home

www.tvvie.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.tvvie.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2011. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Tuesday, February 1, 2011

Expires date:
Wednesday, February 1, 2017

Updated date:
Saturday, February 13, 2016

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:
tvvie.com

Whois:
2 tvvie.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.4506.Conduit.L, PUP.4218.Conduit.L, PUP.4323.Conduit.L, PUP.49019.Conduit.L, PUP.Conduit.I, PUP.43015.Conduit.L, PUP.Conduit.Bundler (M), PUP.Conduit (M)
100.00%

Dr.Web
Adware.Conduit.38, Adware.BGuard.15, Adware.Conduit.6, Adware.Downware.1168, Adware.Conduit.278
50.00%

Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.OpenCandy
35.71%

VIPRE Antivirus
Conduit
35.71%

Trend Micro House Call
TROJ_GEN.F47V0617, TROJ_GEN.F47V1109, TROJ_GEN.F47V0727
21.43%

NANO AntiVirus
Riskware.Win32.BGuard.csnycu, Riskware.Win32.Conduit.dvtopc
14.29%

ESET NOD32
Win32/Conduit.SearchProtect, Win32/Toolbar.Conduit.AJ potentially unwanted (variant)
14.29%

Panda Antivirus
PUP/Conduit.A
14.29%

herdProtect (fuzzy)
a variant of f213b0105f64b225fd43b4e80c25941f149bab92, a variant of ccfc87b725bd1deef846b2237607083238b3a094
14.29%

Quick Heal
PUA.Conduitltd.Gen
7.14%

McAfee
Artemis!E388644E99BD
7.14%

K7 AntiVirus
Unwanted-Program
7.14%

Agnitum Outpost
PUA.Toolbar.Agent
7.14%

avast!
Win32:SearchProtect-DG [Adw]
7.14%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
7.14%

The domain www.tvvie.com has been seen to resolve to the following 4 IP addresses.

192.230.92.93
192.230.92.93.ip.incapdns.net
August 14, 2016

50.63.202.40
ip-50-63-202-40.ip.secureserver.net
February 27, 2016

174.36.64.108
May 13, 2014

184.173.128.224
184.173.128.224-static.reverse.softlayer.com
December 13, 2013

File downloads found at URLs served by www.tvvie.com.

1 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2.exe)

1 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

18 / 68    (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b.exe)

5 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

1 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

1 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

2 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

3 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2.exe)

2 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2.exe)

3 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2.exe)

5 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

3 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

7 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

1 / 68      (PUP)
http://www.tvvie.com/.../download.php  (tv_bar_2_b2.exe)

The following 92 files have been seen to comunicate with www.tvvie.com in live environments.

TCP » 50.63.202.40:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 50.63.202.40:80
2c79909a-0790-4040-a366-a60e83b2a157-10.exe (MediaPlayersvideos 1.1 by Enter)

TCP » 50.63.202.40:80
mediaplayersvideos 1.1-codedownloader.exe (MediaPlayersvideos 1.1 by Enter)

TCP » 50.63.202.40:80
ge-force-codedownloader.exe (Ge-Force by iWebar)

TCP » 50.63.202.40:80
bd235320-55b3-4b4c-b65d-42e16109800c-4.exe (SavePass 1.1 by OB)

TCP » 50.63.202.40:80
{blocked}.exe (SavePass 1.1 by OB)

TCP » 50.63.202.40:80
mediaplayersvideos 1.1-codedownloader.exe (MediaPlayersvideos 1.1 by Enter)

TCP » 50.63.202.40:80
ge-force-codedownloader.exe (Ge-Force by iWebar)

TCP » 50.63.202.40:80
3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-4.exe (I - Cinema by DiscountFrenzy)

TCP » 50.63.202.40:80
fdf73203-60b1-4316-b80c-c1e80e7d73f1-4.exe (PalMall by BND)

TCP » 50.63.202.40:80
sxywu.exe (HQ-Video-Pro-2.1V26.11 by HQ-VideoV26.11)

TCP » 50.63.202.40:80
3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-11.exe (I - Cinema by DiscountFrenzy)

TCP » 50.63.202.40:80
online-guardian-v2.0.9.exe

TCP » 50.63.202.40:80
alql.exe (TotalPlusHD-3.1V25.11 by HDPlus-3.1TotalV25.11)

TCP » 50.63.202.40:80
39b0c27e-e513-4376-9d09-539622bc7eab-5.exe (Radio Canyon)

TCP » 50.63.202.40:80
i - cinema-codedownloader.exe (I - Cinema by DiscountFrenzy)

TCP » 50.63.202.40:80
UCBrowser.exe (by UCWeb)

TCP » 50.63.202.40:80
video mediaplayer-nova.exe (video MediaPlayer by enter)

TCP » 50.63.202.40:80
888a91b6-e393-40f2-87bf-50b7ae0f2354-11.exe (HQ Pro Video 1.6V27.11 by HQ VideoV27.11)

TCP » 50.63.202.40:80
39b0c27e-e513-4376-9d09-539622bc7eab-11.exe (Radio Canyon)

 
Latest 20 of 94 files

URL:
http://www.tvvie.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)

Facebook:
Likes:  14
Shares:  9
Comments:  2

Statistics are for the previous month.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.