home

dll512.retailfile.biz

Whois Privacy Corp.

Domain Information

The domain dll512.retailfile.biz registered by Whois Privacy Corp. was initially registered in September of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the FDCservers.net network.
Registrar:
INTERNET.BS CORP.

Server location:
Illinois, United States (US)

Create date:
Monday, September 15, 2014

Expires date:
Monday, September 14, 2015

Updated date:
Monday, September 15, 2014

ASN:
AS6461 ABOVENET - Abovenet Communications, Inc,US

Root domain:
retailfile.biz

Whois:
2 retailfile.biz records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ViaAdvertisingGroupLimited.j, PUP.Installer.ViaAdvertisingGroupLimited.o, PUP.Via Advertising.Bundler, PUP.Via Advertising.ViaAdvertisingGroup.Bundler (M), PUP.Via Advertising.ViaAdver.Bundler (M), PUP.Via Advertising (M)
100.00%

avast!
Win32:Downloader-UEO [PUP]
30.77%

VIPRE Antivirus
Threat.4758264
30.77%

Dr.Web
Adware.Downware.8126, Threat.Undefined, Adware.Downware.8715, Adware.Downware.10330
30.77%

Avira AntiVirus
TR/EDownload.J.2, APPL/Downloader.Gen8, APPL/Downloader.Gen4, PUA/EDownloader.Gen4
30.77%

ESET NOD32
Win32/ExpressDownloader.J potentially unwanted application, Win32/ExpressDownloader.K potentially unwanted application
23.08%

Malwarebytes
PUP.Optional.YourFileDown, PUP.Optional.Downloader
23.08%

AVG
Adware BundleApp_r, Adware Generic_r.AFD
15.38%

K7 AntiVirus
Adware , Unwanted-Program
15.38%

herdProtect (fuzzy)
a variant of fee845b9f00d040e30d21a245b2d054ae545c82a
7.69%

IKARUS anti.virus
PUA.Expressdownloader
7.69%

NANO AntiVirus
Riskware.Win32.Downware.deefau
7.69%

Agnitum Outpost
Riskware.Agent
7.69%

Baidu Antivirus
PUA.Win32.ExpressDownloader
7.69%

Kaspersky
HEUR:Trojan.Win32.Generic
7.69%

The domain dll512.retailfile.biz has been seen to resolve to the following IP address.

50.7.29.78
September 27, 2014

File downloads found at URLs served by dll512.retailfile.biz.

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GWWG7FvVJp2pJveN2OCmDIsDV/pb0id7C4EE2nkzh8o4o8fZuMIgCgnmIb7MBSH /HUQLS3xhDhpQLB9E4Sg3VIwcjgn0VI4ZSFi7FIqU6jnThNGl61CJ9bepnORO1PWBM9AktGL0ScF7AAndC11NoXcITRErFE1ATzBVFZ8caXxrU7UUnz/RNcO/ZHiSis38d4f4nZK74Yj6u7nVV9e4 CrPXMx2EzzBQ7YwqEI3KYUPehVhfn4sNW4TfEbzD2Fi3k/ZD68/.../kf9Gbis606tOepbeuwmA==  (yourfile_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GnW2PTohBx3alQfZO4JGnF/iZoobUud KpPCf51WIu9NZvFODbfVWhjzZO5chaF rMQUKBix9YgY8wU4w8QBiYdxYklmAYGYB0Dy/.../JLTnyqG4TsvAoWOaVYljjgCBQt4wzFJqTZUTV0FkbiYMGSNbfWLaS31S3xfdAvMnxFrycrh2mNq8=  (black_widow_iggy_azalea_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GXUmfc4gkt5qheZpO3NyXovSI5jbgvPZepOnS8jDJw58h8a/ulMk2xxgtF87wMWLneLkbGjRgL1cleC9s3RQvZMlExhWsSIsk0RnvPI6U nWfzPGVr1D9gILx8fFPyOGpM9D1kUOsDKR 5CXRYwAUhBIEGREr0HktO20dcKdYfSDbZ50Rn2OlZa8vuSw6g4Uk7s A5ZI7VYiiupwsp9fIrWLLMdgq60mlA7owoA4zKKRaT7Qkd1oRCD47UDLzCj1Wxz QEtJLgH iG9xmjNP1Kpjbm5Ptq4Leuaei/.../KdIoesnnra  (reel_2_real_ft_the_mad_stuntman_-_i_like_to_move_it_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5G/WG7R4lBx1aRLZZO/JGfFtCpmqLglcqX2I3WmgHVqv9hmFuHZYh/k1Gof/oIWTLWRWgvZwFgFwo0OSJxvFkyzbBN/wy8PNJVrGSObTvc3jHC6YzA/.../w1jXaYSfEj DmtfxhoyVsgfBk3PBXtewA9GNcEHEQL1pEUohsV8a9PtBTStqF80s69taO3mNjKr7ysVjPcoWOWEIgi1wmlU7J9sV5eTPQ==  (zola_kwaito_ngiyamthanda_lona_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GsWXHEqB1yx/AOPongczeM4HIi5qo dK25civ41WIt6pU2UKSHPlSLhDsX7NcXXL2TAVuDph9PlJhSA85iH1ePbkpz1n0fNatlEDmMLPAjnWfzJWV76jJ3M w1ZQfnOn969A1lR 8UbRDaLT5EwlNffYEeRwTOGAJezg4VbIJYXDfY5kUqz9ldKYK4HiOi4Fho9qtwb/.../vkDEJ6ZhhSICfbBTUggFL04UFGIrZCueVjA==  (insta_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5G/WG7R4lBx1aRLZZO/JGfFtCpmqLglcqX2I3WmgHVqv9hmFuHZYh/k1Gof/oIWTLWRWgvZwFgFwo0OSJxvFkyzbBN/wy8PNJVrGSObTvc3jHC6YzA/.../w1jXaYSfEj DmtfxhoyVsgfBk3PBXtewA9GNcEHEQL1pEUohsV8a9PtBTStqF80s69taO3mNjKr7ysVjPcoWOWEIgi1wmlU7J9sV5eTPQ==  (zola_kwaito_ngiyamthanda_lona_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GsbW3Epktjn4JFZda0aDuS/gRgobogc6D2LWPjtTZ/oc4WcYOAHGjymSwX6cVSHuTEUQHWyE1FkZ8GXtUwQw7cMUVkgGgJMppoDRWRdb592mH1M2Z/4jVbafYqbRyheG9J/.../q9qFaXNNBy40gsEu5dqV5HPMhHag1JJ05AQQIecA SKgwmwlaZFsMmlR jKrB71YvZIrTW0tahu5eCtaem lSft  (izotope_ozone_5._cracked_by_team_assign_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GoUmPEpVRn0uZTb8z6LmuXpit3palgear2Jm7ulSAj/dFmE XcaRfg3XlZrZMKSuHMXgPXy01GhY8bVI1zLFeIOERkhHsaIJJkHBWMaPMrwS2hMWxw6D05LKkubFLMNmNW419kQf4HcF7xD2wfwAFxE9MWU2bIGVFT2whRfOk/.../QU78 nFrma80moZvgdo2bg  (meatloaf_let_me_sleep_on_it_downloader.exe)

1 / 68      (Adware)
http://dll512.retailfile.biz/j5GGWGzTrEtywaxTIei5On3VtjQ58eg/fu YK3O8iDxw4pc2UPadKBvl2W4a4cdXFuTGQUGVmwJS2cRWA9g4VU6NdwMslXskL5AwTGyMY IomnzkDXRg zM5Jak5ZEjwNTEUsRZ0WsQOe17rV2xZxg94RskXVBfIGUkb2x5bHtARWSvD8El07tUSON63exnl4ltoovxmOqrieWnp6joOt svEYjLNFTpgCYMsc5lQNKdbkXBxl0Rzd0BBNLcC7fD21rgwvtJ6Jr Ebue/.../1ot7P ag==  (conceptual_physics_11th_edition.rar_downloader.exe)

12 / 68    (Adware)
http://dll512.retailfile.biz/j5GBUnLJu1Rh0aNeftG LVHooCl8pbVtYrfgfi750GYp9NZnFPaaLkS9iWIb6MFRGu3TF1OSjQVTlqIGXtUyVUqeZBEkmWokMo19GnfJIaUtkHzkOT0orSJgbtAyZ1LnY3hN8gN0WvUDYAP8BXUX1wpvasQdVVffBF0A zIONNJDbw2R7ld03ugSLt7 BXzyqEwnqPY1Or/.../NFu5mkTb7O B6nMQ==  (depyrogenation_tunnel_downloader.exe)

9 / 68      (Adware)
http://dll512.retailfile.biz/j5GWR3vYvFVy0b9gPueULm/VuRhTrr0URqWuPG2nkzc4uJZqE TYahDm1W8Z7NcQW76cAw/ZwFIF3dsfW5p1HVueWh4mzTpdMoZsGSyRctw6hWXibzg/6DptfuRnOQfnOn96/w1jXaYSfEj DmtfxhoyVsgfBk3PBXtewA9GNcEHEQvwpEUohsV8a9PtBTStqF80s690f7vkKzm6 Tw uvpxV/HQMQe/.../wZ8DG0sq0=  (spyhunter_4_email_and_password_downloader.exe)

6 / 68      (Adware)
http://dll512.retailfile.biz/j5GvWGre4l9j0b9aIcyjIm3IujVh670kYaqxIHusyidxvoA5VvadKBvl2W4b6cRXHu3DQUGVmwJS2cRWCtwzVU6NdwMslXskL5AwTGyMY IomnzkDXRg zM5Jak5ZEjwNTEUsRZ0WsQOe17rV2xZxg94RskXVBfIGUkb2x5bHtARWSvD8El08sMSON63exnl4ltoovxmOqrieXD vDgTvPo5BqP9OQ3mlHIfvsQ8TNeda0PBxl0Qzd0BBNKDDODFhli3waMTucOnQe6c803zYPYe9zKz46k95rWlbg==  (john_deere_tractors_download_torent_downloader.exe)

15 / 68    (Adware)
http://dll512.retailfile.biz/j5GRX2vD4nJ1n5lXb5OCLGDb/hN6oa1gWKGrKmjjpD04uJZqE TYahPs22Yd7NcQW76cAw/ZwFoB1tsfW5p1HVueWh4mzTpdMoZsGSyRctw6hWXibzQ/6DptfuRnOQfnOn96/.../  (this_is_the_song_that_never_en_downloader.exe)

archiveload.biz

bestfiledownload.biz

dailyfiledownload.biz

down-loader.biz

fansfile.biz

filedatabase.biz

filedownloadserver.biz

interarchive.biz

loadarchive.biz

sprintload.biz

usedfile.biz

webfilebase.biz

worldfiledownload.biz

yfdownloader.com

yourfdownloader.com

yourfdownloader.net

yourfile-downloader.net

yourfiledownloader.biz

yourfiledownloader.com

yourfiledownloader.net

yourfiledownloader.org

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.