home

files4.freedownloads.us.com

CentralNic Ltd

Domain Information

The domain files4.freedownloads.us.com registered by CentralNic Ltd was initially registered in January of 1993 through Moniker Online Services. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Reston, Virginia within the United States which resides on the Tiggee LLC network. The domain is part of a DNS service that utilizes a number of reverse proxy IP Addresses (see below).
Registrar:
DEMYS LIMITED

Server location:
Virginia, United States (US)

Create date:
Tuesday, January 5, 1993

Expires date:
Saturday, January 4, 2025

Updated date:
Tuesday, December 15, 2015

ASN:
AS16552 TIGGEE - Tiggee LLC, US

Root domain:
us.com

Whois:
4 us.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadAdmin.U, PUP.Installer.DownloadAdmin.S, PUP.Installer.DownloadAdmin.V, PUP.Installer.DownloadAdmin.Z, PUP.Installer.DownloadAdmin.Q, PUP.Installer.DownloadAdmin.K, PUP.Installer.Tightrope, PUP.Bundler.Tightrope, PUP.Tightrope.DownloadAdmin.Bundler (M), PUP.TomorrowSoftware.GOLDENBANNERS.Bundler (M), PUP.DownloadAdmin.FullSpectrumInteractive.Installer (M), PUP.Tightrope.Blueis.Bundler (M), PUP.TomorrowSoftware.TrustedInstallSoftware.Installer (M), PUP.Tightrope.Download.Bundler (M), PUP.DownloadAdmin.UltraPro.Installer (M), PUP.TomorrowSoftware.SKUNKDOG.Bundler (M), PUP.Tightrope (M)
97.92%

VIPRE Antivirus
DownloadAdmin, Threat.4783369, Trojan.Win32.Generic
29.17%

Sophos
Download Admin, Download Admin (PUA)
29.17%

Dr.Web
Adware.Downware.2220, Threat.Undefined, Adware.Downware.411, Trojan.Vittalia.419, Trojan.Vittalia.732
27.08%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Trojan.Win32.Downware.bqhlba
25.00%

Malwarebytes
PUP.Optional.DownloadAdmin, PUP.DownloadAdmin, PUP.Optional.DownloadAdmin.A, PUP.Optional.DownLoadAdmin
22.92%

ESET NOD32
Win32/DownloadAdmin, Win32/DownloadAdmin.N potentially unwanted (variant), Win32/DownloadAdmin.P potentially unwanted (variant)
18.75%

herdProtect (fuzzy)
a variant of 52b5607f99ef004239897b1bd1ed072abd8fd296, a variant of 3065c5871b75a9def3b69213b679b1af622b92a1, a variant of e1e0de17055098db9ce449a304cb6737ae51624d
18.75%

F-Secure
Adware:W32/WebInstallBundle, Gen:Variant.Symmi.6376
14.58%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application
12.50%

Avira AntiVirus
ADWARE/Adware.Gen, ADWARE/Adware.Gen9, PUA/DownloadAdmin.KA
8.33%

Clam AntiVirus
Win.Adware.Agent-6650
8.33%

avast!
Adware-OH [Adw], Win32:Malware-gen
8.33%

SUPERAntiSpyware
Trojan.Agent/Gen-Artemis, Trojan.Agent/Gen-Downloader
6.25%

AhnLab V3 Security
PUP/Win32.Downloader
6.25%

The domain files4.freedownloads.us.com has been seen to resolve to the following 55 IP addresses.

96.45.82.151
redirection.dnsmadeeasy.com
June 29, 2016

96.45.82.92
redirection.dnsmadeeasy.com
June 29, 2016

96.45.83.206
redirection.dnsmadeeasy.com
June 29, 2016

96.45.83.110
redirection.dnsmadeeasy.com
June 29, 2016

104.96.220.216
a104-96-220-216.deploy.static.akamaitechnologies.com
May 24, 2016

104.96.220.233
a104-96-220-233.deploy.static.akamaitechnologies.com
May 22, 2016

104.112.235.19
a104-112-235-19.deploy.static.akamaitechnologies.com
May 22, 2016

184.51.126.43
a184-51-126-43.deploy.static.akamaitechnologies.com
April 19, 2016

184.51.126.64
a184-51-126-64.deploy.static.akamaitechnologies.com
April 19, 2016

184.51.126.49
a184-51-126-49.deploy.static.akamaitechnologies.com
April 19, 2016

72.247.9.80
a72-247-9-80.deploy.akamaitechnologies.com
March 2, 2016

72.247.9.34
a72-247-9-34.deploy.akamaitechnologies.com
March 2, 2016

23.0.160.98
a23-0-160-98.deploy.static.akamaitechnologies.com
January 5, 2016

23.0.160.88
a23-0-160-88.deploy.static.akamaitechnologies.com
January 5, 2016

184.51.126.105
a184-51-126-105.deploy.static.akamaitechnologies.com
January 4, 2016

184.51.126.90
a184-51-126-90.deploy.static.akamaitechnologies.com
January 4, 2016

184.51.126.83
a184-51-126-83.deploy.static.akamaitechnologies.com
January 4, 2016

165.254.210.40
January 4, 2016

165.254.210.17
January 4, 2016

23.220.148.33
a23-220-148-33.deploy.static.akamaitechnologies.com
January 3, 2016

23.220.148.8
a23-220-148-8.deploy.static.akamaitechnologies.com
January 3, 2016

69.31.16.138
January 3, 2016

69.31.16.163
January 3, 2016

23.62.236.162
a23-62-236-162.deploy.static.akamaitechnologies.com
May 5, 2015

23.62.236.147
a23-62-236-147.deploy.static.akamaitechnologies.com
May 5, 2015

96.6.113.59
a96-6-113-59.deploy.akamaitechnologies.com
May 3, 2015

96.6.113.122
a96-6-113-122.deploy.akamaitechnologies.com
May 3, 2015

23.67.243.59
a23-67-243-59.deploy.static.akamaitechnologies.com
May 2, 2015

173.223.205.50
a173-223-205-50.deploy.static.akamaitechnologies.com
May 2, 2015

173.223.205.107
a173-223-205-107.deploy.static.akamaitechnologies.com
May 2, 2015

 
Showing 30 of 55 IP Addresses

File downloads found at URLs served by files4.freedownloads.us.com.

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?c=freedl_pdfcreator&brand=freedownloads.us.com&pid=AfterDownload&aid=10156&bc=675193&country=US&cb=-1091186350  (pdfcreator-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=1178102&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Minecraft&country=US&cb=-238579744&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1&executable=1191457  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_vlc&brand=freedownloads.us.com&pid=TR&bc=11167&country=us&cb=-1757386053  (vlcmediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=10691&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Songbird_CCUS_All&country=US&variation=WS_AOL_BP&cb=1157851235&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1&executable=1191457  (songbird-setup.exe)

2 / 68      (false positives)
http://files4.freedownloads.us.com/download/.../dl?bc=1178102&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Minecraft&country=US&cb=1879283177&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1&executable=1191921  (wrar420.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_vlc&brand=freedownloads.us.com&pid=TR&bc=410379&country=us&cb=1468171834  (vlcmediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_7zip&brand=freedownloads.us.com&pid=TR&bc=605877&country=us&cb=-967093026  (7zip-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=msn&c=freedl_7zip&brand=freedownloads.us.com&pid=TR&bc=10516&country=us&cb=943762656  (7zip-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_VLC_CCMY_Exact_English&brand=freedownloads.us.com&pid=TR&bc=845429&country=MY&cb=1891219290  (vlcmediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=1178102&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Minecraft&country=US&variation=chwebsite&cb=508609666&filename=minecraftfreedownloadsuscom-setup.exe&osName=Windows&osVersion=7&browserName=IE&browserVersion=11&zTmp=1  (d8cfe975b25fd721ca442311f7dc143c)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_oosuite&brand=freedownloads.us.com&pid=TR&bc=5837&country=us&cb=1124499473  (openofficesuite-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_vlc&brand=freedownloads.us.com&pid=TR&bc=435119&country=us&cb=-2069155783  (vlcmediaplayer-setup.exe)

10 / 68    (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=1195659&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Minecraft_US&country=US&cb=-1387485594&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1&executable=1195513  (minecraftfreedownloadsuscom-setup.exe)

10 / 68    (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=1195659&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Minecraft_US&country=US&cb=-1111719376&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1&executable=1195513  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=4926&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_OOSuite_US&country=US&cb=209066359&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1  (openofficesuite-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_7Zip_CCROW_All&brand=freedownloads.us.com&pid=TR&bc=905469&country=MY&cb=988616659  (7zip-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_norton&variation=green-accept&brand=freedownloads.us.com&pid=TR&bc=501789&country=us&cb=-1808475288  (nortoninternetsecurity2012-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_VLC_CCUS_Broad&brand=freedownloads.us.com&pid=TR&bc=969083&country=US&cb=-1279039729  (vlcmediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=freedl_oosuite&brand=freedownloads.us.com&pid=TR&bc=5837&country=us&cb=-1897825233  (openofficesuite-setup.exe)

9 / 68      (Adware)
http://files4.freedownloads.us.com/download?s=google&c=t1&brand=freedownloads.us.com&pid=TR&bc=410379&country=us&cb=-324786770  (vlcmediaplayer-setup.exe)

10 / 68    (PUP)
http://files4.freedownloads.us.com/download/.../dl?bc=1195659&pid=TR&brand=freedownloads.us.com&s=yahoo&c=FreeD_Minecraft&country=US&cb=-1107479069&osName=Windows&osVersion=8.1&browserName=IE&browserVersion=11&zTmp=1&executable=1195513  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.freedownloads.us.com/download/.../dl?bc=1178102&pid=TR&brand=freedownloads.us.com&s=yahoo&c=FreeD_Minecraft&country=US&cb=-354391315&osName=Windows&osVersion=8&browserName=IE&browserVersion=10&zTmp=1&executable=1191921  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (PUP)
http://files4.freedownloads.us.com/download/.../dl?bc=1178102&pid=TR&brand=freedownloads.us.com&s=yahoo&c=FreeD_Minecraft&country=US&cb=867413557&osName=Windows&osVersion=8&browserName=IE&browserVersion=10&zTmp=1&executable=1191921  (minecraftfreedownloadsuscom-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?bc=4921&pid=TR&brand=freedownloads.us.com&s=msn&c=FreeD_Gimp_UK&country=GB&cb=649371939&signature_id=85&osName=Windows&osVersion=7&browserName=Chrome&browserVersion=44&zTmp=1&executable=1186365  (gimp-setup.exe)

11 / 68    (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_VLC_CCUS_Broad&brand=freedownloads.us.com&pid=TR&bc=912765&country=US&cb=-1655818158  (vlcmediaplayer-setup.exe)

13 / 68    (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_OOSuite_CCUS_All&brand=freedownloads.us.com&pid=TR&aid=boost&bc=963078&country=US&cb=1842159671  (openofficesuite-setup.exe)

10 / 68    (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_VLC_CCUS_Exact&brand=freedownloads.us.com&pid=TR&bc=912765&country=US&cb=-1311559679  (vlcmediaplayer-setup.exe)

10 / 68    (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_OOSuite_CCUS_All&brand=freedownloads.us.com&pid=TR&bc=962974&country=US&cb=1719854855  (openofficesuite-setup.exe)

6 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_VLC_CCNZ_Exact_English&brand=freedownloads.us.com&pid=TR&bc=845429&country=NZ&cb=-1646021004  (vlcmediaplayer-setup.exe)

1 / 68      (Adware)
http://files4.freedownloads.us.com/download/.../dl?s=google&c=FreeD_7Zip_CCUS_All&brand=freedownloads.us.com&pid=TR&bc=905469&country=US&cb=-572173023  (7zip-setup.exe)

 
Latest 30 of 278 download URLs

The following 721 files have been seen to comunicate with files4.freedownloads.us.com in live environments.

TCP » 104.112.235.19:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 184.51.126.90:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.49:80
updateadmin.exe

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.49:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.105:443
citrio.exe (Citrio by CatalinaGroup)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 23.15.9.18:80
browser.exe (Browser)

TCP » 184.51.126.105:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
messengertime.exe

TCP » 184.51.126.90:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.83:443
whatsapptime.exe

TCP » 184.51.126.83:443
new_chrome.exe (1stBrowser by The 1stBrowser Authors)

TCP » 184.51.126.83:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.90:443
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 772 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.