home

g.co.il

Domain Information

Server location:
Hefa, Israel (IL)

ASN:
AS9116 GOLDENLINES-ASN 012 Smile Communications Main Autonomous System, IL

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Conduit.G, PUP.Conduit.Installer, PUP.Conduit.ClientCo.Installer (M), PUP.Conduit (M)
100.00%

Dr.Web
Adware.Downware.988, Adware.Conduit.6, Trojan.PWS.Stealer.13174
23.08%

McAfee
Artemis!EF72B22F2079, Artemis!64009EBDA197
15.38%

Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.ClientConnect
15.38%

Trend Micro House Call
TROJ_GEN.F47V0913, Suspicious_GEN.F47V0926
15.38%

VIPRE Antivirus
Conduit
15.38%

ESET NOD32
Win32/OpenCandy, Win32/ClientConnect (variant)
15.38%

herdProtect (fuzzy)
a variant of 3f02e64aa553c1fa7975021f22eebb058042e086
7.69%

K7 AntiVirus
Unwanted-Program
7.69%

NANO AntiVirus
Riskware.Win32.Conduit.dbqqxi
7.69%

Total Defense
Win32/Tnega.ALHeNWC
7.69%

avast!
Win32:Adware-BRM [PUP]
7.69%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
7.69%

Agnitum Outpost
PUA.Toolbar.Conduit
7.69%

Zillya! Antivirus
Adware.Agent.Win32.9634
7.69%

The domain g.co.il has been seen to resolve to the following 2 IP addresses.

80.179.5.88
80.179.5.88.static.012.net.il
July 14, 2016

62.128.59.38
62.128.59.38.static.hosting.spd.co.il
April 26, 2014

File downloads found at URLs served by g.co.il.

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

20 / 68    (Adware)
http://g.co.il/playnow.php  (970960bb6ad0695fc57cae8c714a30101461abf725f21f4d139d5c095926103e)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

1 / 68      (Adware)
http://g.co.il/playnow.php  (tb_Radio_G_b.exe)

7 / 68      (PUP)
http://g.co.il/playnow.php  (radiog.exe)

3 / 68      (PUP)
http://g.co.il/playnow.php  (radiog.exe)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.