home

de.originaldll.com

Private Person  (Proxy Registrant)

Domain Information

The domain de.originaldll.com is registered by proxy through REGISTRAR OF DOMAIN NAMES REG.RU LLC and was originally registered in July of 2012. The hosted servers are located in Nuremberg, Bayern within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
REGISTRAR OF DOMAIN NAMES REG.RU LLC

Server location:
Bayern, Germany (DE)

Create date:
Sunday, July 8, 2012

Expires date:
Friday, July 8, 2016

Updated date:
Wednesday, July 15, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online AG

Root domain:
originaldll.com

Whois:
4 originaldll.com records

The domain de.originaldll.com has been seen to resolve to the following 2 IP addresses.

5.9.110.12
static.12.110.9.5.clients.your-server.de
December 19, 2015

176.9.43.49
static.49.43.9.176.clients.your-server.de
May 21, 2014

File downloads found at URLs served by de.originaldll.com.

1 / 68      (Malware)
http://de.originaldll.com/.../36176.exe  (letterzu-0.8.exe)

0 / 68
http://de.originaldll.com/.../12136.dll  (d3dcompiler_43.dll)

0 / 68
http://de.originaldll.com/.../12138.dll  (d3dx9_43.dll)

0 / 68
http://de.originaldll.com/.../35703.dll  (vorbisfile.dll)

0 / 68
http://de.originaldll.com/.../12158.dll  (XAPOFX1_5.dll)

0 / 68
http://de.originaldll.com/.../18885.exe  (javaw.exe)

0 / 68
http://de.originaldll.com/.../9274.dll  (kernelbase.dll)

0 / 68
http://de.originaldll.com/.../12146.dll  (OpenAL32.dll)

0 / 68
http://de.originaldll.com/.../35287.dll  (api-ms-win-downlevel-advapi32-l1-1-0.dll)

0 / 68
http://de.originaldll.com/.../16562.dll  (synHub.dll)

0 / 68
http://de.originaldll.com/.../36206.dll  (ImpulseReactor.dll)

0 / 68
http://de.originaldll.com/.../9390.dll  (MFC100.DLL)

The following file have been seen to comunicate with de.originaldll.com in live environments.

TCP » 5.9.110.12:80
UCBrowser.exe (UC Browser by UCWeb)

URL:
http://de.originaldll.com/

Title:
“Original dll files”

Web server:
nginx/1.2.1 (PHP/5.4.45-0+deb7u2)

dll-overhaul.com

dll-repairs.com

filemissed.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.