The domain ttb.dllultimatesoft.com registered by GoNameSales.com was initially registered in March of 2015 through SOLUCIONES CORPORATIVAS IP,SLU. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Portland, Oregon within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform from the US West (Oregon) region datacenter.
Registrant:
GoNameSales.com
Registrar:
GONAME-TN.COM, INC.
Server location:
Oregon, United States (US)
Create date:
Thursday, March 5, 2015
Expires date:
Saturday, March 5, 2016
Updated date:
Tuesday, October 13, 2015
ASN:
AS16509 AMAZON-02 - Amazon.com, Inc.,US
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.PaymentsInteractiveSL.F, PUP.Installer.OUTBROWSE.K, PUP.Installer.DigitalPluginSl.F, PUP.Installer.TUGUUSL.K, PUP.Installer.TuguuSL.K, PUP.Tuguu.TuguuIsrael.Bundler (M)
91.67%
AVG
Adware DomaIQ.CW, Generic, Adware Skodna.Bundle_r.Y
75.00%
Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.OutBrowse, PUP.Optional.Domalq, PUP.Optional.BundleInstaller.A
75.00%
VIPRE Antivirus
DomaIQ, Threat.4150696, Threat.4784459, Threat.4783262
75.00%
Dr.Web
Adware.Downware.3587, Adware.Downware.2081, Trojan.DownLoader11.29457, Trojan.DownLoader9.21779, Trojan.DownLoader11.4884
75.00%
Avira AntiVirus
APPL/DomaIQ.Gen, APPL/Downloader.Gen, APPL/Downloader.Gen8
75.00%
G Data
Gen:Variant.Application.Bundler.DomaIQ, MemScan:Application.Bundler.Outbrowse, Win32.Application.Outbrowse, Gen:Variant.Application.Strictor.62662
75.00%
MicroWorld eScan
Gen:Variant.Application.Bundler.DomaIQ.7, MemScan:Application.Bundler.Outbrowse.E, Gen:Variant.Application.Strictor.62662
66.67%
McAfee
PUP-FJV!B7C73AFE167C, Adware-OutBrowse, SoftPulse, PUP-FJP!07139B3E6500, CryptDomaIQ, PUP-FJP!592AF1822EE8
66.67%
K7 AntiVirus
Unwanted-Program
66.67%
Kaspersky
not-a-virus:AdWare.Win32.Lollipop, not-a-virus:AdWare.Win32.OutBrowse, not-a-virus:AdWare.Win32.Agent, not-a-virus:AdWare.MSIL.DomaIQ
66.67%
Bitdefender
Gen:Variant.Application.Bundler.DomaIQ.7, MemScan:Application.Bundler.Outbrowse.E, Gen:Variant.Application.Strictor.62662
66.67%
Lavasoft Ad-Aware
Gen:Variant.Kazy.380151, MemScan:Application.Bundler.Outbrowse.E, Gen:Variant.Application.Strictor.62662, Gen:Variant.Strictor.55983
66.67%
F-Secure
Gen:Variant.Application.Bundler, MemScan:Application.Bundler.Outbrowse, Gen:Variant.Application.Strictor, Gen:Variant.Strictor.55983
66.67%
Sophos
Generic PUA FN, OutBrowse Revenyou, Generic PUA JB, DomainIQ pay-per install, Generic PUA FA
66.67%
The domain ttb.dllultimatesoft.com has been seen to resolve to the following 3 IP addresses.
ec2-54-201-201-245.us-west-2.compute.amazonaws.com
September 3, 2014
ec2-50-112-177-75.us-west-2.compute.amazonaws.com
May 31, 2014
File downloads found at URLs served by ttb.dllultimatesoft.com.
URL:
http://ttb.dllultimatesoft.com/
Title:
“dllultimatesoft.com”
Network:
Amazon Web Services (AWS), running an EC2 instance