ttb.mediaplayertotal.com

China Capital Investment Limited

Domain Information

The domain ttb.mediaplayertotal.com registered by China Capital Investment Limited was initially registered in December of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from ttb.mediaplayertotal.com - Powered by Reason Core Security
Registrar:
INTERWEB ADVERTISING D.B.A. PROFILE BUILDER

Server location:
Oregon, United States (US)

Create date:
Tuesday, December 08, 2015

Expires date:
Thursday, December 08, 2016

Updated date:
Tuesday, December 08, 2015

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.tuguusl.M, PUP.Installer.TuguuSL.F, Threat.Tuguu.Bundler, PUP.Tuguu.TuguuSL.Bundler (M)
100.00%

Dr.Web
Adware.Downware.1823
25.00%

McAfee
Adware-DomaIQ
25.00%

avast!
Win32:DomaIQ-CM [PUP]
25.00%

VIPRE Antivirus
Threat.4150696
25.00%

Emsisoft Anti-Malware
Application.Bundler.DomaIQ
25.00%

ESET NOD32
Win32/DomaIQ.AS potentially unwanted application
25.00%

F-Secure
Adware:W32/DomaIQ
25.00%

Lavasoft Ad-Aware
Application.Bundler.DomaIQ.C
25.00%

AVG
Adware Skodna.Generic_r
25.00%

Kaspersky
not-a-virus:AdWare.Win32.Lollipop
25.00%

Norman
Application.Bundler.DomaIQ.C
25.00%

Bkav FE
W32.HfsAdware
25.00%

MicroWorld eScan
Application.Bundler.DomaIQ.C
25.00%

nProtect
Trojan-Clicker/W32.Agent.471600.C
25.00%

The domain ttb.mediaplayertotal.com has been seen to resolve to the following 4 IP addresses.

50-56-218-189.static.cloud-ips.com
February 13, 2016

ec2-54-149-159-30.us-west-2.compute.amazonaws.com
May 5, 2015

ec2-52-10-156-255.us-west-2.compute.amazonaws.com
May 5, 2015

ec2-54-218-45-67.us-west-2.compute.amazonaws.com
January 6, 2014

File downloads found at URLs served by ttb.mediaplayertotal.com.

The following 57 files have been seen to comunicate with ttb.mediaplayertotal.com in live environments.

 
Latest 20 of 57 files

URL:
http://ttb.mediaplayertotal.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.8.0

Remove Malware from ttb.mediaplayertotal.com - Powered by Reason Core Security