18%

McAfee
MultiPlug, MultiPlug-FQV, PUP-FMH, PUP-FHQ, MultiPlug-FRO, MultiPlug-FRE, MultiPlug-FSS, MultiPlug-FQQ, MultiPlug-FTA, Program.MultiPlug
90.91%

McAfee Web Gateway
MultiPlug, BehavesLike.Win32.CryptDoma.cc, BehavesLike.Win32.Downloader.cc, BehavesLike.Win32.Downloader.dc, BehavesLike.Win32.Trojan.bc
86.36%

Avira AntiVirus
Adware/MultiPlug.bfp, TR/Crypt.XPACK.Gen, ADWARE/MultiPlug.Gen7, ADWARE/InstallRex.Gen, Adware/MultiPlug.aoa, Adware/InstallRex.4
86.36%

G Data
Gen:Variant.Adware.Graftor.152699, Win32.Adware.Multiplug, Adware.Agent.OGL, Trojan.Downloader.JRBX, Gen:Variant.Graftor.155005
84.09%

NANO AntiVirus
Riskware.Win32.MultiPlug.debchp, Riskware.Win32.MultiPlug.denlzq, Riskware.Win32.MultiPlug.decasb, Trojan.Win32.XPACK.devptt
81.82%

Vba32 AntiVirus
AdWare.MultiPlug, SScope.Adware.MultiPlug, Downware.TSU, Downware.MultiPlug.gen, Signed-Adware.MultiPlug, suspected of Heur.Malware-Cryptor.Multiplug
81.82%

K7 Gateway Antivirus
Trojan , Unwanted-Program , Adware
79.55%

K7 AntiVirus
Trojan , Unwanted-Program , Adware
77.27%

Comodo Security
Application.Win32.MultiPlug.YX, Application.Win32.MultiPlug.PNU, Application.Win32.Agent.V, Application.Win32.InstalleRex.KG
77.27%

Sophos
MultiPlug, Adware.MultiPlug, InstallRex, PUA 'MultiPlug' (of type Adware), PUA 'InstallRex'
75.00%

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.MultiPlug, PUP.Optional.Multiplug, PUP.Optional.MultiPlug.A, PUP.Optional.InstallRex
72.73%

avast!
Win32:Xpaj-gen, Win32:MultiPlug-CK [PUP], Win32:MultiPlug-EV [PUP], Win32:Downloader-UZF [PUP], Win32:PUP-gen [PUP], Win32:InstalleRex-BI [PUP], Win32:MultiPlug-ND [PUP], Win32:MultiPlug-KA [PUP]
72.73%

Reason Heuristics
PUP.OlehAleksyuk.CC, PUP.OlehAleksyuk.t, PUP.OlehAleksyuk.P, PUP.Installer.OlehAleksyuk.q, Threat.Win.Reputation.IMP, Adware.WebPick.Installer.P, PUP.StanislavKabin.EE, Adware.WebPick.Installer.X, Adware.WebPick.Installer.b, Adware.WebPick.Installer.V, Adware.WebPick.Installer.BB, Adware.WebPick.Installer.e, PUP.StanislavKabin.W, Adware.WebPick.Installer.S, PUP.OlehAleksyuk.N, Adware.WebPick.Installer., PUP.OlehAleksyuk.c, PUP.OlehAleksyuk.a, PUP.OlehAleksyuk.I, PUP.OlehAleksyuk.EE, Adware.WebPick.Installer.m, Adware.WebPick.Installer (M)
70.45%

Bitdefender
Gen:Variant.Adware.Graftor.152699, Gen:Variant.Application.Bundler.17, Adware.Agent.OGL, Trojan.Downloader.JRBX, Gen:Variant.Graftor.155005
70.45%

The domain www.tusfiles.net has been seen to resolve to the following IP address.

December 22, 2013

File downloads found at URLs served by www.tusfiles.net.

0 / 68
http://www.tusfiles.net/qr7x5klz7x3x  (harvest moon btn indo - tanpa emulator.exe.rar)

0 / 68
http://www.tusfiles.net/ptsoz5pughi4  (hitmanpro.3.7.x-patch.exe.zip)

10 / 68    (PUP)

12 / 68    (PUP)
http://www.tusfiles.net/kabb70ics3mh  (trivales-entrando al juego-2004.rar.exe)

0 / 68
http://www.tusfiles.net/ht5nn3qy35v6  (bluestacks app player rc 0.9.3.4070 superuser.msi)

1 / 68      (Adware)
http://www.tusfiles.net/z1p2re7mahak  (multi operator v 1.2.rar.exe)

13 / 68    (Adware)
http://www.tusfiles.net/7ra9bqbq6jgs  (baranyattila_livemix_univlounge_20131108 www.music4you.hu.mp3.exe)

23 / 68    (PUP)
http://www.tusfiles.net/ux6hygw5vykh  (microsoft toolkit 2.4.5 final stable.rar.exe)

27 / 68    (Adware)
http://www.tusfiles.net/ts5iqhpc1uo1  (strikethevbood.rar.exe)

24 / 68    (Adware)

27 / 68    (PUP)
http://www.tusfiles.net/yh43aq7lxpdx  (picpac - stopmotion timelapse_1.30.apk.exe)

31 / 68    (Adware)
http://www.tusfiles.net/6136b3h7yfpe  ([horriblesubs] no-rin - 01 [720p].mkv.exe)

26 / 68    (PUP)

27 / 68    (PUP)
http://www.tusfiles.net/mkh8vi5arp03  (f1.2014.co.reloaded_www.digloadz.com.rar.exe)

33 / 68    (PUP)
http://www.tusfiles.net/gld7ro37alxc  (Wbd N161 ott14.pdf.exe)

26 / 68    (Adware)
https://www.tusfiles.net/z8xvaw323hhu  (capital kings - remixd 2014.zip.exe)

0 / 68
https://www.tusfiles.net/01ws8py84rj1  (sg flash143-3.bscp.exe)

13 / 68    (PUP)
https://www.tusfiles.net/xum8mndgj0ie  (sg flash143-2.bscp.exe)

26 / 68    (PUP)

10 / 68    (PUP)
https://www.tusfiles.net/yp63whscbbma  (sygic1468crk.apk.exe)

29 / 68    (Adware)

21 / 68    (Adware)
http://www.tusfiles.net/ybd8a4tuly5g  (youtube.music.downloader.7.16.full.rar.exe)

21 / 68    (PUP)
http://www.tusfiles.net/8fkz163693q2  (man-u themes s60v3 symbian.rar.exe)

22 / 68    (Adware)
http://www.tusfiles.net/3trhrghoou90  (com_snkplaymore_android003.v1.10.1.apk.exe)

29 / 68    (Adware)
http://www.tusfiles.net/akyfj7bv8mga  (kms activator windows 7,8 and microsoft office mega pack 2013.rar.exe)

26 / 68    (Adware)

29 / 68    (Adware)
http://www.tusfiles.net/dm5plxv7duac  (a.s.13.pro.4.0.0.13.rar.exe)

13 / 68    (PUP)
http://www.tusfiles.net/rxxuz2746afw  (email extractor v5.6.0.0 full patch.rar.exe)

30 / 68    (Adware)
http://www.tusfiles.net/pwd4qkll1pet  (devexuniv12.1.8.7z.003.exe)

 
Latest 30 of 125 download URLs

URL:
http://www.tusfiles.net/

Google Analytics:
UA-3400026

Title:
“TusFiles | Free Cloud Storage”

Description:
“Share unlimited files using our free cloud service”

SSL certificate subject:
CN=*.tusfiles.net, OU=EssentialSSL Wildcard, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.8.0

Facebook:
Likes:  2,836
Shares:  5,227
Comments:  1,065

Statistics are for the previous month.

Remove Malware from www.tusfiles.net - Powered by Reason Core Security