i.vertitechnologygroup.com

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain i.vertitechnologygroup.com is registered by proxy through Network Solutions, LLC and was originally registered in October of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Seattle, Washington within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Cloudfront CDN service which utilizes a number of proxy IP Addresses (see below).
Remove Malware from i.vertitechnologygroup.com - Powered by Reason Core Security
Registrar:
Network Solutions, LLC

Server location:
Washington, United States (US)

Create date:
Tuesday, October 11, 2011

Expires date:
Wednesday, October 11, 2017

Updated date:
Tuesday, January 07, 2014

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WeatherNotifications.H, PUP.Installer.KEYDOWNLOAD.R, PUP.Amonetizeltd.G, PUP.InstallX.U, PUP.Optional.SafeDownloadLimited.J, PUP.VertiTechnologyGroup.AA, PUP.ValcanLabs.Optional.Installer.Meta (L), PUP.DesktopDock.L, PUP.Installer.DesktopDock.Q, PUP.Installer.Weather, PUP.Bundler.Verti, Threat.Verti.Bundler, PUP.Verti.Bundler, PUP.Verti.VertiTechnologyGroup.Bundler (M)
89.80%

Malwarebytes
PUP.Optional.SevereWeatherAlerts, PUP.Optional.Amonetize.A, PUP.Optional.InstallIQ, PUP.Optional.Linkular.A, PUP.Optional.StormWatch.A, PUP.Optional.Boost.A
44.90%

VIPRE Antivirus
SevereWeatherAlerts, Adware.KeyDownload, Amonetize, InstallIQ Installer, Adware.Bsafeg, Linkular, Trojan-Downloader.NSIS.Agent.nod, Blinkx/Applon, Rocketfuel Installer
40.82%

ESET NOD32
MSIL/Adware.StrongVault (variant), Win32/InstallIQ, Win32/Speedchecker (variant), Win32/AdWare.Linkular.AH, NSIS/TrojanDownloader.Agent.NOD, Win32/Verti.O potentially unwanted
34.69%

Trend Micro House Call
TROJ_GEN.F47V0917, TROJ_GEN.F47V0809, TROJ_GEN.F47V1203, TROJ_GEN.R0CCH06K713, TROJ_GEN.F47V1226, Suspicious_GEN.F47V0904, TROJ_GEN.F47V1204
32.65%

Dr.Web
Adware.Downware.1659, Adware.W3i.39, Adware.Downware.1308, Adware.Downware.1717, Adware.Plugin.101, Threat.Undefined, Adware.Plugin.962, Adware.Shopper.865
30.61%

McAfee
Artemis!8E006AD14C31, Adware-Bsafeg!B95253CB9218, Artemis!6A45C4DC435C, Artemis!32CB0224F766, Artemis!0903E1ED024C, Artemis!C329D661C8BE, Artemis!08D0945F2D9F, Artemis!A7FD2E0E469D, Artemis!5A9D867C2C55, Trojan.Artemis!853C452D51A9
24.49%

K7 Gateway Antivirus
Unwanted-Program , Adware
22.45%

K7 AntiVirus
Unwanted-Program , Adware
22.45%

McAfee Web Gateway
Artemis!8E006AD14C31, Adware-Bsafeg!B95253CB9218, Artemis!6A45C4DC435C, Heuristic.BehavesLike.Win32.Suspicious-PKR.S, BehavesLike.Win32.Backdoor.gc
22.45%

Avira AntiVirus
TR/Trash.Gen, TR/Symmi.11854.1, ADWARE/Adware.Gen7
16.33%

Bkav FE
W32.Clodbc4.Trojan, W32.Clod8a1.Trojan, W32.Clod932.Trojan, W32.Clode70.Trojan, W32.Clodce1.Trojan, W32.HfsAdware
14.29%

Sophos
DomainIQ pay-per install, Generic PUA DH, Generic PUA IJ, Generic PUA KI, Generic PUA EB, Generic PUA DD, PUA 'Alerts SafeGuard'
14.29%

AVG
Generic5, MalSign.Skodna.Linkular, Boosts
14.29%

Qihoo 360 Security
HEUR/QVM42.0.Malware.Gen, HEUR/QVM10.1.Malware.Gen, HEUR/QVM42.1.Malware.Gen
12.24%

The domain i.vertitechnologygroup.com has been seen to resolve to the following 404 IP addresses.

server-54-192-195-126.iad53.r.cloudfront.net
February 9, 2016

server-54-192-195-158.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-155.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-138.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-124.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-106.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-15.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-219.iad53.r.cloudfront.net
February 8, 2016

server-54-192-195-167.iad53.r.cloudfront.net
February 8, 2016

server-54-240-160-124.iad12.r.cloudfront.net
January 4, 2016

server-54-240-160-56.iad12.r.cloudfront.net
January 4, 2016

server-54-240-160-19.iad12.r.cloudfront.net
January 4, 2016

server-54-240-160-230.iad12.r.cloudfront.net
January 4, 2016

server-54-240-160-219.iad12.r.cloudfront.net
January 4, 2016

server-54-240-160-187.iad12.r.cloudfront.net
January 4, 2016

server-54-230-103-72.iad2.r.cloudfront.net
January 4, 2016

server-54-230-103-8.iad2.r.cloudfront.net
January 4, 2016

server-54-230-103-193.iad2.r.cloudfront.net
January 4, 2016

server-54-230-103-168.iad2.r.cloudfront.net
January 4, 2016

server-54-230-103-164.iad2.r.cloudfront.net
January 4, 2016

server-54-230-103-131.iad2.r.cloudfront.net
January 4, 2016

server-54-230-103-106.iad2.r.cloudfront.net
January 4, 2016

server-54-192-195-52.iad53.r.cloudfront.net
January 3, 2016

server-54-192-195-184.iad53.r.cloudfront.net
January 3, 2016

server-54-192-195-173.iad53.r.cloudfront.net
January 3, 2016

server-54-192-195-169.iad53.r.cloudfront.net
January 3, 2016

server-54-192-195-104.iad53.r.cloudfront.net
January 3, 2016

server-54-192-195-101.iad53.r.cloudfront.net
January 3, 2016

server-54-192-195-56.iad53.r.cloudfront.net
January 3, 2016

server-54-230-194-228.iad53.r.cloudfront.net
October 29, 2015

 
Showing 30 of 404 IP Addresses

File downloads found at URLs served by i.vertitechnologygroup.com.

5 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (Adware)

3 / 68      (Adware)

4 / 68      (Adware)

0 / 68

3 / 68      (Adware)
http://i.vertitechnologygroup.com/osm/Boost/.../Setup.exe  (7f06b34b256c5365d90ea103cc7179dc)

 
Latest 30 of 216 download URLs

The following 425 files have been seen to comunicate with i.vertitechnologygroup.com in live environments.

 
Latest 20 of 458 files

URL:
http://i.vertitechnologygroup.com/

Network:
Amazon Cloudfront

Web server:
AmazonS3

Remove Malware from i.vertitechnologygroup.com - Powered by Reason Core Security