home

zm.shzgjx88.com

wen ben zhou

Domain Information

The domain zm.shzgjx88.com registered by wen ben zhou was initially registered in May of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chengdu, Sichuan within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
GODADDY.COM, LLC

Server location:
Sichuan, China (CN)

Create date:
Saturday, May 24, 2014

Expires date:
Sunday, May 24, 2015

Updated date:
Saturday, May 24, 2014

ASN:
AS4134 CHINANET-BACKBONE No.31,Jin-rong Street,CN

Root domain:
shzgjx88.com

Whois:
1 shzgjx88.com record

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

avast!
Win32:Malware-gen
100.00%

Baidu Antivirus
PUA.Win32.RSoftware, Adware.Win32.ZnPlayer
100.00%

AVG
Generic
100.00%

Reason Heuristics
PUP.TanQilin.Q, PUP.TanQilin.?, PUP.TanQilin.K
100.00%

McAfee
Artemis!F61359C37A0A, Artemis!C1D9B04E1216, Artemis!60FD5B5DC54D
75.00%

Dr.Web
Trojan.Pup.12, Program.Coolpopup.1
75.00%

G Data
Win32.Trojan.Agent.03WMRM, Win32.Trojan.Agent.FTEWL9, Win32.Trojan.Agent.1KLA9V
75.00%

ESET NOD32
Win32/RSoftware (variant)
75.00%

Sophos
Generic PUA IL, Generic PUA GK
50.00%

Zillya! Antivirus
Trojan.Black.Win32.17965
50.00%

Trend Micro House Call
Suspicious_GEN.F47V0812
25.00%

VIPRE Antivirus
Trojan.Win32.Generic
25.00%

Fortinet FortiGate
Riskware/RSoftware
25.00%

K7 AntiVirus
Trojan
25.00%

Malwarebytes
PUP.Optional.RSoftware
25.00%

The domain zm.shzgjx88.com has been seen to resolve to the following IP address.

118.122.37.107
September 7, 2014

File downloads found at URLs served by zm.shzgjx88.com.

12 / 68    (Adware)
http://zm.shzgjx88.com/down/.../ G(>h_166_901_.exe  (147_199_6_.exe)

12 / 68    (Adware)
http://zm.shzgjx88.com/down/.../147_199_6_.exe  (60fd5b5dc54d116dd5502878f81c74c0)

5 / 68      (Adware)
http://zm.shzgjx88.com/down/.../ G(>h4792_199_8_.exe  (ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½8740_132_8_.exe)

5 / 68      (Adware)
http://zm.shzgjx88.com/down/.../ g(>h9976_199_8_.exe  (ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½8740_132_8_.exe)

5 / 68      (Adware)
http://zm.shzgjx88.com/down/.../Ã?¯Ã?¿Ã?½Ã?¯Ã?¿Ã?½Ã?¯Ã?¿Ã?½Ã?¯Ã?¿Ã?½Ã?¯Ã?¿Ã?½8740_132_8_.exe  (ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½ã-â¯ã-â¿ã-â½8740_132_8_.exe)

11 / 68    (Adware)
http://zm.shzgjx88.com/down/.../ G(?>h9976_199_8_.exe  (ã§ï¿½-�-ã§ï¿½-�-ã¤â¸ï¿½-㧠�-â¨ã¦ï¿½-â-ã¦ï¿½-â¾ã¥ï¿½-â¨2805_132_8_.exe)

11 / 68    (Adware)
http://zm.shzgjx88.com/down/.../ç????ç????ä¸??ç ??¨æ??­æ??¾å??¨2805_132_8_.exe  (ã§ï¿½-�-ã§ï¿½-�-ã¤â¸ï¿½-㧠�-â¨ã¦ï¿½-â-ã¦ï¿½-â¾ã¥ï¿½-â¨2805_132_8_.exe)

10 / 68    (Adware)
http://zm.shzgjx88.com/down/.../??????_137_1008_.exe  (打开播放影片_137_1008_.exe)

URL:
http://zm.shzgjx88.com/

Web server:
nginx/1.0.15

hongyuetextile.com

tybests.com

xzzxjly.com

zuowangzhanla.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.