home

t0newplayerw38.exe

The application t0newplayerw38.exe has been detected as a potentially unwanted program by 17 anti-malware scanners. This file is typically installed with the program NewPlayer by Offers411 which is a potentially unwanted software program. While running, it connects to the Internet address ip-50-63-202-58.ip.secureserver.net on port 80 using the HTTP protocol.
MD5:
829d0950e257353155b4be8c5a58ee28

SHA-1:
51d2a251c8dce6f81c7b3e561f829094449eb96b

SHA-256:
7561d95820c030b0b5b30ee40e7c581a0e4226981073a0f43e9ee96c508b33c0

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 6:00:26 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.813856
851

AegisLab AV Signature
AdWare.MSIL.DomaIQ
2.1.4+

Agnitum Outpost
PUA.AddLyrics
7.1.1

avast!
Win32:Adware-gen [Adw]
2014.9-141007

AVG
Generic5
2015.0.3329

Baidu Antivirus
Adware.Win32.AddLyrics
4.0.3.14107

Bitdefender
Application.Generic.813856
1.0.20.1400

ESET NOD32
Win32/AdWare.AddLyrics.BS (variant)
8.10524

Fortinet FortiGate
Riskware/AddLyrics
10/7/2014

F-Secure
Application.Generic.813856
11.2014-07-10_3

G Data
Application.Generic.813856
14.10.24

McAfee
Artemis!829D0950E257
5600.6985

MicroWorld eScan
Application.Generic.813856
15.0.0.840

Panda Antivirus
Trj/Genetic.gen
14.10.07.09

Reason Heuristics
Threat.Win.Reputation.IMP
14.11.14.1

Sophos
Generic PUA FB
4.98

VIPRE Antivirus
Revizer
33716

File size:
519.5 KB (531,968 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ver8newplayer\t0newplayerw38.exe

File PE Metadata
Compilation timestamp:
9/30/2014 1:41:31 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:f2JVTwHtrdS3wH9femt+w/4mKEKzDKo0hAj73f2Ymch36tv:eLwHtrAAdGmkwwmKz2H2XJmIKtv

Entry address:
0x1C937

Entry point:
E8, CD, AB, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, B8, 2E, 45, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 3C, 1D, 45, 00, 01, 0F, 82, B9, AC, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1...
 
[+]

Entropy:
6.1961

Code size:
267.5 KB (273,920 bytes)

The file t0newplayerw38.exe has been discovered within the following program.

NewPlayer  by Offers411
NewPlayer is an adware program that runs within the user's web browser and will modify various browser settings such as changing the search provider.
86% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ip-50-63-202-58.ip.secureserver.net  (50.63.202.58:80)

Remove t0newplayerw38.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.