home

cdn.file2desktop.com

OutBrowse LTD

Domain Information

The domain cdn.file2desktop.com registered by OutBrowse LTD was initially registered in July of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sherman Oaks, California within the United States which resides on the Unitas Global LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Monday, July 15, 2013

Expires date:
Friday, July 15, 2016

Updated date:
Thursday, July 16, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:
file2desktop.com

Whois:
3 file2desktop.com records

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (89% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Babylon.9, Adware.Conduit.6, Adware.Conduit.21, Adware.Downware.1664, Adware.Downware.1353, Adware.Downware.1676
60.00%

Baidu Antivirus
Adware.Win32.Toolbar, Trojan.Win32.OutBrowse, Adware.Win32.OutBrowse, PUA.Win32.OutBrowse, Trojan.Win32.StartPage, Trojan.Win32.Inject
57.14%

NANO AntiVirus
Trojan.Win32.Babylon.cbibuv, Trojan.Win32.Conduit.cnlzzm, Trojan.Win32.OutBrowse.crkqqe, Trojan.Win32.Babylon.cezitv, Trojan.Win32.Babylon.cdsyuj, Trojan.Win32.Generic.dbxkzp, Trojan.Win32.Generic.cthmwf
54.29%

Kaspersky
not-a-virus:WebToolbar.Win32.Toolbar, not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:AdWare.Win32.OutBrowse, Trojan.Win32.StartPage, not-a-virus:AdWare.MSIL.OutBrowse
54.29%

ESET NOD32
Win32/Toolbar.Babylon, Win32/Toolbar.Conduit, Win32/OutBrowse (variant), Win32/Toolbar.Babylon (variant), Win32/OutBrowse.AI (variant), NSIS/Adware.Agent
54.29%

Malwarebytes
PUP.Optional.Babylon.A, PUP.Optional.Conduit.A, PUP.Optional.Smart, PUP.Optional.RegCleanerPro, PUP.Optional.MixiToolBar.A, PUP.Optional.ShoppingHelper.A, PUP.Optional.OutBrowse, PUP.Optional.SavePass.A
51.43%

Trend Micro House Call
TROJ_GEN.R047H01H613, TROJ_GEN.R047H07KK13, TROJ_GEN.F47V1130, TROJ_GEN.F47V1126, TROJ_GEN.F47V1125, TROJ_GEN.F47V0904, TROJ_GEN.R0CBH07L713
51.43%

Vba32 AntiVirus
Downloader.OutBrowse, suspected of Trojan.Downloader.gen.h
45.71%

McAfee
Artemis!465016474C41, Artemis!C3015E208473, Artemis!A88B3E7D5F44, Artemis!3084E250299E, Artemis!4DCFD1CAEFCC, Artemis!15B8E8574376, RDN/Generic.bfr!gi, Artemis!B2EFAB53D4F0, Trojan.Artemis!5C8DD4561380
42.86%

Fortinet FortiGate
Riskware/Toolbar, Riskware/NSIS_OutBrowse, Riskware/OutBrowse, W32/Dloader.X!tr
37.14%

VIPRE Antivirus
Conduit, OutBrowse, Trojan.Win32.Generic, Wajam, Threat.4823950
37.14%

Reason Heuristics
Unnamed.Threat.15, PUP.OutBrowse.H, PUP.OutBrowse.E, PUP.OutBrowse.I, PUP.OutBrowse.J, PUP.OutBrowse.F, (M), PUP.Wajam.G, PUP.ShoppingHelper.SHelp2.Installer.Meta (M)
37.14%

K7 AntiVirus
Trojan , Riskware , Unwanted-Program , Adware
34.29%

Qihoo 360 Security
Win32/Virus.WebToolbar.0c6, Win32/Virus.Downloader.ad6, HEUR/Malware.QVM06.Gen, Win32/Trojan.Dropper.c9f, Win32/Trojan.d44
31.43%

Agnitum Outpost
PUA.OutBrowse, Trojan.Agent, PUA.Toolbar.Babylon
28.57%

The domain cdn.file2desktop.com has been seen to resolve to the following 4 IP addresses.

198.232.124.226
226-124-232-198.static.unitasglobal.net
September 15, 2014

198.232.124.228
228-124-232-198.static.unitasglobal.net
April 14, 2014

198.232.124.224
224-124-232-198.static.unitasglobal.net
February 15, 2014

108.161.187.128
December 22, 2013

File downloads found at URLs served by cdn.file2desktop.com.

0 / 68
http://cdn.file2desktop.com/.../wavtomp3_setup.exe  (013a84c7ce8fb28e7d451fb59de7f5b8)

3 / 68      (PUP)
http://cdn.file2desktop.com/.../ShoppinHelper2_Setup2.exe  (6d43788c1dc99f6ee108eac0acf92721)

16 / 68    (Adware)
http://cdn.file2desktop.com/.../WajamC.exe  (wajam.exe)

8 / 68      (PUP)
http://cdn.file2desktop.com/.../YouTubeAccelerator2-7.exe  (9b73316776cc645fe2d8e9b64b4061d1)

5 / 68      (inconclusive)
http://cdn.file2desktop.com/.../Plus-HD220150728.exe  (setup.exe)

10 / 68    (PUP)
http://cdn.file2desktop.com/.../Boxore20150812.exe  (e59ea3764cebbcd649ec8ef479c6c03e)

11 / 68    (PUP)
http://cdn.file2desktop.com/.../SearchProtectINTSetup.exe  (465016474c413bd4126561b111a3d0e1)

17 / 68    (PUP)
http://cdn.file2desktop.com/.../MixiYD.exe  (4dcfd1caefcc51e8586ec7ed340625d6)

12 / 68    (PUP)
http://cdn.file2desktop.com/.../MixiYD2.exe  (725537d18ef9c12e4f0b91d0168d4750)

5 / 68      (PUP)
http://cdn.file2desktop.com/.../YouTubeAccelerator9-7.exe  (youtube_acceleorator.exe)

4 / 68      (inconclusive)
http://cdn.file2desktop.com/.../BrowserSafeGuard_20140825_BH_7.exe  (5482129071)

1 / 68      (PUP)
http://cdn.file2desktop.com/.../ShoppinHelper2_2011.exe  (f0e408d7714e37084bfe2cafd992e7e2)

15 / 68    (Adware)
http://cdn.file2desktop.com/.../WajamC1.exe  (wajamc.exe)

4 / 68      (Malware)
http://cdn.file2desktop.com/.../VuuPC2_Installer.exe  (e25faea98d7d7d13a24279e5d6d1d5c1)

16 / 68    (PUP)
http://cdn.file2desktop.com/.../RegCleanSetup4.exe  (regclean.exe)

5 / 68      (PUP)
http://cdn.file2desktop.com/.../Shopop2_20140805.exe  (29e51e39bcc70a616e0f940013078793)

9 / 68      (PUP)
http://cdn.file2desktop.com/.../MixiYD4.exe  (5cb31c0bb00c6c6dc4dbfb13a311a777)

9 / 68      (PUP)
http://cdn.file2desktop.com/.../WebsSearches_Installer.exe  (webssearches_installer_20140723.exe)

6 / 68      (PUP)
http://cdn.file2desktop.com/.../SavePass_20141120.exe  ({blocked}.exe)

15 / 68    (PUP)
http://cdn.file2desktop.com/.../ShoppinHelper2_Setup1-7.exe  (shoppinhelper_0407-04563c15.exe)

4 / 68      (PUP)
http://cdn.file2desktop.com/.../Moozy.exe  (05753f056fada195a0c3b967699d308f)

2 / 68      (PUP)
http://cdn.file2desktop.com/.../ShoppinHelper2_Setup2C2.3.11.exe  (shoppinhelper2_0511-681659e8.exe)

6 / 68      (PUP)
http://cdn.file2desktop.com/.../RegCleanSetup10.exe  (68a0d1520196a0ab90932cce8e893580)

8 / 68      (PUP)
http://cdn.file2desktop.com/.../SavePass20141014.exe  (addonsvpus-54495308d678c.exe)

4 / 68      (PUP)
http://cdn.file2desktop.com/.../SearchProtectINTSetup3.exe  (8b8c81759d8969626da719c6c8c37214)

3 / 68      (Malware)
http://cdn.file2desktop.com/.../AmazingTab20151027.exe  (4e3696750d89d78cc7590630ce1f3d2b)

5 / 68      (PUP)
http://cdn.file2desktop.com/.../SearchProtectIM_Setup.exe  (01a0350a6d6e1ec5870e3c85fe4b1978)

3 / 68      (inconclusive)
http://cdn.file2desktop.com/.../Shopop2318.exe  (shopop_soft_partner.exe)

12 / 68    (PUP)
http://cdn.file2desktop.com/.../VuuPC2_Setup.exe  (toolbar13616126.exe)

18 / 68    (Adware)
http://cdn.file2desktop.com/.../FacebookChatInstantMessenger.exe  (download.exe)

 
Latest 30 of 38 download URLs

The following 26 files have been seen to comunicate with cdn.file2desktop.com in live environments.

TCP » 198.232.124.224:80
dtchk.exe (Search Results, LLC)

TCP » 198.232.124.224:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:80
defaulttabsearch.exe

TCP » 198.232.124.224:80
dtchk.exe (Search Results, LLC)

TCP » 198.232.124.224:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:80
dtchk.exe (Search Results, LLC)

TCP » 198.232.124.224:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 198.232.124.224:80
downloadmanager.exe (setup by @)

TCP » 198.232.124.224:80
downloadmanager.exe (Smart by @)

TCP » 198.232.124.224:80
MyHeritage.exe (MyHeritage Family Tree Builder by MyHeritage)

TCP » 198.232.124.224:80
dm1392322454.exe (setup by @)

TCP » 198.232.124.224:80
microsoft office 2013 professional plus full activator crack (32.bit-64.bit)__6266_il12065.exe

TCP » 198.232.124.224:80
sysTPLService.exe (sysTPLService by Tlapia)

TCP » 198.232.124.224:80
defaulttabsearch.exe

TCP » 198.232.124.224:80
secureassist.exe (SecureAssist.exe by SecureAssist)

TCP » 198.232.124.224:80
rd.exe

TCP » 198.232.124.224:80
WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

TCP » 198.232.124.224:80
WajamInternetEnhancer.exe (Wajam Internet Enhancer by Wajam Internet Technologies)

 
Latest 20 of 29 files

URL:
http://cdn.file2desktop.com/

Web server:
NetDNA-cache/2.2

2yourface.com

app2desktop.com

flashfxp.com

interstitials.net

mhcache.com

outbrowse.com

ppdownload.com

airdlr.com

ashampoo.com

browserdownloadsoft.com

browsoftdl.com

downloadcluster.com

downloadmix.de

downserver1.com

downserver2.com

downserver4.com

mysearchresults.com

netdna-cdn.com

netdna-ssl.com

opensightsoftware.com

raagalahari.com

revenyou.com

revenyouapp.com

sneakernews.com

video-plugin-download.com

appsdesktop.com

spacecad.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.