home

www.flvplayer-download.net

Whois Privacy Corp.

Domain Information

The domain www.flvplayer-download.net registered by Whois Privacy Corp. was initially registered in November of 2014 through TLD REGISTRAR SOLUTIONS LTD. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dublin, Dublin City within Ireland which resides on the Amazon Technologies Inc. network.
Registrar:
TLD REGISTRAR SOLUTIONS LTD

Server location:
Dublin City, Ireland (IE)

Create date:
Sunday, November 2, 2014

Expires date:
Wednesday, November 2, 2016

Updated date:
Tuesday, November 3, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Root domain:
flvplayer-download.net

Whois:
2 flvplayer-download.net records

Scanner detections:
Detections  (85% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.KanchanaKhiandee.Q, PUP.VASSANAKONGSOONGNERN.Q, PUP.VASSANAKONGSOONGNERN.I, PUP.CoolMirage
91.67%

AVG
Generic
83.33%

VIPRE Antivirus
CoolMirage Ltd
75.00%

K7 AntiVirus
Adware
75.00%

Kaspersky
not-a-virus:AdWare.NSIS.Yontoo, not-a-virus:Downloader.Win32.TornTV
75.00%

Dr.Web
Adware.Downware.8319, Adware.Yontoo.54
75.00%

ESET NOD32
NSIS/TrojanDownloader.Adload.AA, NSIS/TrojanDropper.Agent.CB
75.00%

McAfee
Artemis!34C1CBBE611F, Artemis!D28CBE6FAB4F, Artemis!825D269C90EE, Artemis!21031D20DE47, Artemis!E50423C905E2, Artemis!F2FDCC9824CB
66.67%

Sophos
Kanchana Khiandee adware, Generic PUA HJ, CoolMirage, Generic PUA AA
66.67%

Trend Micro House Call
Suspicious_GEN.F47V1204, Suspicious_GEN.F47V0202, Suspicious_GEN.F47V0204, Suspici.EDD0D2A5, Suspicious_GEN.F47V0217
58.33%

AhnLab V3 Security
Win-PUP/CrossRider
50.00%

G Data
NSIS.Application.Adload
33.33%

Baidu Antivirus
Adware.NSIS.Yontoo, Hacktool.Win32.TornTV, Trojan.MSIL.ShimChanger
33.33%

Panda Antivirus
Trj/Chgt.N, Generic Suspicious
25.00%

Qihoo 360 Security
Win32/Trojan.b01, Win32/Virus.Downloader.e28
25.00%

The domain www.flvplayer-download.net has been seen to resolve to the following 3 IP addresses.

54.72.130.67
ns1.ibspark.com
November 7, 2015

50.18.157.95
ec2-50-18-157-95.us-west-1.compute.amazonaws.com
November 10, 2014

50.18.126.37
ec2-50-18-126-37.us-west-1.compute.amazonaws.com
November 10, 2014

File downloads found at URLs served by www.flvplayer-download.net.

0 / 68
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wEEL5A4PPTDA2V0I0I9PDS4Q  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wGKEHDHA5ARR552H0VSKN3DS  (flvplayer-chrome.exe)

1 / 68      (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wFF497LQBJ4BOESFGJ3PQNA2  (f_0003cf)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wUS94VEUDC2EMQ2HG3LHB404  (flvplayer-chrome.exe)

8 / 68      (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wT13U63VUGR2A0EG04NDPBDA  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wVF07FQIJC0OILVG0USIGK94  (flvplayer-chrome.exe)

4 / 68      (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w544BRECE6MFAESFGQOTQ5CK  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wORSIS4IK6U505QGG7BNE45K  (flvplayer-chrome.exe)

8 / 68      (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w9FHG8EKPEMNAK8GGN8OMVAS  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wJCBP5EN6VRQF11HGEUQPB98  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w8DISCV2M8BR8MEH0J8R46SG  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wG8P4BQMA8G8JHKG0T5FR5FS  (flvplayer-chrome.exe)

10 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wNOTV8GOVC3JIA1IGI1JOD52  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wLQROAIT8VARFDQGG62N4RE6  (flvplayer-chrome.exe)

4 / 68      (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wQ1OOR7EFU8A4FRF03TR9CES  (flvplayer-chrome.exe)

15 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wQQEERD668CQ63THGK79HTC4  (flvplayer-chrome_a.exe)

18 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w5OO44Q8GGRP4LTH0MMRIEIS  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wE93U6Q9DP08M22H0ENT9HAS  (flvplayer-chrome.exe)

10 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wEK0DUO5LB9SDA1IGEULOC3E  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wTQB7IKRO4K96DHG0BIVD45G  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wIB6VI7R4LB3AP2H0E9NMDF8  (flvplayer-chrome.exe)

4 / 68      (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wDGEF8PJFR637CSFGV01IV9E  (flvplayer-chrome.exe)

18 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w50SL0USOQNJ6JUHG897OQ4C  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wTNM9SMIEGOLIEHGG5LJCKF6  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w1FCGDUVFBQIUN2I06F76R5C  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wPB71UQNBCO14OBHGV7OG6MK  (flvplayer-chrome.exe)

14 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wGEETTGHNA129R6I0S88AL70  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w06NI56TIIRV7P2H0CO5O44C  (flvplayer-chrome.exe)

12 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=w846R17VR4IFIBVHGBSHINQ8  (flvplayer-chrome.exe)

11 / 68    (Adware)
http://www.flvplayer-download.net/.../mar10.php?subid=marmarlk&sid=wLS8O0DMD3S31U1H0N21IQ50  (flvplayer-chrome.exe)

 
Latest 30 of 1,285 download URLs

The following 142 files have been seen to comunicate with www.flvplayer-download.net in live environments.

TCP » 54.72.130.67:80
simplefilesupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall12590625.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall5322109.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
uninstall190602.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
yourfileupdater.exe (YourFile Downloader by http://yourfiledownloader.com)

TCP » 54.72.130.67:80
googleupdate.exe

TCP » 54.72.130.67:80
browserserver.exe

TCP » 54.72.130.67:80
sm.exe (System Monitor)

TCP » 54.72.130.67:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.72.130.67:80
uninstall129231.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
sfupdater.exe (SimpleFiles Application by http://simple-files.com/)

TCP » 54.72.130.67:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 54.72.130.67:80
TBNotifier.exe (Ask TBNotifier by APN)

TCP » 54.72.130.67:80
pepperzip.exe

TCP » 54.72.130.67:80
internetenhancer.exe (Internet Enhancer)

TCP » 54.72.130.67:80
ssn.exe (ssn)

TCP » 54.72.130.67:443
mintcast_updater_service.exe (AutomaticUpdater)

TCP » 54.72.130.67:80
yacqq.exe

 
Latest 20 of 154 files

URL:
http://www.flvplayer-download.net/

Title:
“flvplayer-download.net”

Web server:
nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.