byvue.com

Domain Privacy Service FBO Registrant.  (Proxy Registrant)

Domain Information

The domain byvue.com is registered by proxy through DOMAIN.COM, LLC and was originally registered in March of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from byvue.com - Powered by Reason Core Security
Registrar:
DOMAIN.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Friday, March 16, 2012

Expires date:
Wednesday, March 16, 2016

Updated date:
Tuesday, March 03, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

Dr.Web
Win32.Sector.21, infected with BackDoor.Infector.133, riskware program Program.Unwanted.733
100.00%

Reason Heuristics
Win32.Generic.BoostSoftware.Installer.Meta
97.30%

Qihoo 360 Security
Malware.QVM05.Gen
97.30%

Vba32 AntiVirus
Signed-Riskware.PCHealthBoost
21.62%

G Data
Win32.Application.PCHealthBoost
21.62%

Sophos
PUA 'Install Core Click run software'
21.62%

IKARUS anti.virus
PUA.PCSpeedBoost, PUA.PCHealthBoost
18.92%

Total Defense
Win32/PCHealth.VFOFfAD
16.22%

AVG
Boostsoft
13.51%

K7 Gateway Antivirus
Unwanted-Program
13.51%

K7 AntiVirus
Unwanted-Program
13.51%

ESET NOD32
Win32/Distromatic
13.51%

Zillya! Antivirus
Trojan.Virlock.Win32.29883
13.51%

herdProtect (fuzzy)
a variant of f4a269982dfe7c9d9d223f6c2d9ad291a767a9b2, a variant of 34e451057c8869615669b268a55ec20b119406d6, a variant of 524b82eecbe6fb6c67eaddae41fcf0595f2a0546
10.81%

Clam AntiVirus
Win.Adware.Agent-7758
10.81%

The domain byvue.com has been seen to resolve to the following 4 IP addresses.

ec2-54-209-174-6.compute-1.amazonaws.com
May 30, 2014

May 1, 2014

ec2-107-23-69-123.compute-1.amazonaws.com
May 1, 2014

ec2-54-208-103-75.compute-1.amazonaws.com
May 1, 2014

File downloads found at URLs served by byvue.com.

3 / 68      (PUP)

0 / 68

0 / 68
http://byvue.com/?a=233200&c=1210085&m=32&s2=DD5  (pc_faster_setup_mini_i58_1547164236.exe)

0 / 68
http://byvue.com/?a=245864&c=1210085&m=28&s1=paccid&s2=2203234957  (pc_faster_setup_mini_i58_1547164236.exe)

3 / 68      (PUP)

3 / 68      (PUP)

0 / 68

0 / 68
http://byvue.com/?a=233200&c=1210086&m=32&s2=PC-EG&s3=70600  (pc_faster_setup_mini_e90_1240720689.exe)

3 / 68      (PUP)

The following file have been seen to comunicate with byvue.com in live environments.

May 5, 2015

URL:
http://byvue.com/

Google Analytics:
UA-371057

Title:
“Neverblue - Lead Generation | Client Acquisition | Mobile Advertising | Performance Marketing”

Network:
Amazon Web Services (AWS), running an EC2 instance

SSL certificate subject:
CN=byvue.com, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
Apache (PHP/5.5.9-1ubuntu4.5)

Facebook:
Shares:  4

Statistics above are for the previous month of November 2016.

Remove Malware from byvue.com - Powered by Reason Core Security