download.uniblue.com

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain download.uniblue.com is registered by proxy through Network Solutions, LLC and was originally registered in January of 2004. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from download.uniblue.com - Powered by Reason Core Security
Registrar:
Network Solutions, LLC

Server location:
Virginia, United States (US)

Create date:
Tuesday, January 13, 2004

Expires date:
Sunday, January 13, 2019

Updated date:
Saturday, November 14, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (86% detected)

Scan engine
Details
Detections

AVG
Luhe.Fiha, Uniblue
95.45%

Trend Micro House Call
TROJ_GEN.F47V1218, Suspicious_GEN.F47V0210, Suspicious_GEN.F47V0611, Suspicious_GEN.F47V0607, Suspicious_GEN.F47V0616, TROJ_GEN.F47V0207
95.45%

Dr.Web
riskware program Program.Uniblue.9, riskware program Program.Unwanted.285, is riskware program Program.Uniblue.12, Program.Unwanted.544
95.45%

McAfee
Artemis!CD53B76C8F9D, Artemis!E96306BC11C8, Artemis!98EA73BEE302, Artemis!4D7870A842A9, Artemis!ADBD70902E70, Artemis!BEDF54288222, Artemis!1FEF7BE28489, Artemis!D618E428592E, Artemis!C175F462EE41
88.64%

McAfee Web Gateway
Artemis!CD53B76C8F9D, Artemis!Trojan, Artemis!CE68DA36803D
88.64%

G Data
Win32.Adware.OpenCandy, Win32.Application.Uniblue, Win32.Application.Agent.2WVTWI
75.00%

Bkav FE
W32.HfsAdware
70.45%

Fortinet FortiGate
Riskware/SpeedUpMyPC, Riskware/UniBlue, Riskware/OpenCandy
65.91%

ESET NOD32
Win32/SpeedUpMyPC, Win32/RegistryBooster, Win32/UniBlue.F potentially unwanted (variant), Win32/SpeedUpMyPC.A potentially unwanted
61.36%

IKARUS anti.virus
PUA.Uniblue, PUA.SpeedUpMyPC
56.82%

Sophos
Generic PUA GM, Generic PUA DM (PUA), Generic PUA LL, Generic PUA MN, Generic PUA KH, Generic PUA DL (PUA), Generic PUA IC
54.55%

Baidu Antivirus
PUA.Win32.UniBlue, PUA.Win32.SpeedUpMyPC, Hacktool.Win32.SpeedUpMyPC
52.27%

Rising Antivirus
PE:Trojan.Win32.FakeAV.bsj!1075358218, PE:Trojan.BrowseFox!1.A1FD[F1], PE:Malware.Generic/QRS!1.9E2D [F], Trojan.Win32.Generic.125C7C4B
52.27%

Malwarebytes
PUP.Optional.SpeedUpMyPC, PUP.Optional.PCMechanic
50.00%

Antiy Labs AVL
GrayWare[RiskTool:not-a-virus]/Win32.SpeedUpMyPC.a, RiskWare[RiskTool:not-a-virus]/Win32.SpeedUpMyPC, GrayWare[AdWare]/Win32.Shopper.adw
47.73%

The domain download.uniblue.com has been seen to resolve to the following 15 IP addresses.

ec2-54-225-231-158.compute-1.amazonaws.com
August 11, 2015

ec2-107-21-210-212.compute-1.amazonaws.com
August 11, 2015

ec2-54-235-120-194.compute-1.amazonaws.com
June 18, 2015

ec2-23-21-206-35.compute-1.amazonaws.com
August 7, 2014

ec2-23-23-138-196.compute-1.amazonaws.com
August 7, 2014

ec2-107-21-127-37.compute-1.amazonaws.com
August 7, 2014

ec2-54-243-120-72.compute-1.amazonaws.com
August 7, 2014

ec2-54-225-147-173.compute-1.amazonaws.com
March 14, 2014

ec2-23-21-208-245.compute-1.amazonaws.com
March 14, 2014

ec2-50-19-217-85.compute-1.amazonaws.com
February 20, 2014

ec2-54-225-135-138.compute-1.amazonaws.com
February 20, 2014

ec2-107-20-206-16.compute-1.amazonaws.com
January 8, 2014

ec2-54-225-177-150.compute-1.amazonaws.com
January 8, 2014

ec2-54-235-128-202.compute-1.amazonaws.com
December 18, 2013

ec2-107-21-114-226.compute-1.amazonaws.com
December 18, 2013

File downloads found at URLs served by download.uniblue.com.

8 / 68      (PUP)

11 / 68    (PUP)

7 / 68      (PUP)
http://download.uniblue.com/ub/dlib/.../driverscanner.exe  (5144ec37586f63d474707fedce9cad4b)

11 / 68    (PUP)

18 / 68    (PUP)

21 / 68    (PUP)

11 / 68    (PUP)

20 / 68    (PUP)

13 / 68    (PUP)

15 / 68    (PUP)

11 / 68    (PUP)

15 / 68    (PUP)

15 / 68    (PUP)

6 / 68      (PUP)

8 / 68      (PUP)

0 / 68

21 / 68    (PUP)

17 / 68    (PUP)

21 / 68    (PUP)

 
Latest 30 of 702 download URLs

The following 5 files have been seen to comunicate with download.uniblue.com in live environments.

URL:
http://download.uniblue.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
AmazonS3

Facebook:
Shares:  1

Statistics are for the previous month.

Remove Malware from download.uniblue.com - Powered by Reason Core Security