home

dl.keniu.com

ShellInternet

Domain Information

The domain dl.keniu.com registered by ShellInternet was initially registered in June of 2007 through ENAME TECHNOLOGY CO., LTD.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Shenyang, Liaoning within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Liaoning, China (CN)

Create date:
Tuesday, June 19, 2007

Expires date:
Monday, June 19, 2023

Updated date:
Tuesday, April 28, 2015

ASN:
AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone,CN

Root domain:
keniu.com

Whois:
1 keniu.com record

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Quick Heal
AdWare.Agent.r4 (Not a Virus)
100.00%

K7 AntiVirus
Riskware
100.00%

Clam AntiVirus
Win.Adware.Agent-46430
100.00%

Kaspersky
not-a-virus:AdWare.Win32.Agent
100.00%

NANO AntiVirus
Trojan.Win32.Graybird.bopyje
100.00%

Dr.Web
Trojan.MulDrop4.2043
100.00%

Vba32 AntiVirus
AdWare.Agent
100.00%

The domain dl.keniu.com has been seen to resolve to the following 2 IP addresses.

222.163.199.73
73.199.163.222.adsl-pool.jlccptt.net.cn
July 6, 2016

218.60.47.145
cncln.online.ln.cn
July 6, 2016

File downloads found at URLs served by dl.keniu.com.

7 / 68      (PUP)
http://dl.keniu.com/conew_setup.exe  (可牛影像v2.7.1.exe)

The following file have been seen to comunicate with dl.keniu.com in live environments.

TCP » 222.163.199.73:80
Client.exe

URL:
http://dl.keniu.com/

Google Analytics:
UA-19321675

Title:
“很抱歉,您要访问的页面不存在!”

Web server:
kws

35go.net

conew.com

duba.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.