unzip-it.com

Privacy Protection Service INC d/b/a PrivacyProtect.org  (Proxy Registrant)

Domain Information

The domain unzip-it.com is registered by proxy through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM and was originally registered in February of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from unzip-it.com - Powered by Reason Core Security
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Virginia, United States (US)

Create date:
Thursday, February 13, 2014

Expires date:
Monday, February 13, 2017

Updated date:
Monday, January 25, 2016

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Threat.4788237, Threat.5084491, Threat.4371328, Threat.4786018
66.67%

Reason Heuristics
PUP.Bundler.InstallCore, PUP.installCore (M), PUP.NewMedia.Installer.installCore.Installer (M)
66.67%

G Data
Win32.Application.InstallCore.CZ, Win32.Application.InstallCore.EG
50.00%

ESET NOD32
Win32/InstallCore.ZC potentially unwanted application, Win32/InstallCore.YL potentially unwanted application, Win32/InstallCore.XX potentially unwanted application
50.00%

avast!
Malware-gen, Trojan-gen
33.33%

Agnitum Outpost
Trojan.Badur
33.33%

Trend Micro House Call
TROJ_GEN.R021H07DP15, Suspicious_GEN.F47V0513
33.33%

NANO AntiVirus
Riskware.Win32.InstallCore.drfvry, Riskware.Win32.InstallCore.dqhetu
33.33%

Dr.Web
Trojan.InstallCore.563, Trojan.InstallCore.47
33.33%

Vba32 AntiVirus
Trojan.Badur.anicr, Malware-Cryptor.InstallCore.gen
33.33%

Baidu Antivirus
Adware.Win32.InstallCore
33.33%

AVG
InstallCore, Generic
33.33%

Qihoo 360 Security
HEUR/QVM06.1.Malware.Gen, HEUR/QVM42.1.Malware.Gen
33.33%

herdProtect (fuzzy)
a variant of f3e077f25303573649a3e631f7a97c2c72d77340, a variant of 7c09f0bd9ede7803f3a807d3b192817397fdf3e6
33.33%

Zillya! Antivirus
Trojan.Badur.Win32.29707, Trojan.Badur.Win32.28882
33.33%

The domain unzip-it.com has been seen to resolve to the following 7 IP addresses.

ec2-54-84-209-207.compute-1.amazonaws.com
January 31, 2016

ec2-54-88-93-196.compute-1.amazonaws.com
January 6, 2016

ec2-54-165-29-156.compute-1.amazonaws.com
May 6, 2015

ec2-107-21-41-152.compute-1.amazonaws.com
May 5, 2015

ec2-54-210-190-77.compute-1.amazonaws.com
May 5, 2015

ec2-54-86-23-250.compute-1.amazonaws.com
August 17, 2014

ec2-54-85-139-155.compute-1.amazonaws.com
August 1, 2014

File downloads found at URLs served by unzip-it.com.

June 5, 2014

URL:
http://unzip-it.com/

Google Analytics:
UA-53254711

Title:
“File-Opener”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx/1.4.7

Facebook:
Likes:  2,434
Shares:  2,508
Comments:  2,953

Statistics above are for the previous month of November 2016.

Remove Malware from unzip-it.com - Powered by Reason Core Security