home

cp.tuguu.com

Tuguu SLU

Domain Information

The domain cp.tuguu.com registered by Tuguu SLU was initially registered in June of 2008 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Sunday, June 1, 2008

Expires date:
Thursday, June 1, 2023

Updated date:
Monday, June 1, 2015

ASN:
AS16276 OVH OVH Systems

Root domain:
tuguu.com

Whois:
4 tuguu.com records

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TUGUUSL.W, PUP.Awimba.W, PUP.TUGUUSL.X, PUP.Installer.Awimba.R, PUP.Awimba.X, PUP.Tuguu, PUP.Tuguu.Bundler, PUP.Bundler.Awimba, PUP.Tuguu.Awimba.Bundler (M), PUP.Tuguu.Bundler (M), PUP.Tuguu (M)
100.00%

avast!
NSIS:DomaIQ-C [PUP], Win32:DomaIQ-AI [PUP], Win32:PUP-gen [PUP], Win32:DomaIQ-M [PUP], Win32:DomaIQ-I [PUP], Win32:DomaIQ-F [PUP]
89.19%

VIPRE Antivirus
DomaIQ
89.19%

Avira AntiVirus
APPL/DomaIQ.Gen7, APPL/DomalQ.D, PUA/DomaIQ.Gen
89.19%

Sophos
DomainIQ pay-per install, Generic PUA CF, PUA 'DomaIQ pay-per install'
89.19%

ESET NOD32
Win32/DomaIQ, Win32/DomaIQ.C potentially unwanted
89.19%

Malwarebytes
PUP.FakeFlash.Domaiq, Adware.DomaIQ, PUP.Optional.BundleInstaller.A, PUP.FlashPlayer.Domaiq, PUP.DomaIQ
86.49%

Comodo Security
ApplicUnwnt, UnclassifiedMalware, Application.Win32.DolmaIQ.~zq, Application.Win32.DomaIQ.T, Application.Win32.DomaIQ.~A
86.49%

Dr.Web
Adware.W3i.29, Adware.W3i.37, Adware.W3i.28
86.49%

K7 AntiVirus
Trojan , Unwanted-Program , Riskware, Adware
83.78%

McAfee
Artemis!657D56BCEF84, Artemis!FBC01F93E69E, Artemis!747157DF0CAD, Artemis!AD7075C10AB8, RDN/Generic PUP.z!dj, Artemis!28EEABA0918A, Artemis!B4CE7026FDB5, Artemis!3363A098371D, Artemis!5437D917A69D, Artemis!76E54EF518C3, Artemis!8A9F19603E8B, Artemis!D95BD3EC15C9, Artemis!0A6A656C5FEC
78.38%

IKARUS anti.virus
AdWare.DomaIQ, APPL, Trojan.SuspectCRC, Trojan-Ransom.Win32.Blocker, Trojan.Win32.Ceatrg, Trojan-Dropper, PUA.DomaIQ, Win32.SuspectCrc
78.38%

Fortinet FortiGate
W32/DomaIQ.I, W32/DomaIQ.C, Adware/DomaIQ, W32/Crypt.AALD!tr, Adware/DomainIQ, W32/DomaIQ.D, W32/Agent.HUUT!tr, Adware/Fam.NB
78.38%

Norman
Obfuscated.gen!r, Suspicious_Gen4.ERZRG
75.68%

AVG
Agent.L, MalSign.Skodna, Skodna.Generic_c, DomaIQ
70.27%

The domain cp.tuguu.com has been seen to resolve to the following IP address.

46.105.231.242
January 31, 2014

File downloads found at URLs served by cp.tuguu.com.

0 / 68
http://cp.tuguu.com/pasarela/affp/.../ce_cid=20nJEL0LADNg5ybp1uqbnP1uFe3O000.&pub_id=2284&ce_cid=20nJEL0LADNg5ybp1uqbnP1uFe3O000.&__tc=1369248413.41  (flashplayer_v.151559861c.exe)

0 / 68
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=DcrLEcAgCAXAXqjAxydImnGCaBOZ9B7Pu7ABGy-BbmLVFk7fQKZGWKy5VFNgCa4nuGc9MHbHTF5yqJ-yW8P2SziiSpSr9g8&__tc=1366987123.62  (flashplayer_v.88864664c.exe)

0 / 68
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=DcKJDcQwCATAXlwBn4FNM9adwU1E6T0ZDc_Fc92DxzXEjBDjWexEDPhmg0QXgrJxVNvsZJfnBvt_hug3dcc8KPafCAqd_QI&__tc=1367248077.64  (flashplayer_v.95301752c.exe)

23 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=BcGBEcAgCASwXZyAB1TsMh6gLNHr7k2wNtN-G9rTYFPJ2reRB139iuayq4hk5nSr7DLdxKm87ipXHTXkVIcJcQRCKKLyBw&__tc=1367283814.77  (flashplayer_v.96647022b.exe)

26 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=nym1CKPsycrQrvimZBACGPj1k5KRyvKLPiINMTczLjY2LjIxNC43OCgB&PubID=181570&__tc=1366931191.23  (flashplayer_v.89521861b.exe)

25 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ce_cid=20nDT10tKu3ATi4l1OjTIf1uFJMb000.&pub_id=153281&ce_cid=20nDT10tKu3ATi4l1OjTIf1uFJMb000.&__tc=1369370327.86  (flashplayer_v.160017073a.exe)

1 / 68      (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=yw2bCgLOQQD2Xj4BAAAAAAL5TgAAAAAAAgAAAAAAAAAAAP8AAAACCD7VTgAAAAAAALNlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABByBcAAAAAAAIBAgAAgD8AaxCFwT4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=&PubID=177933771&__tc=1369046323.89  (flashplayer_v.145784816c.exe)

40 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=BcGJEYAwCATAXqggcPLZTCYB04Rj7-7q1PkS002SwzLpm9xRagAsctRuaKgUziMVttR9XLyjzMKTmXsdeAu2BnMuCfw&__tc=1368664491.14  (flashplayer_v.135781354c.exe)

33 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=nym1CM-ikKSml5vqWxACGPyisvGD28-HZSINMjQuMTE4LjI0MS42NygB&PubID=178214&__tc=1366668782.27  (flashplayer_v.82429864b.exe)

29 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=nym1CN75kdOW95yLdRACGMCVyOv7-pqFNiIPMTA4LjIzNS4yNDQuMTA4KAE.&PubID=181570&__tc=1366049249.94  (flashplayer_v.69519887c.exe)

19 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ce_cid=20mjj14UqXK7Otet0rVM1A1uHwaf000.&pub_id=2271&ce_cid=20mjj14UqXK7Otet0rVM1A1uHwaf000.&__tc=1369794659.82  (flashplayer_v.163195371b.exe)

21 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=DcjJEYAwCADAXqgg3GAzGZJIE4696z6XebLMBxAuQJeggHdie920tLTbWwtXhSGPFDbi-t9lkKVEGfXWEzvvleFyjGqc_AA&__tc=1367677065.32  (jabs+buh.exe)

20 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=DcfBEcAgCATAXqgAEOORZhxEaSKT3pP9rfhUng8J3SQYxqB3StSR3tmtVbRstVnGhWPAgq9KZuQ2TsuzYVDV0BPxf3io5Ac&__tc=1367344149.02  (flashplayer_v.99862965a.exe)

1 / 68      (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=36554824201367488071&PubID=61229&__tc=1367488071.96  (flashplayer_v.101267282a.exe)

22 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=31596862291365789885&PubID=45877&__tc=1365789885.89  (flashplayer_v.66182779c.exe)

21 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=DcvBEQQhCATAXIyAQUHYZCyxxiS2Lvfb_jdyqay3oT0Nc4RG-y1Q9gZOyRG5jDH78BKnU0PMDJ65C3YpFZcMdD0s1vxqdv4B&__tc=1365620169.3  (flashplayer_v.60690356a.exe)

21 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=DcrbEYAgDATAXqjggrk8bIZBiE049q77vRwcMp4m7Wxd2NXby0howlZmbENldEfq0lnTYdd9cROUfzGOXYtSQppDaDD7AA&__tc=1365575050.18  (flashplayer_v.60690356a.exe)

26 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=ZZf1759753Za1521691Zg171Zw1Zm494Zc1856000410,1856000410Zs135Zi0ZZ&PubID=2&__tc=1365453485.22  (flashplayer_v.64500676c.exe)

16 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../SiteID=123&SiteID2=BcGBEcAgCASwXZiAV8DaZbxH7BK97t5krLFegdzS4GEq30Iz84zAJNyQp_l1tLqyz8OntNwYXsmauhnP7tpssKwAJOMH&__tc=1368278977.86  (flashplayer_v.125293573c.exe)

1 / 68      (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=ZZf1756009Za1515945Zg172Zw28Zm21Zc1856000315,1856000315Zs106Zi1ZZ&PubID=2&__tc=1366324964.59  (flashplayer_v.74916051c.exe)

23 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=ZZf1756009Za1515945Zg172Zw28Zm21Zc1856000315,1856000315Zs106Zi1ZZ&PubID=2&__tc=1366945875.06  (flashplayer_v.85831173c.exe)

17 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=ZZf1792901Za1553700Zg49Zw28Zm11Zc1856000451,1856000451Zs130Zi0ZZ&PubID=2&__tc=1367846517.06  (flashplayer_v.108613444b.exe)

1 / 68      (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=11793792141367388503&PubID=113240&__tc=1367388504.8  (flashplayer_v.101267282a.exe)

17 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=11793792141367989514&PubID=113240&__tc=1367989515.12  (flashplayer_v.117255359c.exe)

22 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=u5ead1ce550b0db6942df277427&PubID=58618&__tc=1366117623.78  (flashplayer_v.66182779c.exe)

1 / 68      (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=ud5f5d856519bcf554fbb2a6073&PubID=50011&__tc=1369165862.992  (flashplayer_v.149422845c.exe)

26 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=nym1CKvC292GsezWWRACGN7tnsrvzvaDXSILNzQuNzguODMuNzkoAQ..&PubID=134533&__tc=1366941798.36  (flashplayer_v.89521861b.exe)

1 / 68      (Adware)
http://cp.tuguu.com/pasarela/affp/.../pixelid=CiRjZmQ3NTBiYi0yMWNlLTQ2YTMtYWI3ZC1jNWViODNkMTM3NmIiCDEwMjI0NjM0Kgc3ODczMDQxMggxMDgxMjIyMDoIYWRzdHJhY3RCBzUzMTEwMDJKBzY0MDQwMzFSAlVTWgJTQ2IHNzk0MDAwNWoGQ2hyb21lkAEBmAEBqAEAsgEgZGZjNThmZmRkYjAzMTFlMWI2YzU3MTcyOWZlMGQ2ZWLCAQttcDN1aW5nLm5ldMgBBdABBd0BAAAAAOUBDj3OP-0BAAAAAPABAfgBAYICCWMxMDgxMjIyMIgCAJACAJgCAKACAKoCAA==&__tc=1365787545.79  (flashplayer_v.66209666c.exe)

17 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=ZZf1759757Za1521710Zg41Zw1Zm1Zc1856000419,1856000419Zs135Zi0ZZ&PubID=2&__tc=1367747904.83  (flashplayer_v.108613444b.exe)

16 / 68    (Adware)
http://cp.tuguu.com/pasarela/affp/.../ClickID=yw2bCh.OQQD2Xj4BAAAAAAL5TgAAAAAAAAAsAAAAAAAAAAYAAgABCD7VTgAAAAAAALNlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABByBcAAAAAAAIBAgAAgD8AOs5jvD4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=&PubID=177933771&__tc=1368960258.75  (flashplayer_v.139386914c.exe)

 
Latest 30 of 416 download URLs

URL:
http://cp.tuguu.com/

Web server:
Apache

123mplayer.com

adcdls.com

famdls.com

filesonar.com

freemplayer.com

freiesoft.com

friafiler.com

friprogramvare.com

mpalyerfreeware.com

mplayerdownloader.com

newplayerupdate.com

nicdls.com

pitisoft.com

softdls.com

softgratuit.com

softlate.com

softwaredls.com

yourmplayer.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.