home

dlp.proplayersetup.com

chen wenjie

Domain Information

The domain dlp.proplayersetup.com registered by chen wenjie was initially registered in October of 2014 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Victoria, Australia (AU)

Create date:
Saturday, October 4, 2014

Expires date:
Tuesday, October 4, 2016

Updated date:
Monday, September 14, 2015

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:
proplayersetup.com

Whois:
3 proplayersetup.com records

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.tuguusl.M, PUP.Installer.TuguuSL.M, PUP.Tuguu.LunacomInteractive.Bundler (M)
100.00%

avast!
Win32:Installer-U [PUP], Installer-AE [PUP]
75.00%

Dr.Web
Adware.Downware.2630, Trojan.DownLoader10.474, Trojan.Packed.24553
75.00%

VIPRE Antivirus
DomaIQ, Threat.4783262, Threat.4783235
75.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.139070, Application.Bundler.DomaIQ.Q
75.00%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.MSILLauncher, PUP.Optional.BundleInstaller.A
62.50%

K7 AntiVirus
Unwanted-Program
62.50%

Comodo Security
Application.Win32.DomaIQ.PUP, UnclassifiedMalware
62.50%

Avira AntiVirus
APPL/DomaIQ.Gen, APPL/DomaIQ.Gen7
62.50%

Sophos
DomainIQ pay-per install, Generic PUA JA, Generic PUA CI
62.50%

AVG
DomaIQ, Adware DomaIQ.BN
62.50%

Panda Antivirus
PUP/MultiToolbar.A
62.50%

MicroWorld eScan
Gen:Variant.Adware.Graftor.139070, Application.Bundler.DomaIQ.Q
62.50%

Agnitum Outpost
PUA.DomaIQ
62.50%

Bitdefender
Gen:Variant.Adware.Graftor.139070, Application.Bundler.DomaIQ.Q
62.50%

The domain dlp.proplayersetup.com has been seen to resolve to the following 3 IP addresses.

103.224.182.243
lb-182-243.above.com
May 3, 2015

69.43.161.159
October 9, 2014

54.187.38.138
ec2-54-187-38-138.us-west-2.compute.amazonaws.com
April 16, 2014

File downloads found at URLs served by dlp.proplayersetup.com.

1 / 68      (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../dsmgJ35b  (player_setup.exe)

1 / 68      (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../A3IWQ9y6  (player_setup.exe)

28 / 68    (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../Y56SoQB7  (player_setup.exe)

9 / 68      (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../biAxIJWk  (player_setup.exe)

28 / 68    (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../17hv5pmr  (player_setup.exe)

20 / 68    (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../WbTVmADj  (Player_Setup.exe)

20 / 68    (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../EAqB1ABh  (Player_Setup.exe)

20 / 68    (Adware)
http://dlp.proplayersetup.com/d/151/Player_Setup/543/.../dv5VVdP8  (Player_Setup.exe)

The following 8 files have been seen to comunicate with dlp.proplayersetup.com in live environments.

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.243:587
www.exe

TCP » 103.224.182.243:80
download.exe (Gerenciador de Download by ASSISTENTE DE DOWNLOAD)

TCP » 103.224.182.243:80
online-guardian-v2.0.9.exe

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.243:80
bi.exe (UpgradeService141217)

TCP » 103.224.182.243:80
main.exe

TCP » 103.224.182.243:80
flamengo x vasco ao vivo.exe

URL:
http://dlp.proplayersetup.com/

Title:
“proplayersetup.com”

Web server:
Apache

1-vinstaller.com

123mplayer.com

allsharez.com

audienciadatvmix.com

chachagong7.com

clubnara.com

domainforfastfiles.com

downloadcobra.com

editorialconsultora.com

flashupdatenow.com

freemp3go.com

intellidownload.com

mi-fashion.com

publicidade.me

raddownload.com

uniust.info

allfiles109.com

allfiles129.com

cloudsvr328.com

downloadyourplayer.com

latestplayerplugin.com

videoplayernow.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.