» dw901.go-for-files.biz
Overview
Analysis
IPs Addresses (2)
Downloads (42)
Network (19)
Website Detail
Related Domains (32)

dw901.go-for-files.biz

Whois Privacy Corp.

Domain Information

The domain dw901.go-for-files.biz registered by Whois Privacy Corp. was initially registered in October of 2014 through INTERNET.BS CORP.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Salt Lake City, Utah within the United States which resides on the Hosting Services, Inc. network.

Registrant:

Whois Privacy Corp.

Registrar:

INTERNET.BS CORP.

Server location:

Utah, United States (US)

Create date:

Wednesday, October 29, 2014

Expires date:

Wednesday, October 28, 2015

Updated date:

Thursday, October 30, 2014

ASN:

AS29854 WESTHOST - WestHost, Inc.,US

Root domain:

go-for-files.biz

Whois:

1 go-for-files.biz record

Scanner detections:

Detections (98% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Task.RighwayTechnologies.U, PUP.Installer.RighwayTechnologies.n, PUP.Installer.RighwayTechnologies.AA, PUP.Installer.RighwayTechnologies.?, PUP.Installer.RighwayTechnologies.s, PUP.Installer.RighwayTechnologies.l, PUP.Installer.RighwayTechnologies.t, PUP.Installer.RighwayTechnologies.e, PUP.Installer.RighwayTechnologies.a, PUP.Installer.RighwayTechnologies.V, PUP.Installer.RighwayTechnologies.v, PUP.Installer.RighwayTechnologies., PUP.Via Advertising.RighwayTechnologies.Bundler (M), PUP.Via Advertising.RighwayT.Bundler (M), PUP.Via Advertising (M)

97.62%

AVG

Righway Technologies, Adware Generic_r.AFE, Adware BundleApp_r

45.24%

Dr.Web

Adware.Downware.9015, Adware.Downware.4798

42.86%

VIPRE Antivirus

Threat.4925438

42.86%

K7 AntiVirus

Unwanted-Program

40.48%

Avira AntiVirus

TR/EDownload.K.18, APPL/Downloader.Gen4, TR/EDownload.3868564

40.48%

avast!

Win32:Dropper-gen [Drp], Win32:Adware-gen [Adw], Win32:Evo-gen [Susp]

38.10%

Comodo Security

Application.Win32.NoGoFiles.A, Application.Win32.EDown.FTVP

38.10%

MicroWorld eScan

Gen:Variant.Kazy.491253, Gen:Variant.Application.Bundler.24, Gen:Variant.Strictor.63674, Gen:Variant.Application.Bundler.29

35.71%

Bitdefender

Gen:Variant.Kazy.491253, Gen:Variant.Application.Bundler.24, Gen:Variant.Strictor.63674, Gen:Variant.Application.Bundler.29

35.71%

Vba32 AntiVirus

Signed-Downware.ExpressDownloader, Downloader.Agent

35.71%

Emsisoft Anti-Malware

Gen:Variant.Kazy.491253, Gen:Variant.Strictor.63674, Gen:Variant.Application.Bundler.29, Gen:Variant.Kazy.512897, Gen:Variant.Graftor.166800

33.33%

G Data

Gen:Variant.Kazy.491253, Gen:Variant.Application.Bundler.24, Gen:Variant.Strictor.63674, Gen:Variant.Application.Bundler.29

33.33%

ESET NOD32

Win32/ExpressDownloader.K potentially unwanted application, Win32/ExpressDownloader.J potentially unwanted application

33.33%

F-Secure

Gen:Variant.Kazy.491253, Gen:Variant.Application.Bundler, Gen:Variant.Strictor.63674

26.19%

The domain dw901.go-for-files.biz has been seen to resolve to the following 2 IP addresses.

199.195.196.180

199.195.196.180.static.midphase.com

September 12, 2015

74.63.79.82

November 17, 2014

File downloads found at URLs served by dw901.go-for-files.biz.

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GKQmvaqBU0hPwLJI/jc36SimpWjPcGd560BHv6hTJH4qY4b/6EMFDymSwX6cVSGenDVQrZyE1FkZ8GXtUwQw7eMUFy1nkaNIBjGjineOdzyDPzIGF/7T9nQvsjeESuZypG wtzQqZXMln7GUdZzB1oCNAXQlXCGE9cywkGItwTCjHT8W8q1PNaOc3zBRSEqE4wpv4fOqf/JzaQ9Cdc47g4AaT9ORnmkGZD7ptsX9KbaFvWg1lfntc7FY7JALzE3VrjlvMSscugQ ya krzM/cYoz/.../tu47yuPuK7wjWr7ZhUqrbFfNvxwzmJ cUe37rFVZ3EzEiC 9RLx5vnR8Pb (ouija.2014.720p._-dl.mazika2day.com.mkv_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GuXm/JqBBy0b5LIdqwLWX1uw5867oqYKW/.../0to WgTJKuzXTj6csxgfHdJsuli2 Y99VWjejqTpadig2Cmdk= (kimya_test_bankInIn_cavablarI_tqdk_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GHe0P3iBBC8eZzS5OeEU/4kAY55q04K/Xpfi391GUm/N1xUaWLMkLp3G8a6cZUFvqFBkCUlw5Eu5QLB9wnB0yNYxErk1YPP4RoQnPecu8nn366YyZt7yVbdeApfBzkO25J/gx7SP8VOk7wBz5Fxx1DVsgHTk3ZDxlv4FxaJNIScybb61Mi5OhbcI sTDWw0VUl qN5beWjcHP qXhP4a50Q6LDDwG61TxQvc88QIDMbhaF1wVMioJVS92NCrbFiA7klPUS6s73Qb/ZqBnyaLsO Tq69O1787fcKujOhCGY 9JgzPbAd4PnxX6Y/Z9RgbmHYZeTiRzFlYUby460UsPvjRFu1/.../HIozKcodrW6P0mtuXIp7pVuaQ== (blaga_de_la_oradea__downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/.../q5awto WgTJKuzXTj6csxgfHdJsuli2 Y99VWjejqTpadig2Cmd8= ({blocked}.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GvQmTU4gs3hOtLeYXgdz L4XEi8uF7MLeoLXOs3Gom9NVkBKCIKVK6iC11sZVeHfqBFVOGnwJVu4kWSo08SxiPaR4hmzRJYIBpDBWQfvA6wWHvN2F9 DhhaaE5Z0y1KmhWyAF/XPUSZlSiI1YX0Qt9WfgRTFDIHXtTwEcZZ8caXxre8g14irEaf4 5FmX3oA1n8rQ1OJT JS6np3hQ4Ph1U PHYlHolzYJuZ1pRtWYOEDV0AEY29BWHN CTvSSgy/.../ie35Mumu1S66 (jufd_010_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GVRWee A8ogPUPepa8KHiaoTQv8e16IfXkeivx0nVtuYc Ru3Yaxbn1WwMqJARWrKQFW2JnVYFwokdW45nGl2zcQ4ylTRIYJdhFimTLLFoiHH0DWh2 CI5aec/aUXgMGlRuQF/RL0ScF7ACXdEzRpuTJo3Zx/ZE0VR8BlEKNAVcyvYvwFvz JHEtb6BWD6uRJk8aJuaPyuam7 vD0AjPYtFr fZwrun2cPvp9uSIebZRaGgVQaitQAT96LC7WRjVvjw6NW/.../r1Uy36JgkxOSUeQ== (pre.14.480p.mkv_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GCY0ObmlpomoxRbsq0In2XtjVzo7Iucu 8I3bjjTZoqYkkCZ29Gg27gzNDtpRIaZu4KhSUilYH0MxYCd43Rg7VIwQ3kmAfe800S3zKN/MvjmHpN3JG4jI5LqkuekD1OGVGyBZpWf5bLAv8BnFSyFMtE9MWU2bDGVdJkg5AJNIaXyvS9h4q1OsSOdv5ZzKs 1Ihtet9CoqwNjiu9hcCv/cvDojMP1TrgCAJrPUxAd6fZE3JhlhX2o9RU96DX6eG3zPtlrEYtMv3R vG/Ez0MfZPpGW25q464bKra 6w3K/vMMlg6CRPZP1kFyivt1E0/.../g 9PO9Y= (gta_san.andreas_cracked_all_levels_mta_online_ggmm_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GNXnbdqFUt1a9MZdSkN2fTu2x0rbYvc7zzK3akyjZsvoolBKSaZhfg3Gkd7sZTHOjTFEeCkA8L1c1fCtwzVU6NdwMslXskL5AwTGyMY IomnzkDXRg zM5Jak5ZEjwNTEWsRZ0WsQOe17rV2xZxg94RskXVBfIGUkb2x5bHtARWSvD8El08sgSP9rrVA6g4lU2rM0uNvakYimr6RcIo6N9U SMZF71l2BD6Jp BILxNBSU2l0cjtcFGYzeCeTBjgmyzqNIvcL FejG/.../zkxi674oN0g SUL8Dk33CO7dJXsfXRGsGG2kSDysldg5WIfdjY FM= (hitman_absolution_fmodex.dll_error_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5HgczqViAwj8PUaS/30BzaZlAY3hOFuV/z4CyLtoGQ7iN1yYOHMHx7xrGgPnMlGb53eQnbY3CoBwblWH9A1VnrUIDVx1U1CY8w7Wg7ANMJ31yasd0QhrhcxOMtiLWCre0gdsiNRDN9eMWzZT1wJhi8rEONKBXidU2AEikJpapY6FWCPthUNgqMMeZrOAXT7vxkR/7cCbO7SfXj3om0l6rt0UfyHFFH 52NIm5N9SdeLGE3C8yJcr49BRdufLLnW/1ugs/pVyLnjMLXai0G/ca8Os3Ohvag/57OoPO2 mCP4/9B1i/SUKtakny7cr5dTj 7BSZfS5kKSmYkJjtqgVZjFpmh2ybleO43rXGbRsigziPMzdrOGI3m3qXJtrYM/d6KONkajxzhJucsrTquuAEGpmxNAmcQvbMKPCluEXhBShWYcHZ5mRnXSeRs5p3jzc80lsnwxKbN4PSWhazwYtSttev8DY0GmAyNMqlIrB8cPJFTFQBNdkkdFBc5LTHaHRk5yhbQIKt gQSyCyXB3r kBM7W0Izi/.../dJpDw== (اختبارات_السنة_3_إبتدائي_للفصول_الثلاثة.rar_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5HgczqViAwj8PUaS/30BzaZlAY3hOFuV/z4CyLtoGQ7iN1yYOHCfmLsyB4d/bVaC TBQnbY3Cp3wblXH6owVnrUIDZ61U1CY8xMWg7ANMJ31zDDaiVYvHNAJKpiPATXZilnrkdUEL5eIAjbUz0JlktYDIJKYRzvTgF8llENBYpbFHSSxghs bMRCYavAGXypRFwg6plG/ikajmg TBHp 1xVOOTZ1zonmxa7IwrBIHHOEjWglBJ2I9QW5/bGvWd2x7anqZNvd2yBuyZrBHyXLoF5WLvub9ouu3 ZOe8h2e6//p/jePdJpHxz3OD9tpCiu bRJ3Nn1 S1 JMld2vR4zV HNYlrteZ9iSXGbRsihR0rp6J atL2WbtD8n dFmMP3Vbwzp0XUX4NR5X7muC0 vnVpX15heDtfLC1vQYBEM32FOc5ExGneQOktymiaxeMR243R1eLYVTDvjPTVE/.../rFHtJ6glsbsoKIQaBBh1O (اختبار_التربية_العلمية_فصل1_-س2.docx_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GgWWbepk9jn7UJIcijLGrJtjM5q7wyPaevLnmjxydt8dRjE fbahTh2GoMq4QBR7jIXgvUyFsQlJwdToZkAWGFYUpx1n0JJ5JrFimnZfo mSiydGN14jVvIL58fEXgAWRK5BYtXfMDdUnsBH1FjQ1zWIEGREr0FUtIwQ5aOI47b2PF51El5OVYJNzhZz sswxzs/YzBqLmeW//qmZR/ax1S aVYU uxwsFvtkwTNTNahOGgwJB29BTHIqKWuPDhwizz/.../4= (endnote_x6_product_key_crack_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GTQmfcv14t1eZca8uwaH7Tp2xcoa8icqW5aiiLyiB355UiR7SMKAj6w3QP6slSF XNQgDZ3x9F2cxbC98zQAvaMERkg3wZL5AwTnrIIbZ8yTP3M3Jt5TN2QuY NRW1Kn5E8QR5SsQSbV36VyEXwAJ1VsxPER/fEldixxVbNY4NQSTF9kcs2edQPpHpVzzl lgmmPEvLKXiNiTy1xBHofstCYjBPAC4zQsDsJdoV5fKLyqOwl1I049KTN2CRrXBkFWy0bcR1pOnB XC/k kMfYeo2K0t/.../M7dAerdSTS5Wd3EXQx9xbx4XwFY7eqlN3071kb9DwDCzM7CE= (vuelve_a_casa_por_navidad,_si_puedes...__downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5HgcjKViwMj9f4aT4j0ATaZl343heluVPz4dljtpGM7jt1yY5LMHhbxr2cPmsRGa zQJQrFuCkToc1KeNAkMg/JQEdnsjBefswoOnrdU7trvVGiFzA8yW4hXL5/TRG2HDQA1lo1bKtDVhW6KysU5l45d59XYgyOMxQY7UINAIBbaXWSwAhs bcRCI vemnmtwlwgqJlG/OzfWTq33hEkadpXZSEJBrml2Bc6J9pRdOdZFOUxwIQj4tXRdqcGOCBygLghZ0Z7cb1UvmNqx73aq0j4X6i5aQ65qL Y7Pryi7vqtFzkc/BdJXgkGuC/dBHnfLQU9zD1kbQ0NlcpcuuRpDYt04/.../B5HWMdTLxPTT0I= (รูปหีหม่อมศรีรัตน์_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GERWHYoE1jn AUS8C4LGOX8HUq8ul6IuHvdjy8km4v NRgFuPcYhfiyyxfupgHE 3HXxSQmBlCipgdZYFlTg3KcQUjlm8SJat5BjqdLLFon3nuMWskunBwefwFYE7gKjFR/wdxTegIcVmxCXdchRp4RvgRT0zFAlZEkjJ9Z8EbTSno4Vwg2O1rI9C3CHe36k8KruJ9bf24dW34tHxS/a9 VPHXMTazxycF4p07R4XPbRffggZOitNUT42KUeXFhl7mladFscj3TL6c7A3wPo00s2u1vfxl8Of8e elkDWu/spzl/.../wkCzM7IxB (archive_-_axiom__downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GjVmHV 11n16gUa9ynImDfsCM5t7Y5faayIHHjkTd46pEkH HdahHm2mcd4MFFXamXDlbdyFsG1spbHJhgAUqCYAUdmW1GddJ5DSued oto2H ImUkunBnceY5YxyieHhB5D14RugSKVn3D3lV0AB5QYkRT1SNAkBO8BlHNN0KXjyK0nxvyeNVIeDpVDig5WM7qK9wf7/.../iIFNTUhEk= (face2face_advanced_workbook_pdf_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GEU23SrBBW3KJLZcu5LH6XlhQh67Iub6O4ITy8km4v NRgGuHZaRDiyyxfupgHE XMUQPT3xtXlokBX5peGlrRNlE2gmgdIJ1uID6BYeZzyTPkPml64Gs1O/s e377MX9RqhZ4TPoCZ0P6HjZSzAM6QcMBf1rEA0pJ3QMVAPZYXiDW7m8q1 9XJuDkV2zzqEgxtM0pKfakamn2tHlY5bB UOSEJQiEzjUet5c EIefOE3W0VlBiocGH9 NWbLG3Am3w/IUv86gEu/OrF7kYvM/3SG 56RuuKL bq61lTWu/spzl/.../wkCzM7IxB (adobe_photoshop_cs3_keygen_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5G2Xm/DpGRh1aBaJ8y MSDVpig8tLY5ZKGzOzy8km4v NRiEODaaxTiyyxfupgHE 3FVwLVzV0QlJwdToZkAWGFYUp21n0JJ5JrFimnZfo mSi dGN14jVvIL58fEXgAWRK5BYtWvYHZlnoD3pQxx0yVsgfBk3PBXtewA9GNcEHERD2pEIs2uprLtPjWzqc4FNo97Q0PbjJLS3yo3xP4ql1S WSfljoknIYvvUwEJDGYUDSiwJOj9cHTd7cDbDFjVvklPUT7ZjyQLmc/EGkN/5Ls3KzvdpD8Oj6Mqj9h3C/.../C (simsm_game-tor.iso.torrent_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GuXmzX4k9j0egNSZO6KmDb/jM38p8idaH2Oz/6onh1pYswCaTMaWC2jD1T/cQgC 7CFBmUkRIdj5QBXYxuHhWPahonr2QLddJ5DHfJJbJ4xCO3YjYgrSVxf Y NRirZjwTsRJxW 8IcV/AA3wMkEhoR8YURlDIKVBE3x8VdZUdQCzU6Q19nfJQPuDiVyK3s0g9ovMkKqXzMHOs9SVHp/o/OrTNJQev1C1Qivl A4bPMCqE3gkagOkKEtKOTvWXzTPsh/9HvdX0RbzR/km/Mv5Es3Kz3/FqpeygN 25x3Xou8ElhvGaItGgny/.../1acdZdW5AjieoTFh2KAkZp wLyv3 zsnqQ== (king_tee,_king_t-ice_t,_king_t-baby's_thy_kingdom_come_mp3_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GxX3udolJo06lQZ5WyLGPZ CVr7bIieKPwO3 tviF/.../yNwKm6nVW57B VOaMZFj1l2RV d85LovPLx3aildIjdBSSouIDODAh1uxxfJEuZnxTbic kmhNf1LpWT09fg2lcy7Y721xH3478Rj36SPa5T7yWqJ7O5KiqGGAYad2A== (thy-kingdom-come-by-king-tee_rar_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5GkVWGdqh408rlQetGyMCuOkyR7tLgvc6iuYij40GAzvIZ6Vr bKUO6mXleq8xSGu3CVQDQzl8Owo4aWIFlTg/cNUV2yTFdNpV/.../AZzRtNPU1TKBFBKyhhJJcBQTyrapEQtyNlXIsrkTCO6s24a4eAlOKfJJzGm SM vfFxVfHWNBqEzyRQ55x2QNGdckDXnFFB3ZARHLDSCfKbg1y0xKRJv8 jRrXM xr1ZflNojHk5Kw5tOX8P7y6wCPmqtB239PhPYrzkHqEvtJCmqGBAYLS1k Dx8lwk8z8ANjY FU= (abc-c-topics-citadels-2013-pc-torrent_downloader.exe)

13 / 68 (Adware)

http://dw901.go-for-files.biz/j5GuVnDVoh5Fh h9PNP6cj SpmJR9PwJJ6r4DC7to2J454g2VrWEOlK9hnRZt4MWBb6UCVmBik510NgtC8MkMA3JREBnszpeBMJ3WgnLNMENkXniIGk//yU5LLtrPxSgbzsdp0RjXPkPcBCmUysCk0hsVNUGTlzZKU1ZkkkONcEfSiPe4W89wvZRcIesWz2q7Vdo9rQ0PbjJLDK87nUVu/stAaTMNR31xTsA d48ArzNMwCJxhIA1uI2W53fCe2s3QDslKkv55T7RKuLrgvOar5Boj/8sa45 LasOfS kDWr7fp/.../N9VEw0fkDIMGsAknw9y9pgbApNLCrJHKxvjtFoYVuLeqRakY= (karekök_11.sınıf_matematik_soru_bankası_çözümleri_downloader.exe)

4 / 68 (inconclusive)

http://dw901.go-for-files.biz/j5GMRWPBoGRS1blLZdf3N32B5HMj9 l IPbteDy7lDF3qNhmEuDbbxfynT5YrJ8GXIOcAw/.../z5hfOspZkTncG9K kRkTeg5d0LqBGxD2lNUZ4EARVjHKUdRxhlDHt0REXeR9lQ65O9EcIe5FmDwvxJt8bxyaf2wMTyQ8ikSu6MpUraXaFrtwjVVvshqQoeXbRTf01Ed3IJcH9iIXrmQ2krwlv8zwd2qE7CapF7yYrpBuDb08OtksvH e4XhxS7tqtEqgA== (iraqi_tattoo_downloader.exe)

21 / 68 (Adware)

http://dw901.go-for-files.biz/j5HjQ3GN A83gPoOOI/gcCjPoCV7pORyL/3vdzy4gCFqooAlfbmNZhXymS1LvpcKTYOBHkKFxFoHwp4DU4tqTgrKcRMxr2EUNYAwCyKdcOc9knDzfGN25nBwefwFa07mMHhX7l9eZb0UcUzzNXtdyg13askdHQ2NAkBO8BNYfItKAn2DrAF/.../noFsq11UuOQYF3rxGNU6sloQNOYb0LX0UYMiosnNcnWD7yW0ErmlrZNpMrgBP Qrg3yd5EV8Trhpu02tw== (goforfiles_downloader.exe)

22 / 68 (Adware)

http://dw901.go-for-files.biz/j5GRX2ebjFdzx6RJb5OeIXjVujJh5eoKPYuvZFipkjp956MyTrSMNU2mjDZZ/oUQE 3BVgbXyFkB3clJSZ1jGlrRNEdywzFOYIRsDT6WdPERlXG6YSZt Tdie Y5V1XqLmkYpURzRfIFfxCrTGxV0DF0WtQGHU3DE0VZ3BRNNZ0dQyiR9lQ65OVbONH Sij wHBztfchNZT1KDSs8RcPvKN5Q6PGIzay1mlV64RgRc2fakLJgFBPzcMFIofbG nOhlu0kaRGvp/.../kXD4 cQqodiPd4GpyHHM 9BX07GEAYLS1k Dx8lwk8z8ANjY FU= (the_elusive_obvious-_or_basic_feldenkrais_downloader.exe)

12 / 68 (Adware)

http://dw901.go-for-files.biz/j5GRX2eehVpzxqhRftG/JiDvpT48sL0tOLa8PTy8km4v NRhFOnbahbnyyxfupgHE XMUwTS3xtXlokBX5peGlrRNlE2gmgdIJ1uID6BYeZzzTPkPml64GswO/s e377MX9RqhZ4TPoCZ0P6HjZSzAM6QcMBf1rEA0pJ3QMVFOBYXiDW7m8q1 9XJuDkV2z2qEgxtM0pKfancWjho3FP67B9VeOEJQiEzjUet5dqENabOUyDhFIaiYRQSI6CWOXDiQiwlfoWuc2lEbTL817kYvM/3SG 56RuuKL bq61lDWu/spzl/.../wkCzM7IxC (the.laurentine.spy.pdf.rar_downloader.exe)

19 / 68 (Adware)

http://dw901.go-for-files.biz/j5GRWGHRjF9vwOZnaNepaD2K5WxRr7c/ZKuxI3 6yhZzuYk2Vr bcBT63XEY9sdRBZ6QE1PLy0VEhY9JTps8QgrdMkR1xj9IctJ CiiRdb53xSGxYCZp6iRwc ooV0j3Yz8D4xBxT/0Pd3LrE2hUnlw6VssbQ1KWRwJJywl3KdwNWHjD6lUo3/.../9AZ7HhE6Ygt5OjpX1FY7eqlN3071kb9DwDCzM7CE= (tocaedit_xbox_360_controller_emulator_2.0.2.62_beta_2.rar_downloader.exe)

19 / 68 (Adware)

http://dw901.go-for-files.biz/j5G2VGPCpV5ywOBVZdCwLX3Puik/qbdmfqWvKze7hCszv4YyTI hH3m1mzYMrIJeH jEUATQwFIA1NscT4poFwPdNUdxxztdNpV/CySdY9wnmCi0dHRr6jBidOwFfFjjOzEWsQF8QPgNKRy5HnxC/AZzRtNPVFHOF0BOwR9cb9ARQWPD5kMW2OlBI8v4QWyQyRonovMsBqj6LT6kxSYO7q5qEbPRDwCrm2Vc54RqQdOAZEfJh1Ffntc7FY7JALzE3VrjlvMSscugQ ya krzM/cYoz/.../tu47yuPuK7wjWr7ZhUqrbFfNvxwzmJ cUe3rrFVZ3EzEiC 9RLx5vnR8PI ({blocked}.exe)

11 / 68 (Adware)

http://dw901.go-for-files.biz/j5GAU2XVqlprn/8PO4r6MTyXpjNnpLwlYu rKmi7iDxw54E4Vb6FNEewyytZ5cBXH vFXwDQzlIQl4gNU4w8SgfYNUBkgGgJMppoDRWRdb592mH1M2Z/4jVbafYqbRyreG9J/gF7FKpAYEnsNXBe0BohQc8XQV3YGEFJgRlHLJUKSDbo4V881fJGNILEdHex6105mPEsMKj9GzOgp3hHp/o/.../IWvpqjRL d kH1NfZO9mW3taE457yubPz9wC6dxIN7ha3MdcD3zGvXrJdTnPPRUpHU5kKSmY4JjpWj (edgecam_2012_r2_student_version_download_downloader.exe)

1 / 68 (Adware)

http://dw901.go-for-files.biz/j5HjQ3GN A83gf0NP47ocCjPoCV7pORyL/HlfDy4gCFqooAlfbmNZhXymS1LvpcKTYOBHkKFxFoHwp4DU4tqTg/KcRMxr2EUNYAwCyKdcOc9knDzfGN25nBwefwFa07mMHhX7l9Ee70UcUzzNXtdyg13askdHQmNAkBO8BNYfIJIHGuAtx5/.../i5U4f8qXO TYlrux2IP7889FdGWZE2Ch0YMiosnNcnWD7yW0ErmlrZNpMrgBP Qrg3yd5EV8Trhpu02tw== (goforfiles_downloader.exe)

10 / 68 (Adware)

http://dw901.go-for-files.biz/j5GVRWfEqAhCn59aa9S4N3eXsyhg64kkZaGvZGz7z2Iw/dFgCZGNP0m6xhxFtoUGQKjeMFuO0iZXh9sbSdUwRw/bMEJyxj5NYId4HSOcLLp3yye/dHB4 SJqeP0FYUWubSpR5QN2T/IFS1nmGn0Mm0h/Wc4RSwSaUFBZ3CVALsAKETHf51EtyOhROZHpVzzl lgmmPEvLKXiNiTyyB1HofstCYjBPAC4zQsDsJdoV5fKLyqOwl1I0oNKTNaLRrDEi0K3w/dW/.../pdWj6H2b9TM3haE0ZtMm9z8B9jct1hmxapPWd2pAjmepX5s (preta3d_reality_for_poser_v3.1.147_addon_content_win_mac_downloader.exe)

Latest 30 of 42 download URLs

The following 19 files have been seen to comunicate with dw901.go-for-files.biz in live environments.

TCP » 199.195.196.180:80

EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe

TCP » 199.195.196.180:80

EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe

TCP » 199.195.196.180:80

uninstall433109428.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

ExpressFiles.exe (ExpressFiles Application by http://www.express-files.com/)

TCP » 199.195.196.180:80

EFupdater.exe (Express Files Updater by http://www.express-files.com/)

TCP » 199.195.196.180:80

uninstall.exe (ExpressFiles Application by http://www.express-files.com/)

URL:

http://dw901.go-for-files.biz/

Web server:

nginx/1.2.1

Related Domains

yourfiledownloader.biz

yourfiledownloader.com

yourfiledownloader.info

yourfiledownloader.net

yourfiledownloader.org

30 of 32 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.