home

secureclientdownload.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain secureclientdownload.com is registered by proxy through GODADDY.COM, LLC and was originally registered in January of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the OVH Hosting, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Quebec, Canada (CA)

Create date:
Friday, January 18, 2013

Expires date:
Wednesday, January 18, 2017

Updated date:
Thursday, April 30, 2015

ASN:
AS16276 OVH OVH SAS,FR

Whois:
1 secureclientdownload.com record

Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Dr.Web
Adware.Toolbar.146, Threat.Undefined, Adware.Pirrit.11
90.00%

AVG
Downloader, Generic_c
80.00%

VIPRE Antivirus
Babylon, Threat.4150696, Trojan.Win32.Generic, Kreapixel Network, MSIL.Adware.WinuSecu
70.00%

avast!
Adware-gen [Adw], Win32:Adware-gen [Adw], Win32:Adware-CKQ [Adw]
70.00%

Bitdefender
Trojan.GenericKD.2168988, Adware.Agent.PKQ, Application.Generic.1211299
70.00%

Sophos
Mal/Generic-S, Generic PUA LL, Generic PUA DK, Generic PUA PB (PUA)
70.00%

G Data
Trojan.GenericKD.2168988, Adware.Agent.PKQ, Application.Generic.1211299
70.00%

Panda Antivirus
Generic Suspicious, Trj/CI.A
70.00%

NANO AntiVirus
Riskware.Win32.WinuSecu.dorctb, Riskware.Win32.WinuSecu.dorcsy, Riskware.Win32.Pirrit.doolof
70.00%

ESET NOD32
MSIL/Adware.WinuSecu (variant)
70.00%

Emsisoft Anti-Malware
Trojan.GenericKD.2168988, Adware.Agent.PKQ
60.00%

Kaspersky
Trojan-Dropper.MSIL.Agent
60.00%

MicroWorld eScan
Trojan.GenericKD.2168988, Adware.Agent.PKQ, Application.Generic.1211299
60.00%

F-Secure
Trojan.GenericKD.2168988, Adware.Agent.PKQ
60.00%

Avira AntiVirus
TR/Rogue.528438, ADWARE/WinuSecu.10240, PUA/InstallCore.Gen7, ADWARE/WinuSecu.528436, TR/Agent.558775
60.00%

The domain secureclientdownload.com has been seen to resolve to the following IP address.

192.99.47.139
ns517839.ip-192-99-47.net
August 17, 2015

File downloads found at URLs served by secureclientdownload.com.

8 / 68      (Adware)
http://secureclientdownload.com/.../DeltaTB.exe  (3d7cdc3e67a97110321bf7453c649b1f)

1 / 68      (PUP)
http://secureclientdownload.com/.../dl.php?l=yelsmanager&telecharger=Webplayer  (webplayer.exe)

1 / 68      (Adware)
http://secureclientdownload.com/.../webplayerRemote.exe  (8f2495b519c52a11de8cf2268c708090)

23 / 68    (PUP)
http://secureclientdownload.com/.../webplayer_remote.exe  (4ff4da8435601ad7fee24888075289f2)

16 / 68    (PUP)
http://secureclientdownload.com/3/.../webplayer_remote.exe  (1359158256.exe)

28 / 68    (PUP)
http://secureclientdownload.com/3/.../webplayer_remote.exe  (58.exe)

54 / 68    (PUP)
http://secureclientdownload.com/3/.../webplayer_remote.exe  (setup.exe)

8 / 68      (PUP)
http://secureclientdownload.com/.../webplayer_remote.exe  (7599684402.exe)

0 / 68
http://secureclientdownload.com/fix.exe  (0babf39aca550cc3fd43ff274a8112ef)

26 / 68    (PUP)
http://secureclientdownload.com/fix.exe  (windows_update_2.exe)

18 / 68    (Adware)
http://secureclientdownload.com/4/.../webplayer_remote.exe  (ad66d82d02bcc83e7063447b0256d6c3)

URL:
http://secureclientdownload.com/

Web server:
Apache/2.4.10 (Debian)

illyx.com

secureddl.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.