sub2.bubblesmedia.ru

Private Person  (Proxy Registrant)

Domain Information

The domain sub2.bubblesmedia.ru is registered by proxy through REGRU-RU and was originally registered in March of 2010. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.
Remove Malware from sub2.bubblesmedia.ru - Powered by Reason Core Security
Registrar:
REGRU-RU

Server location:
Moscow City, Russia (RU)

Create date:
Wednesday, March 17, 2010

Expires date:
Friday, March 17, 2017

ASN:
AS47918 GIGABASE Gigabase ltd

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.MediaGet.AA, Optional.MediaGetApp.Installer.MediaGet.X, Optional.MediaGetApp.Installer.X, PUP.Optional.Installer.AA, PUP.MediaGet.Optional.Installer.Meta (L)
100.00%

Malwarebytes
PUP.Adware.MediaGet, PUP.Optional.MediaGet
92.31%

ESET NOD32
Win32/MediaGet (variant), Win32/MediaGet.AF (variant), Win32/MediaGet.AF potentially unwanted (variant), Win32/MediaGet.AE potentially unwanted (variant)
92.31%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.MediaGet, not-a-virus:Downloader.Win32.MediaGet
92.31%

Sophos
MediaGet, MediaGet (PUA)
92.31%

G Data
Win32.Adware.MediaGet, Adware.Generic.634929
92.31%

AVG
Luhe.MediaGet.B, Banne
92.31%

Comodo Security
UnclassifiedMalware, Application.Win32.MediaGet.A, Application.Win32.Mediaget.~GYT, Application.Win32.MediaGet.G
69.23%

Avira AntiVirus
APPL/MediaGet.Gen5, APPL/Mediaget.AD.1, APPL/Mediaget.AE, PUA/MediaGet.Gen5
61.54%

Dr.Web
Program.MediaGet.21, Program.MediaGet.105, Program.MediaGet.111, Program.MediaGet.120, Program.MediaGet.133
61.54%

K7 Gateway Antivirus
Unwanted-Program , Trojan
53.85%

K7 AntiVirus
Unwanted-Program , Trojan
53.85%

Trend Micro House Call
TROJ_GEN.RCBCOEI, TROJ_GEN.F47V1031, TROJ_GEN.F47V0410, Suspicious_GEN.F47V0707, Suspicious_GEN.F47V0209, Suspicious_GEN.F47V0422
46.15%

McAfee
Artemis!7ACC1EF7F84F, Artemis!C644C8E0B32F, Artemis!F1D72BBB5ACF, Artemis!9A12E10510FA, Artemis!32F376FACBA3, Artemis!AA0F91B719D0
46.15%

Bkav FE
W32.Clod6ee.Trojan, W32.HfsAdware
46.15%

The domain sub2.bubblesmedia.ru has been seen to resolve to the following IP address.

December 27, 2013

File downloads found at URLs served by sub2.bubblesmedia.ru.

13 / 68    (PUP)

13 / 68    (PUP)

13 / 68    (PUP)
http://sub2.bubblesmedia.ru/sb/clk/s/1246/o/145/p/1249/.../zsr?a=1  (simpletv-2023-full-download-indir_id4578310ids2s.exe)

13 / 68    (PUP)

18 / 68    (PUP)

 
Latest 30 of 307 download URLs

URL:
http://sub2.bubblesmedia.ru/

Title:
“BubblesMedia”

SSL certificate subject:
CN=sub2.bubblesmedia.ru, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx/1.6.0 (PHP/5.3.28)

Remove Malware from sub2.bubblesmedia.ru - Powered by Reason Core Security