home

9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com

Client Connect Ltd.

Domain Information

The domain 9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com registered by Client Connect Ltd. was initially registered in October of 2014 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Mateo, California within the United States which resides on the Conduit USA, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Tuesday, October 28, 2014

Expires date:
Monday, January 1, 2018

Updated date:
Tuesday, January 6, 2015

ASN:
AS56473 CONDUIT-NL Conduit Connect B.V.

Root domain:
adirectdownload-about.com

Whois:
1 adirectdownload-about.com record

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Bundler.Perion.Conduit, PUP.Conduit.Installer, PUP.Conduit.ClientCo.Installer (M)
100.00%

VIPRE Antivirus
Threat.4150696, Threat.4786236, Conduit, Trojan.Win32.Generic
85.71%

Dr.Web
Adware.Conduit.87, Adware.Conduit.342
85.71%

avast!
Adware-BRM [PUP], Win32:Adware-BRM [PUP]
85.71%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
85.71%

G Data
Application.Generic.1105675, Win32.Application.ClientConnectConduitDL
85.71%

AVG
Generic
85.71%

Qihoo 360 Security
Win32/Virus.WebToolbar.8f1, HEUR/QVM30.1.Malware.Gen
85.71%

MicroWorld eScan
Application.Generic.1105675
57.14%

Malwarebytes
PUP.Optional.ClientConnect
57.14%

Zillya! Antivirus
Adware.Agent.Win32.40487
57.14%

K7 AntiVirus
Trojan
57.14%

NANO AntiVirus
Trojan.Win32.ClientConnect.deinfe
57.14%

Trend Micro House Call
Suspici.83CCD372, Suspicious_GEN.F47V0218, Suspicious_GEN.F47V0213
57.14%

Bitdefender
Application.Generic.1105675
57.14%

The domain 9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com has been seen to resolve to the following IP address.

199.101.114.77
February 25, 2015

File downloads found at URLs served by 9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com.

18 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567346550335332&CID=11521&PPD=1434,148123,20N9RD3d4cl6HKfa0RdvVY1ylIaM000.,,,,spgc-de,,,player.url2qr.org&FID=102b8046ff4700a97d53c5e130fe95&InstallSessionID=15235673465503353321155854  (3e456b187b1b04359d17056405d5a2da90ddb7ae8a50fa8bd37293bc7e0fc29d)

1 / 68      (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567357635803968&CID=11439&PPD=1434,148123,20IIYz0FVmQoQX9M0rj7.F1ymq9F000.,,,,spgc2,,,player.url2qr.org&FID=102d56d7cf2a734d9e484aee51ff73&InstallSessionID=1523567357635803968016514  (Setup.exe)

21 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567356405859588&CID=11521&PPD=1434,148123,20N9RD1mCNOwzNTn2AkxAh1ymlin000.,,,,spgc-de,,,player.url2qr.org&FID=102ac8ec9c6b56beaf387ee2cb0c59&InstallSessionID=1523567356405859588184819137  (sweetplayer_tsv65ostq.exe)

18 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567364203582124&CID=11439&PPD=1434,148123,20IIYz4sArzB967J1iEPgP1ymQe2000.,,,,spgc2,,,player.url2qr.org&FID=1026f33f893762c637733a06b902d6&InstallSessionID=152356736420358212435122614  (sweetplayer_tsv65pf41.exe)

21 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567356733615028&CID=11439&PPD=1434,148123,20IIYz0z64Jz.UvS1jQNyr1ymmvG000.,,,,spgc2,,,player.url2qr.org&FID=10248f1922bce1b6a2fb6e0b1d9835&InstallSessionID=1523567356733615028201140434  (sweetplayer_tsv65ostq.exe)

15 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567352396012912&CID=11130&PPD=1434,122991,20ygEp1STRQx93UJ3w9k3f1ym5ns000.,,,,spgc2,,,player.url2qr.org&FID=10257f38b8fc53b9151ae8c86fefdf&InstallSessionID=152356735239601291214833550  (sweetplayervoom_tsv65oju6.exe)

15 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567354579384876&CID=11130&PPD=1434,148123,20Q4yn1Fv13ItKfh3w9k3f1yme1o000.,,,,spgc2,,,player.url2qr.org&FID=102aa64c3a0df9f22f4b8fb52a39a8&InstallSessionID=152356735457938487611348598  (sweetplayervoom_tsv65oobj.exe)

20 / 68    (Adware)
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/Default.ashx?EnvironmentID=1&PUID=1523567348988826372&CID=11648&PPD={place_holder1},{place_holder2},{place_holder3},,,,spgc2,,,player.url2qr.org&FID={transaction_id}&InstallSessionID=152356734898882637211224319  (sweetplayer_tsa28sgos.exe)

URL:
http://9dd24fe94ffb4209b1f6d39e34f9bb38.d.adirectdownload-about.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET)

bondemand-about.com

branch-h-drive.com

branch-pathdrivek.com

cdirectdownload-about.com

conduit-services.com

dmccint.com

eondemand-about.com

istoragedownload-about.com

jstoragedownload-about.com

mirorserver-k-drive.com

serverfiles-drivek.com

setuping-onlinedrive.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.