ttb.lpdownclsva001.com

Only contact by email, all postal mail will be rejected  (Proxy Registrant)

Domain Information

The domain ttb.lpdownclsva001.com is registered by proxy through SOLUCIONES CORPORATIVAS IP,SLU and was originally registered in January of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from ttb.lpdownclsva001.com - Powered by Reason Core Security
Registrar:
SOLUCIONES CORPORATIVAS IP,SLU

Server location:
Oregon, United States (US)

Create date:
Wednesday, January 01, 2014

Expires date:
Thursday, January 01, 2015

Updated date:
Wednesday, January 01, 2014

Root domain:

Scanner detections:
Detections  (86% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.tuguusl.N, PUP.Installer.Tuguu, PUP.Tuguu.tuguusl.Bundler (M), PUP.Outbrowse.Bundler (M)
100.00%

McAfee
RDN/Generic.bfr!fq, Program.Adware-DomaIQ, CryptDomaIQ
50.00%

Malwarebytes
PUP.Optional.BundleInstaller.A
50.00%

NANO AntiVirus
Riskware.Win32.DomaIQ.csmcgi, Trojan.Win32.PayInt.csffwn
50.00%

F-Prot
W32/Backdoor2.HTIW, W32/DomaIQ.B.gen
50.00%

avast!
Win32:PUP-gen [PUP], Win32:DomaIQ-CM [PUP]
50.00%

Dr.Web
Trojan.PayInt.27, Trojan.PayInt.14
50.00%

VIPRE Antivirus
Win32.Malware!Drop, Threat.4783262, Threat.4783235
50.00%

herdProtect (fuzzy)
a variant of fba758ef9c5e0c84bd18467d31537bc9fe32b7bf, a variant of 8ac8755db1b66aa96eecf4b7974c2e306fb93f1b
33.33%

Kaspersky
not-a-virus:AdWare.Win32.DomaIQ
33.33%

Comodo Security
Application.Win32.DomaIQ.D, Application.Win32.DomaIQ.STX
33.33%

Avira AntiVirus
APPL/DomaIQ.AV, PUA/DomaIQ.Gen
33.33%

McAfee Web Gateway
RDN/Generic.bfr!fq, BehavesLike.Win32.CryptDoma.gc
33.33%

Sophos
DomainIQ pay-per install, PUA 'DomainIQ pay-per install'
33.33%

Antiy Labs AVL
AdWare/MSIL.DomaIQ, GrayWare[AdWare:not-a-virus]/MSIL.DomaIQ
33.33%

The domain ttb.lpdownclsva001.com has been seen to resolve to the following 2 IP addresses.

ec2-54-213-33-153.us-west-2.compute.amazonaws.com
May 1, 2014

ec2-54-218-45-67.us-west-2.compute.amazonaws.com
January 12, 2014

File downloads found at URLs served by ttb.lpdownclsva001.com.

Remove Malware from ttb.lpdownclsva001.com - Powered by Reason Core Security