home

dlp.gufile.com

Only contact by email, all postal mail will be rejected  (Proxy Registrant)

Domain Information

The domain dlp.gufile.com is registered by proxy through SOLUCIONES CORPORATIVAS IP, SL and was originally registered in November of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
SOLUCIONES CORPORATIVAS IP, SL

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Monday, November 12, 2012

Expires date:
Saturday, November 12, 2016

Updated date:
Thursday, December 31, 2015

ASN:
AS16276 OVH OVH SAS

Root domain:
gufile.com

Whois:
2 gufile.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TuguuSL.CC, PUP.TuguuSL.P, PUP.Installer.LunacomInteractive.G, PUP.Installer.LunacomInteractive.N, PUP.Tuguu.LunacomInteractive.Bundler (M), PUP.Tuguu.TuguuU.Bundler (M), PUP.Tuguu.Bundler (M), PUP.Tuguu (M)
100.00%

avast!
DomaIQ-AP [PUP], PUP-gen [PUP], Win32:DomaIQ-AF [PUP]
37.50%

Dr.Web
Trojan.Packed.24553
37.50%

VIPRE Antivirus
Threat.4783262, Threat.4150696, DomaIQ
37.50%

MicroWorld eScan
Adware.Generic.668036, Application.Bundler.DomaIQ.Q
37.50%

McAfee
Adware-DomaIQ, Artemis!8B91908378B9, Trojan.Artemis!8B91908378B9, Artemis!A8D4ABDC4561
37.50%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.OptionalBundleInstaller.A
37.50%

K7 AntiVirus
Trojan , Unwanted-Program
37.50%

AVG
Adware DomaIQ.BM, Generic
31.25%

ESET NOD32
MSIL/DomaIQ.B potentially unwanted application, Win32/DomaIQ.AG potentially unwanted application
31.25%

nProtect
Trojan-Clicker/W32.DomaIQ.319384, Trojan-Clicker/W32.DomaIQ.851784, Trojan-Clicker/W32.DomaIQ.851816, Trojan-Clicker/W32.DomaIQ.851904
31.25%

Bitdefender
Adware.Generic.668036, Application.Bundler.DomaIQ.Q
31.25%

NANO AntiVirus
Trojan.Win32.Downloader.cninza, Trojan.Win32.Generic.csoopx
31.25%

Sophos
Generic PUA GI, Generic PUA AD, PUA 'DomainIQ pay-per install'
31.25%

Comodo Security
Application.Win32.DomaIQ.KR, Application.Win32.DomaIQ.H
31.25%

The domain dlp.gufile.com has been seen to resolve to the following 4 IP addresses.

178.32.161.86
December 6, 2014

37.59.93.37
October 20, 2014

178.32.158.133
August 7, 2014

5.135.66.80
December 26, 2013

File downloads found at URLs served by dlp.gufile.com.

1 / 68      (Adware)
http://dlp.gufile.com/c/81/atube-catcher/341/.../48xHvxvS?kw=CI738LrV0boCFcGd4AodS0UAxg  (atube-catcher.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/google-chrome/341/.../ly7G1D6r  (google-chrome.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/google-chrome/341/.../rR8hAuIx  (google-chrome.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/google-chrome/341/.../0VOHbIx7  (google-chrome.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/google-chrome/341/.../833htqdm  (google-chrome.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/itunes/.../484  (itunes.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/quicktime/341/.../T7W90imV  (installer.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/quicktime/341/.../BgqJu5PT  (quicktime.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/quicktime/341/.../XhTeqXEj  (quicktime.exe)

12 / 68    (Adware)
http://dlp.gufile.com/d/81/google-earth/341/.../hWzFBZSM  (google-earth.exe)

29 / 68    (Adware)
http://dlp.gufile.com/d/81/itunes/.../484  (itunes.exe)

24 / 68    (Adware)
http://dlp.gufile.com/d/81/google-chrome/341/.../oSDqPhne  (google-chrome.exe)

24 / 68    (Adware)
http://dlp.gufile.com/d/81/google-chrome/341/.../TKN7PF02  (google-chrome.exe)

23 / 68    (Adware)
http://dlp.gufile.com/d/81/itunes/.../484  (itunes.exe)

33 / 68    (Adware)
http://dlp.gufile.com/d/119/glary-utilities/24/.../mts4sn30  (glary-utilities.exe)

1 / 68      (Adware)
http://dlp.gufile.com/d/81/java-runtime-environment-jre/341/.../v5AskDvG  (java-runtime-environment-jre.exe)

123mediaplayer.com

123mplayer.com

domaiq.com

downloadyourplayer.com

famdls.com

filesbunker.com

mpalyerfreeware.com

mplayerdownloader.com

nicdls.com

playmediaplayer.com

videoplayerultimate.com

xvidupdate.com

download-21.com

filesonar.com

flashmplayer.com

freemplayer.com

gamerdls.com

kungfile.com

latestplayerplugin.com

mediaplayerinstaller.com

mplayerupdate.com

mstdls.com

ooopsvideo.com

softdls.com

softlate.com

yourmplayer.com

adcdls.com

downloadsetup.com

frisoftware.com

getvideoplayer.com

30 of 35 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.