www.girlyangshijian.com

YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Domain Information

The domain www.girlyangshijian.com registered by YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service) was initially registered in June of 2014 through HICHINA ZHICHENG TECHNOLOGY LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Washington, District of Columbia within the United States which resides on the SoftLayer Technologies Inc. network.
Registrar:
HICHINA ZHICHENG TECHNOLOGY LTD.

Server location:
District of Columbia, United States (US)

Create date:
Tuesday, June 17, 2014

Expires date:
Friday, June 17, 2016

Updated date:
Friday, June 19, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FuyuanZhou, Threat.FuyuanZhou, PUP.FuyuanZhou (M), PUP.Ma Lin.TaimingLi (M), PUP.Thinknice.ThinkniceCo (M), PUP.ELEX.SkytouchTechnologyCo (M), PUP.PengZhang (M), PUP.LeiRong (M), PUP.ELEX.TaimingLi (M), PUP.ELEX.TaimingL (M)
100.00%

Sophos
Elex, PUA 'Elex' (of type Adware), Generic PUA FG
20.00%

Baidu Antivirus
PUA.Win32.LiMo, PUA.Win32.ELEX, Adware.Win32.ELEX
17.78%

G Data
Win32.Application.Limo, Gen:Application.Elex
13.33%

ESET NOD32
Win32/LiMo (variant), Win32/LiMo.C potentially unwanted (variant), Win32/ELEX.BG potentially unwanted, Win32/ELEX.CL potentially unwanted (variant)
13.33%

K7 AntiVirus
Unwanted-Program , Adware , Trojan
13.33%

Malwarebytes
PUP.Optional.MyStartSearch.A
13.33%

Dr.Web
Adware.Mutabaha.98, Adware.Mutabaha.220, Adware.Mutabaha.361
11.11%

Agnitum Outpost
PUA.Mutabaha, Riskware.Agent
8.89%

Trend Micro House Call
Suspicious_GEN.F47V0204, Suspicious_GEN.F47V0128, TROJ_GEN.R0C1H05BJ15, Suspicious_GEN.F47V0520
8.89%

ESET NOD32
Win32/ELEX.CF potentially unwanted application, Win32/LiMo.C potentially unwanted application, Win32/ELEX.CL potentially unwanted application
6.67%

Bkav FE
W32.HfsAdware
6.67%

MicroWorld eScan
Gen:Application.Elex.1, Application.Elex.D
4.44%

Bitdefender
Gen:Application.Elex.1, Application.Elex.D
4.44%

Lavasoft Ad-Aware
Gen:Application.Elex.1, Application.Elex.D
4.44%

The domain www.girlyangshijian.com has been seen to resolve to the following 2 IP addresses.

32.d5.24ae.ip4.static.sl-reverse.com
February 2, 2016

62.e6.2bd0.ip4.static.sl-reverse.com
February 2, 2016

File downloads found at URLs served by www.girlyangshijian.com.

1 / 68      (Adware)
http://www.girlyangshijian.com/.../con_mystartsearch.exe  (cd479eb63fc27cea244dfa617bca0aa1)

7 / 68      (Adware)
http://www.girlyangshijian.com/.../scl_webssearches.exe  (60c97c053cd69e54222aeed1f0b3b13f)

1 / 68      (Adware)
http://www.girlyangshijian.com/.../itr1_yoursearching.exe  (7989db9785ecbeb3c6a95963e00d26f1)

1 / 68      (PUP)
http://www.girlyangshijian.com/.../itr_yoursearching.exe  (0cff88e6-3302-4850-a0dd-d5570fa1a10a.exe)

2 / 68      (Adware)
http://www.girlyangshijian.com/.../wpc_mystartsearch.exe  (0dda4ecb3b7cbbad43a6f0b8737b9ba5)

5 / 68      (Adware)
http://www.girlyangshijian.com/.../pjr_webssearches.exe  (2da9ef8ef1eaa32a033851432191dba2)

1 / 68      (Adware)

5 / 68      (Adware)

URL:
http://www.girlyangshijian.com/

Google Analytics:
UA-40570956

Title:
“Free Video Player, AVI/MKV/MP4/CD Player, Media Player Download”

Description:
“GoPlayer is a free & powerful video player which can help you enjoy various video files such as Flash, MKV, AVI, MP4 on PC.”

Web server:
nginx