home

www.tourpresentapps.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
tourpresentapps.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Vittalia.QUICKIDEAS.Installer (M), PUP.installCore.MICROMAX.Installer (M)
100.00%

Trend Micro House Call
TROJ_GEN.R02SH05EF15
5.88%

The domain www.tourpresentapps.com has been seen to resolve to the following 11 IP addresses.

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 22, 2016

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
July 27, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
July 18, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
July 18, 2016

54.191.246.249
ec2-54-191-246-249.us-west-2.compute.amazonaws.com
July 18, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 18, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
July 18, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 18, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
July 18, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 18, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
July 18, 2016

File downloads found at URLs served by www.tourpresentapps.com.

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=suFfBoIXO1a5TuRMXpz7eMYj2DdJYVqNgWdvvqPMxX8=&c=z9UIQ7dZR3NWz7ORxfL11C3QwK1Oca LVuqQs0KggM4pc1ZnbCLM5AKchDfVsCNlFJhzhZmVttnyU IJg3vgdOLSWG7EZJF91Mne6dPafS/7PpRM6O07dQWcHhDkoadz&fallback_url=http://res.hufftos.com/.../install_reader11_fr_mssd_aih_fr.exe  (749c70d2606be8acfa30a9ab6bac9253)

1 / 68      (PUP)
http://www.tourpresentapps.com/WVl6OTRQVEpGUzJSclVUZHJjbEppY2xSbFVYWndNMXBtT0ZaQ1JWWTJkRGMwUXpGbGRWSk9jV0pDZERobVptTWxNMFFtWXoxNE1EVjVjMWRXTm5sMWR6bElja2g1ZEdWaFVHeENPSGRQVG5BM00wSjRkbkV3WlV4eFNXc2xNa1paZERJeE1sUlhOelZ6YWxOa05tTTFSa1V5WldoU05tVm9kVUVsTWtaMlIzWk5NWFE1T0hOQ2FVZ3pTRGxOWVhjMWRTVXlRblJQVmt4c1VFODVOMU54VFVwamF6TkhjRlZITnpSMVIzbERaV2RzUkdwWVlVRlRSbEkxSlRKR2RUSjFWMU5ZVDBOaU9IcFNaalo1VjIxblVISkxVU1V6UkNVelJDWmxQVEVtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1p5WlhNdVpXMXBiRzR1WTI5dEpUSkdZMkZqYUdVbE1rWjFjR05vSlRKR1ptbHlaV1p2ZUNVeVJsVndaR0YwWlVOb1pXTnJaWEl1WlhobA==  (icreinstall_updatechecker.exe)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=odG7HFsbABEUyEC6IoDF42blyYCmhFkKQHY9WqbI3Kw=&c=W7fqXDFvQToqsPrWTIWg QbAH8qr6m8PaYqSY2Sf74kNHg rxmpsqnh53PfpjpbigEUHErGj7JJVG1qmnM0MQe06YnnAXbRallDa2CiOXgD9R5FAzAS1m5shDnxwJukj&fallback_url=http://res.kchuss.com/.../ExcelViewer_fr.exe  (5109beb485f319c1025f9012b0a89db9)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=cYbMrMcAw6Hx/dxn3MpwLMzaAztNHVLB2J3fHgAf2mI=&c=CtyU9Xrm6cRsuovnoez3dU5WeO6Gt bShibbAHAsZgZ8YqEZG GnP 4we TFk5NJTcyefQALalvFaK/YKXIzJjjcxDfKrVUIWsa3ibxGrh7dTfu HqpjISHB8ys i vGPHsaJJHsqJjjxtMJ43xejU0NaK1WmmQXc3bHpCPNq5s=&e=1&fallback_url=http://res.hufftos.com/.../install_virtualdj_home_v7.0.5.exe  (b3937e428e8e11c91d1cad636ef7d0e9)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=er5f282s S6CUd 1YZT92bZwKTrO161UvKp9QC LA00=&c=erpgnNExFWtAAp2zIruVk8iT l4Cic0js6lW9aEYLphpYULyO1ol4yAX372/RG9xI5ujhMyGJpEhnBdhklvDEEGl1/okUFXst213p4eap3CrKzdZuZ4uDi3fk1tdDEa62I00FV/tzdn rZlqBrHu7fOVf0kC0VhxVMjuYnYttbw=&e=1&fallback_url=http://res.kchuss.com/.../wordview_fr-fr.exe  (b98dcae66038ef342f604d7971afea45)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=43g0wVWmhRAp3PLR0V9aG6yd8Z8vpCLQ44bNSxNoVhk=&c=n4cfhe4CD8WcrBwgFPg0Up45lebt1cT4ULphHLdqcAYQRbQoaYUiC98VRIv6CNpdze81mIQigHoT02Zzf3UaEUt7MnsxPPNZqihhx nXL137k3dxl18XoZBYeSC6TiWxNCWpNs51FK0QkNb2v62ikzBKqXRMVjXvKqaTVLU/h7M=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=16dzMf2g6BWi8GKMY5MtO9jR8ETGkTHK1/N8dhmc42k=&c=RTQDUWh3XA0uKjqQ0/ydgaQ7kzEgw0okasE5lr3wREPIEsERnS3KLD6hCNBRn7QQoMNb5MjqzZyMxA8mQAfgrckoxtxz1Ok34EcPTOjqw7tV4yYjGf G3AudDe8QvxblRjZQushfH3gSDXMgQRjQFoS9LYYGED6mvv wbgR11Pw=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=1sdOmp867DueGodIHhkRQR6sLWWcx7ceL691tViRVRM=&c=YsWHpQSkjAcuWeR1rymPRGuO5ifnHZp/CKO6VT5 v/Sk9W2j7PrtatH2fRM sZ fvgobMHI2glSwpDIbBYIBu2uiY28X8AvklJFh0sXitAtpG yCGHiemk0soZqeEL4v&downloadAs=skype.exe&fallback_url=http://res.kchuss.com/.../SkypeSetupFull.msi  (9c93b18dc09215098a8e27f6a0e875f2)

1 / 68      (PUP)
http://www.tourpresentapps.com/WVl6OTRQV2haTm1SaWVGcFVhalZhYm5abmNrOWpjVkZ0VmtkbWRGTldUbFU0UW5GalNEUk9lSGtsTWtKSldFdEdTU1V6UkNaalBWZEpkVmdsTWtadk4zcFZUVXhUWWprMlpFUnhVMGdsTWtJNFZsY3dhWGw0Tkd4eGQyOW1lVTlSYTJJMlNXMUtabHBSVG1OSmNFaFJkR05GVFdSS2FFWkdWRkV3VTBsS1RtWklWVlE0V0ZaaE5XNUJWbk5xTW5SSWRWZHdXV2hGUW5GM2NWSlpjMFpQTWxCSVp5VXlRa2hTT1Vwc01YcHdZVkE1U0VVd1NHVWxNa0l4U2tzbE1rSmlPR0ZqVEdGMFZsVkJjV013Y1cxME1HZzBRbGxFVVdjbE0wUWxNMFFtWlQweEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR2NtVnpMbXRqYUhWemN5NWpiMjBsTWtabGVIQnNiM0psY2lVeVJrbEZNVEF0VjJsdVpHOTNjell1TVMxNE9EWXRabkl0Wm5JdVpYaGw=  (ie10-windows6.1-x86-fr-fr.exe)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=0a5QTZ/DmS8X8Wp5FPLg/pkonxTVIL/9nPqMkIoZM0M=&c=IbqYSCb1bKTZPorUAmg2EDHUJ6QZNIe6ivrKmresLs3hOnUPQG/xLrcX6J1ZRMCMx85b1SQ5JCks4amR294f7h6cb9QWZs7pysT3Kk6njA1x0NpBGJEYIzN F6qAfb7o&fallback_url=http://res.kchuss.com/.../wmp11-windowsxp-x86-FR-FR.exe  (aa598c7fafd5ce75661f6818518f36b0)

2 / 68      (PUP)
http://www.tourpresentapps.com/c?x=OsV9XuU lnpjGN7ymQE5oumtDgUX CvOxJrb9wlqXjQ=&c=d5du99p3APbAKvZ38oEAYllPFX zkE9 Y3yfdzsvQvCES69KwocujzQBOtAHyvWShsFx/9JnZkDxRW Np14l5rSHi1s a3OSivFh kLr0b4w0XufEEQ2RUEJjIpfL4RxhgeKx5Q6iEKgs5OB1RYOhY70Di11fGXsUHVl2x9imto=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (e555e9c59da4d0efbb2d68b4f8c330f8)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=4Vf9FxioJAx1y3yI5gUelhIVBU2CNlx1G/bTLeiylFg=&c=MOAQXLDEQSdNqxOVVwAgrL9aou5k7nooOhSBv6/HLacJ97o1Myr3S2ucpMC3HWO6pJazedWwPxMxGQzolm1jNEJ9k7Tf3iCbH8oqbjLd4F9TkKf7LqCLOX8uZxmQb03on5OCtazxhhwOXK2/vVMGJtz9dho2Tuxkc8T0 bLJdnc=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=9aQwVsmVxTK6ioAfCLkuDOyInQAWC3nt rh3b5hvk3U=&c=IWdvcxOT9z4AA7Vd4mkBHtFveILSGYPJJsC5Ium5QQcMElzwHZLoEcD0i/7dDE7AoxuqPNiouoAcfKq7mZlFoIMN94qMo5x7bpKXvve4cj9QV1TLme6oRwgF1YcUgSl2ggVsQTYKtc2OGUKzwWMTQgScL0WRN22mb 17Mr/gwp4=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (f2c0907fda37bf63d3d94edf3152b57e)

1 / 68      (PUP)
http://www.tourpresentapps.com/WVl6OTRQV2huZEdKU1UxbEtiRmxTU0V0MlRETmFNelJzTWxWeFlVMUZkM0ZWWkhsall6ZE5ZV0ZwVVV4S1JrRWxNMFFtWXoxeFpVSktaMUU1TmpsQ2JqUXdNMUZVZFdsWGNtVm5VemRHU1hwbmJYSndkMGhSTWtGNVkwNUxhVloxVFRCd2FtNGxNa1k0TVRGRldtWkdTMFpCVjFSaE1YbzFkMmhOVkRaaFUyMUJkSEZ3YjBkYU1XdE1XR1pSVERKVlozTkJhVEpVYkdWaFNFdGxKVEpHYzBaaFdrRmpSMmRRUTJWbVNVUjROV3g0SlRKQ2RXSnlZMDlRZUcxb1NqVlBTVmh3V0RsMlFYRnVSa05MZFVOV1NXY2xNMFFsTTBRbVpUMHhKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdjbVZ6TG1WdGFXeHVMbU52YlNVeVJtTmhZMmhsSlRKR2RYQmphQ1V5Um5Cb2IzUnZKVEpHVlhCa1lYUmxRMmhsWTJ0bGNpNWxlR1U9  (updatechecker.exe)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=jycuuAH7Z7d6r8Zek9wJCI1KqrHquCgZfEFkuBnZNkw=&c=v9Bm42ezhpOrCFKyy1SJFP/I96DnTiEP9bTx1R85DFv1u8F8QTmbEeHmgSc4OTl7yMpz7AqfSegzVS cvuxMQo0k9ViVOMJnio0pzaAlXUG/XV8yFL8Pfcf6BUw6gKgy&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (eeb40eb953afdaef2d1161d90b27a3fb)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=63hag8BYN7osKftVwEpJU0eyC3GRNnA1XiTK137u7I0=&c=DkGc3BYZ6TdgWdJlkQ XMMsws9Ul/IhkdlEobPsvsEz5AVOGWIfKn0bOp2GkXVH53xd5qZs050W2ZD9U/bC6JsDzhvUOwlx6LPQGpXSKXesDkMhzgL0H8fUkZz7gnfFC&fallback_url=http://res.hufftos.com/.../Photoshop.exe  (8cc03c9ac87aad81e42a07c63d07b06f)

1 / 68      (PUP)
http://www.tourpresentapps.com/WVl6OTRQV3hKUW5veVQzUkNjMmtsTWtZeVFXRTRSa2RWZFdGc1ZFaGhNVXB1WmtGc1owRTJOelZtTlVGbGNtUlRPQ1V6UkNaalBXNTZNMU5LY2tKbUpUSkdWazlpT0d0cmJYbFphRXhLTXpWMFZVdDFPR1JYZEZsWlIyZ3pNRTVwZUV0bU5rTXllQ1V5Um1aR1owNU5RVTFQZEZoM1lYRnhhbE5TT0dFeFJtOXFkVTF1SlRKR1pWUjRPR3BQU0RVeWIzcEllVFEwWVdKMk5HNGxNa0k1TmlVeVJsazFiMmd5VGtJNVJIWmtKVEpHVFZKc1JYbFhabWw0UWs1U2NGaHpXRW95U1hKQ09XbzJZWFJJZVZOVGQxUnlORkZKWm1JNFFTVXpSQ1V6UkNabFBURW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWnlaWE11WlcxcGJHNHVZMjl0SlRKR1kyRmphR1VsTWtaMWNHTm9KVEpHWm1seVpXWnZlQ1V5UmxWd1pHRjBaVU5vWldOclpYSXVaWGhs  (icreinstall_updatechecker.exe)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=naN1ceXHJ/CorhBhpPrPB56vc9j9bnonMDTvbh buJY=&c=Y431Re E8JalqgysXP5/qfl0jF1iZmKvyGDUbWmeEd7SU86M3MTcL2eLcsFB6KAVfiTYHp/yGrXPFcJdUjovOXwSkReRHR86Zykx6jzKZfU0wlBPtlqMwK71HmeBdXQudJiRsVLmxZaPNcrBKcg1 U0cOVk2qsUgJ/kjtJK6r5k=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (ccf728fef9faf65fab9a066c4a71219e)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=93ST 54DHbExfaqUakjKqaE7041jzcEc/iwhZ/KSnT0=&c=AjnqPqPIbpbwqacm3jncMNlizNft7mvagEqpbG8OEyYIhfZLvBya5tr9/n69TKARAAnY76hEOhbSKKv MmEuNQXJLq2SdlQoIX/DfSYifc NGejj/ jJMMEnMweoDnG3oRD91jHJwx0cVek5HlY6Ai6qB0LsClGf0/NdE2256Lc=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (b69bc64090fc2a12b5ea79108912bb58)

1 / 68      (PUP)
http://www.tourpresentapps.com/WVl6OTRQWGxHUVZNbE1rWllNVXhsWjFOalMwaGlkVWRDY0Rac01pVXlRbEY1ZDNoMGJ6QnlkalEzWlc1aWRUQmpTRXRKSlRORUptTTlibWxoUVZkclprbEJNelF4VDBabU0yOVVkM1JLVGsxbGFrZ3paVFZsV1VWVVozVjRWSGMxTldKd2EzZFlSakZCWlROS2NrTXpPVXg1V0hKb04zZEVKVEpDTmpCSVFWRmtkU1V5UW1SdlFWcDBXVFZVUVRjNVJIQnJia3QzU1doNGMwaFhXRE5pWjJWUVJtNXlaMGRUWmtvMWN6Y3pVbTVZVFhaS1RsazRVbWhVVTFCSldtbE5abk5tUVhCdEpUSkNjRU5pU0RRNGNWZERjVkIzSlRORUpUTkVKbVU5TVNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um5KbGN5NWxiV2xzYmk1amIyMGxNa1pqWVdOb1pTVXlSblZ3WTJnbE1rWnRhVzVsWTNKaFpuUWxNa1pWY0dSaGRHVkRhR1ZqYTJWeUxtVjRaUT09  (updatechecker.exe)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=pbjY3qtqhw Filq4NBXz64XcK1cJVPjF510FlYgRE0=&c=OFxjMMhbWJFR9V/q/TOtXaLLKhN96XP8wRvE4Ill07MkEFhgKxR/ojG76GHpQ7plBikTbpFdzN9 dJ00qk/wDjFeo10ViDIIlmziqFkElCLvNqlFg28rN25jj5xgEe249UhdPHF5nosu15tCQz8RCpbzwRSMBeMZwvRLVvIHv3c=&e=1&fallback_url=http://res.nobistex.com/cache/upch/.../UpdateChecker.exe  (a7f4e61851db425bf5a3c4b9dffe2be6)

1 / 68      (PUP)
http://www.tourpresentapps.com/c?x=V2aeeCyxIWkMWh Pmy6uF4JnPc99w Wz0M2belf4gU4=&c=E/4NWeeaFDG2gSkL4lAnd8NFkN68H0jESeKb9qJAOSuRsa3vTSuYx3DB0WWs4oUA3/Ru1vC3yxhNyCnLq/vDYJrwrjzZSj3tTVjlaTVumi1UnCkyR7RUAN3EK0xChJUF&downloadAs=skype.exe&fallback_url=http://res.kchuss.com/.../SkypeSetupFull.msi  (9c93b18dc09215098a8e27f6a0e875f2)

1 / 68      (PUP)
http://www.tourpresentapps.com/WVl6OTRQVVpxYVVaWk9FWmlSRWQ0V0hkQlYwVTViMWg2YjNGUFNHbEJaMnhaTVZKd2NUZEhKVEpHTVVkb1QyVldjeVV6UkNaalBYTkxha1pJY2pORVdtOWlTWEZNTlZGbFVHdFJSRzVsWkZsaGNqUnBWbGRRY21kbVV6bEdjblZqY0cxYU5XYzVlRU5KTTNVNVV6TkpXV3dsTWtKWVRUVkNhek5MZFVFMk1YRjVla2sxZEhaTGNHOHljRXczWjNWeVQwSlhlaVV5Ums5aEpUSkdVR2swYzNoNlRFZDBiR0ZRU1VkaWR6Tm5aMEkySlRKQ2J6ZGxXVU5NVXpBMU9XY2xNa1paTTFOcFUzTnlhbXB0ZGpOSFpWazFja05tVFdjbE0wUWxNMFFtWlQweEptWmhiR3hpWVdOclgzVnliRDFvZEhSd0pUTkJKVEpHSlRKR2NtVnpMbVZ0YVd4dUxtTnZiU1V5Um1OaFkyaGxKVEpHZFhCamFDVXlSbVpwY21WbWIzZ2xNa1pWY0dSaGRHVkRhR1ZqYTJWeUxtVjRaUT09  (icreinstall_updatechecker.exe)

The following 36 files have been seen to comunicate with www.tourpresentapps.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.