www.dllsoftultimate.com

United Privacy Corp

Domain Information

The domain www.dllsoftultimate.com registered by United Privacy Corp was initially registered in June of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Remove Malware from www.dllsoftultimate.com - Powered by Reason Core Security
Registrar:
NAMEPAL.COM #8002

Server location:
Oregon, United States (US)

Create date:
Monday, June 22, 2015

Expires date:
Wednesday, June 22, 2016

Updated date:
Tuesday, June 23, 2015

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.PaymentsInteractiveSL.F, PUP.Installer.ClovermediaSL.F, PUP.Adknowledge.Fileangels.Bundler (M), PUP.Tuguu.Clovermedia.Bundler (M)
100.00%

avast!
DomaIQ-CC [PUP], DomaIQ-CO [PUP], Win32:Adware-gen [Adw]
83.33%

VIPRE Antivirus
Threat.4783235, Threat.4783262, Threat.4778314
83.33%

MicroWorld eScan
Gen:Variant.Adware.Strictor.57415, Gen:Variant.Adware.Kazy.374465, Application.Bundler.DomaIQ.Q, Gen:Variant.Application.Graftor.152464
83.33%

McAfee
PUP-FAO!ACB5E3C90ADC, PUP-FKG!2B2AA6931C37, CryptDomaIQ, IBryte-FRT
83.33%

Malwarebytes
PUP.Optional.DomalQ, PUP.Optional.DomaIQ, PUP.Optional.OptimunInstaller
83.33%

K7 Gateway Antivirus
Unwanted-Program
83.33%

K7 AntiVirus
Unwanted-Program
83.33%

Agnitum Outpost
PUA.Lollipop, PUA.DomaIQ, PUA.Agent
83.33%

Kaspersky
not-a-virus:HEUR:AdWare.MSIL.DomaIQ, Trojan.Win32.Badur
83.33%

Bitdefender
Gen:Variant.Adware.Strictor.57415, Gen:Variant.Adware.Kazy.374465, Application.Bundler.DomaIQ.Q, Gen:Variant.Application.Graftor.152464
83.33%

Lavasoft Ad-Aware
Gen:Variant.Adware.Strictor.57415, Gen:Variant.Adware.Kazy.374465, Application.Bundler.DomaIQ.Q, Gen:Variant.Application.Graftor.152464
83.33%

Sophos
Generic PUA PF, Generic PUA AP, Generic PUA JG, iBryte Premium Installer
83.33%

F-Secure
Gen:Variant.Adware.Graftor.143716, Gen:Variant.Adware.Kazy.374465, Gen:Variant.Adware.Strictor.57415, Application.Bundler.DomaIQ
83.33%

Avira AntiVirus
APPL/DomaIQ.Gen, Adware/Kazy.374465.2, ADWARE/iBryte.Gen4
83.33%

The domain www.dllsoftultimate.com has been seen to resolve to the following 5 IP addresses.

December 4, 2015

ec2-54-186-83-158.us-west-2.compute.amazonaws.com
August 22, 2014

ec2-54-244-30-115.us-west-2.compute.amazonaws.com
August 22, 2014

ec2-54-201-220-135.us-west-2.compute.amazonaws.com
June 9, 2014

ec2-54-201-153-98.us-west-2.compute.amazonaws.com
June 9, 2014

File downloads found at URLs served by www.dllsoftultimate.com.

1 / 68      (Adware)
http://www.dllsoftultimate.com/.../Setup.exe  (cd7d00035e547dba365e635de99baf10)

33 / 68    (Adware)
http://www.dllsoftultimate.com/.../Setup.exe  (786da5e5ac004c8769d05cf20e964e8d)

34 / 68    (Adware)
http://www.dllsoftultimate.com/.../Setup.exe  (6ddb8459b3288acc6eafb491915d74e1)

29 / 68    (Adware)
http://www.dllsoftultimate.com/.../Setup.exe  (8213b9ab82cd48ac8da086b4d242b229)

27 / 68    (Adware)
http://www.dllsoftultimate.com/.../Setup.exe  (de99d70b2cc6e5eadbf98940b84213ea)

27 / 68    (Adware)
http://www.dllsoftultimate.com/.../Setup.exe  (acb5e3c90adc7a11e8ee1c5742e9e02c)

The following 2 files have been seen to comunicate with www.dllsoftultimate.com in live environments.

URL:
http://www.dllsoftultimate.com/

Title:
“dllsoftultimate.com”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

Remove Malware from www.dllsoftultimate.com - Powered by Reason Core Security