www.girlliuxiaowei.com

YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Domain Information

The domain www.girlliuxiaowei.com registered by YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service) was initially registered in June of 2014 through HICHINA ZHICHENG TECHNOLOGY LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
HICHINA ZHICHENG TECHNOLOGY LTD.

Server location:
Texas, United States (US)

Create date:
Tuesday, June 17, 2014

Expires date:
Friday, June 17, 2016

Updated date:
Friday, June 19, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Ma Lin, PUP.Ma Lin.ShulanHou, Threat.Ma Lin.ShulanHou, PUP.Ma Lin.ShulanHou (M), Adware.Amonetize, PUP.ELEX.YuxinWANG (M), PUP.ELEX.MinidigitalTechnologyCo (M), Threat.Win.Reputation.IMP, PUP.Thinknice.ThinkniceCo (M), PUP.CHAODONGXIAO (M), PUP.ELEX.YuxinWAN (M), PUP.ELEX.ShulanHo (M), PUP.Thinknice.Software (M), PUP.ELEX.Minidigi (M)
100.00%

Dr.Web
Adware.Mutabaha.122, Adware.Mutabaha.111, Adware.Mutabaha.306, Adware.Mutabaha.508, Adware.Mutabaha.597, Win32.Runonce.6652, Adware.Mutabaha.914
30.56%

Malwarebytes
PUP.Optional.MyStartSearch.A, PUP.Optional.IStartSurf.A, PUP.Optional.MyStartSearch.ShrtCln, PUP.Optional.IStartSurf.ShrtCln
27.78%

K7 AntiVirus
Unwanted-Program , Adware
16.67%

Baidu Antivirus
Adware.Win32.ELEX
13.89%

ESET NOD32
Win32/ELEX.CL potentially unwanted (variant), Win32/ELEX.EY potentially unwanted (variant), Win32/ELEX.FK potentially unwanted (variant)
13.89%

Agnitum Outpost
Riskware.Agent
11.11%

VIPRE Antivirus
Threat.4758034, Threat.219451, Trojan.Win32.Generic
11.11%

ESET NOD32
Win32/ELEX.CF potentially unwanted application
8.33%

Bkav FE
W32.HfsAdware
8.33%

avast!
Win32:SaliCode, Win32:Oncer
8.33%

herdProtect (fuzzy)
a variant of 4cf8de9d25e0b7e8905dcc15d143994af8c8a64d
5.56%

Fortinet FortiGate
Riskware/Elex
5.56%

F-Prot
W32/Thecid.B@mm
5.56%

Zillya! Antivirus
Adware.BrowseFox.Win32.122766, Downloader.Small.Win32.81168
5.56%

The domain www.girlliuxiaowei.com has been seen to resolve to the following 4 IP addresses.

174.36.213.52-static.reverse.softlayer.com
February 3, 2016

173.193.168.204-static.reverse.softlayer.com
February 3, 2016

108.168.149.4-static.reverse.softlayer.com
February 3, 2016

208.43.230.100-static.reverse.softlayer.com
February 3, 2016

File downloads found at URLs served by www.girlliuxiaowei.com.

3 / 68      (PUP)

1 / 68      (Adware)
http://www.girlliuxiaowei.com/.../smt_istartsurf.exe  (e5a3752c691fe49e8b5c3d1312c6bb3c)

1 / 68      (Adware)
http://www.girlliuxiaowei.com/.../wscy1_mysites123.exe  (5467ca5eb76cb28e235ca080b90dfa9d)

1 / 68      (Adware)
http://www.girlliuxiaowei.com/.../wscy1_oursurfing.exe  (2e44150b25d3f4616717e679d5a66cf5)

1 / 68      (Adware)
http://www.girlliuxiaowei.com/.../dae_do-search.exe  (b8250a532bb315c465adbd8b32af3bcf)

5 / 68      (Adware)
http://www.girlliuxiaowei.com/.../lly_mystartsearch.exe  (966a4312a082af2881ed28c5fdf8d4d1)

4 / 68      (Adware)
http://www.girlliuxiaowei.com/.../lly_omiga-plus.exe  (ff939b6929a6472f97d47d2dab4a24e2)

4 / 68      (Adware)
http://www.girlliuxiaowei.com/.../adks_omiga-plus.exe  (faba816e13a44882b277e64d0e92b8f5)

URL:
http://www.girlliuxiaowei.com/

Google Analytics:
UA-40570956

Title:
“Free Video Player, AVI/MKV/MP4/CD Player, Media Player Download”

Description:
“GoPlayer is a free & powerful video player which can help you enjoy various video files such as Flash, MKV, AVI, MP4 on PC.”

Web server:
nginx