www1.mediaplayernew.com

Whois Privacy Protection Service, Inc.  (Proxy Registrant)

Domain Information

The domain www1.mediaplayernew.com is registered by proxy through NAME.COM, INC. and was originally registered in November of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Kirkland, Washington within the United States which resides on the eNom, Incorporated network.
Remove Malware from www1.mediaplayernew.com - Powered by Reason Core Security
Registrar:
NAME.COM, INC.

Server location:
Washington, United States (US)

Create date:
Friday, November 16, 2012

Expires date:
Wednesday, November 16, 2016

Updated date:
Friday, March 13, 2015

ASN:
AS21740 ENOMAS1 - eNom, Incorporated,US

Root domain:

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.DigitalPluginSL.G, PUP.Installer.Softpulse, PUP.Tuguu.TuguuSL.Bundler (M), PUP.Softpulse.Sambamedia.Bundler (M)
100.00%

Sophos
SoftPulse, PUA 'SoftPulse' (of type Adware), DomainIQ pay-per install
75.00%

Antiy Labs AVL
Trojan/Win32.TSGeneric, Trojan[:HEUR]/Win32.AGeneric, GrayWare[AdWare:not-a-virus]/MSIL.DomaIQ
75.00%

herdProtect (fuzzy)
a variant of 301a0f2b51f984cc5d115bc02d4a97c0c21d1d18, a variant of 4b91759fd0eafed67cfc0449f7b57bb9965f122e
50.00%

ESET NOD32
Win32/SoftPulse.B potentially unwanted application, Win32/SoftPulse.E potentially unwanted application
50.00%

G Data
Win32.Application.SoftPulse, Gen:Variant.Application.Bundler.DomaIQ.15
50.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Downloader.Agent
50.00%

AVG
Generic
50.00%

Dr.Web
Adware.Downware.5055, Trojan.DownLoader11.4884
50.00%

VIPRE Antivirus
Threat.4783262, DomaIQ
50.00%

K7 AntiVirus
Unwanted-Program
50.00%

Kaspersky
HEUR:Trojan.Win32.Generic, not-a-virus:AdWare.Win32.Lollipop
50.00%

Avira AntiVirus
Adware/Softpulse.BYX, APPL/DomaIQ.Gen
50.00%

Panda Antivirus
Trj/Genetic.gen, Suspicious file
50.00%

Comodo Security
Application.Win32.Softpulse.A
25.00%

The domain www1.mediaplayernew.com has been seen to resolve to the following 5 IP addresses.

rc2.sjl01.dmtracker.com
August 11, 2015

ec2-54-186-187-58.us-west-2.compute.amazonaws.com
February 7, 2015

ec2-54-213-71-128.us-west-2.compute.amazonaws.com
February 7, 2015

ec2-54-201-153-98.us-west-2.compute.amazonaws.com
June 5, 2014

ec2-54-201-220-135.us-west-2.compute.amazonaws.com
June 5, 2014

File downloads found at URLs served by www1.mediaplayernew.com.

1 / 68      (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (cb90b348adb8ae7ff0d340e53b42c672)

13 / 68    (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (c357c66389ae102e061a854bb7d155cb)

33 / 68    (Adware)
http://www1.mediaplayernew.com/.../Setup.exe  (547ff967d761fd37c63e02473ae47486)

9 / 68      (Adware)
http://www1.mediaplayernew.com/.../Player.exe  (b2a67d2ef8643d5475372d4398d4e62e)

The following 3 files have been seen to comunicate with www1.mediaplayernew.com in live environments.

URL:
http://www1.mediaplayernew.com/

Google Analytics:
UA-2249740

Title:
“Mediaplayernew.com”

Description:
“Find Cash Advance, Debt Consolidation and more at Mediaplayernew.com. Get the best of Insurance or Free Credit Report, browse our section on Cell Phones or learn about Life Insurance. Mediaplayernew.com is the site for Cash Advance.”

Web server:
Microsoft-IIS/8.5 (ASP.NET) (Version: 4.0.30319)

Facebook:
Likes:  1
Shares:  2

Statistics are for the previous month.

30 of 298 related domains

Remove Malware from www1.mediaplayernew.com - Powered by Reason Core Security