ttb.dllultimatesoft.com

GoNameSales.com

Domain Information

The domain ttb.dllultimatesoft.com registered by GoNameSales.com was initially registered in March of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from ttb.dllultimatesoft.com - Powered by Reason Core Security
Registrar:
GONAME-TN.COM, INC.

Server location:
Oregon, United States (US)

Create date:
Thursday, March 05, 2015

Expires date:
Saturday, March 05, 2016

Updated date:
Tuesday, October 13, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PaymentsInteractiveSL.F, PUP.Installer.OUTBROWSE.K, PUP.Installer.DigitalPluginSl.F, PUP.Installer.TUGUUSL.K, PUP.Installer.TuguuSL.K, PUP.Tuguu.TuguuIsrael.Bundler (M)
90.91%

AVG
Adware DomaIQ.CW, Generic, Adware Skodna.Bundle_r.Y
81.82%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.OutBrowse, PUP.Optional.Domalq, PUP.Optional.BundleInstaller.A
81.82%

VIPRE Antivirus
DomaIQ, Threat.4150696, Threat.4784459, Threat.4783262
81.82%

Dr.Web
Adware.Downware.3587, Adware.Downware.2081, Trojan.DownLoader11.29457, Trojan.DownLoader9.21779, Trojan.DownLoader11.4884
81.82%

Avira AntiVirus
APPL/DomaIQ.Gen, APPL/Downloader.Gen, APPL/Downloader.Gen8
81.82%

G Data
Gen:Variant.Application.Bundler.DomaIQ, MemScan:Application.Bundler.Outbrowse, Win32.Application.Outbrowse, Gen:Variant.Application.Strictor.62662
81.82%

MicroWorld eScan
Gen:Variant.Application.Bundler.DomaIQ.7, MemScan:Application.Bundler.Outbrowse.E, Gen:Variant.Application.Strictor.62662
72.73%

McAfee
PUP-FJV!B7C73AFE167C, Adware-OutBrowse, SoftPulse, PUP-FJP!07139B3E6500, CryptDomaIQ, PUP-FJP!592AF1822EE8
72.73%

K7 AntiVirus
Unwanted-Program
72.73%

K7 Gateway Antivirus
Unwanted-Program , Trojan
72.73%

Kaspersky
not-a-virus:AdWare.Win32.Lollipop, not-a-virus:AdWare.Win32.OutBrowse, not-a-virus:AdWare.Win32.Agent, not-a-virus:AdWare.MSIL.DomaIQ
72.73%

Bitdefender
Gen:Variant.Application.Bundler.DomaIQ.7, MemScan:Application.Bundler.Outbrowse.E, Gen:Variant.Application.Strictor.62662
72.73%

Lavasoft Ad-Aware
Gen:Variant.Kazy.380151, MemScan:Application.Bundler.Outbrowse.E, Gen:Variant.Application.Strictor.62662, Gen:Variant.Strictor.55983
72.73%

F-Secure
Gen:Variant.Application.Bundler, MemScan:Application.Bundler.Outbrowse, Gen:Variant.Application.Strictor, Gen:Variant.Strictor.55983
72.73%

The domain ttb.dllultimatesoft.com has been seen to resolve to the following 3 IP addresses.

December 1, 2015

ec2-54-201-201-245.us-west-2.compute.amazonaws.com
September 3, 2014

ec2-50-112-177-75.us-west-2.compute.amazonaws.com
May 31, 2014

File downloads found at URLs served by ttb.dllultimatesoft.com.

URL:
http://ttb.dllultimatesoft.com/

Title:
“dllultimatesoft.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Apache

Remove Malware from ttb.dllultimatesoft.com - Powered by Reason Core Security