home

www.clearpresentguard.com

Domain Information

Server location:
Oregon, United States (US)

ASN:
AS16509 AMAZON-02 - Amazon.com, Inc., US

Root domain:
clearpresentguard.com

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.InstallCore.AC.Installer (M), PUP.InstallCore.AC (M)
100.00%

The domain www.clearpresentguard.com has been seen to resolve to the following 10 IP addresses.

52.36.112.186
ec2-52-36-112-186.us-west-2.compute.amazonaws.com
August 29, 2016

52.10.159.134
ec2-52-10-159-134.us-west-2.compute.amazonaws.com
July 30, 2016

54.69.198.37
ec2-54-69-198-37.us-west-2.compute.amazonaws.com
July 30, 2016

52.41.114.34
ec2-52-41-114-34.us-west-2.compute.amazonaws.com
July 30, 2016

52.38.209.219
ec2-52-38-209-219.us-west-2.compute.amazonaws.com
July 30, 2016

52.33.46.229
ec2-52-33-46-229.us-west-2.compute.amazonaws.com
July 30, 2016

52.24.26.116
ec2-52-24-26-116.us-west-2.compute.amazonaws.com
July 30, 2016

54.200.224.121
ec2-54-200-224-121.us-west-2.compute.amazonaws.com
July 30, 2016

54.148.183.210
ec2-54-148-183-210.us-west-2.compute.amazonaws.com
July 30, 2016

54.148.57.212
ec2-54-148-57-212.us-west-2.compute.amazonaws.com
July 30, 2016

File downloads found at URLs served by www.clearpresentguard.com.

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=ivUA6gvH92Um6dRfV2l/LXEXb6rDOEgaLEbI2LDz5k8=&c=KUj1TL5DTo3fxxyL hBScksa JALJnDy4e1qlkeIaXol7xZof8aTO0zW e5IHG4sEVoJAGcrLhUDH6B Q/Fbzqxi9lXPCXatRtAjr1tw7kMgO87KPGKd30ylyAo6nwa&downloadAs=rajabagicom_NaturalR.exe&fallback_url=https://s03.solidfilesusercontent.com/NzlhMzFlZDhjYTFjZjg3YWU0MzI2OGJiY2I0ZTQ2NmVmOTFiNzMwZjoxYksxSGI6YnZ2ejNNSkxadGg3c2YtSHdVX213TXlockFR/.../[rajabagi.com]_NaturalReader_Professional_v14.0.5771.22311_FINAL_ _Serials.rar  (41033469e40b2c1d993e00bbddd2c6c7)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=FWF82WptLTZ1htW6B1 j1m37xLZerIvWuatbmid3n1A=&c=FqIFF8xDq008AAFmWHoEIgIg MltCm zPtUhahktaeNDf7X6NtVSmzbO9Cf2LQzy2reiN7mVD/lkxFBQ00BaciXbTnCcVIxient2lfagq4hWpcuGhvyDWxd1k9hbdelz&downloadAs=setup.exe&fallback_url=http://.../setup1.19.exe  (61f5fa21c117ff6ad30dc298ed8dd2a8)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=iPMWpw9nItAw74mDjOvQJGVfsHyZLp47OVhCalY 0AU=&c=didR B3rs/8wO4ZKprQbFBY1ZGA2GXj15ZnusVV PGb15eBcE7kUt8RxyuwTRfGFxkBnJd/NUcBDm8RLuLwOIa0qFefGY95CM/1L4YNHh62LEWjWsxhF7fcVX S5q5sC&downloadAs=Birthday_song.exe&fallback_url=http://.../get.php?file=549263dc&m3  (8518b5db9e8874c30957813e7e1e6598)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=g2kPzXQaIx84V0 iDh5jxHC3/trExGCknQ cxWzqiiA=&c=dhCU8/5MettZZqqyrSv7yx0yfjnmDt1is57MQ5/FmzSzzRx3L5rrLW0tMRYsF6 FL4vDtol3A0HpZg1WRcJnB/hk6iTXs21IzPN8JI3vl1sn8LrmXKvbU9zDRWq3VRM4&downloadAs=oploverz_-_RZHS_14_m.exe&fallback_url=https://s01.solidfilesusercontent.com/M2MzNmYwZWJkNWJmNTdiMGJhMjk1YzNmYzQzOTdjYzU1ZjEwMDIzNjoxYkpyV1M6bDZWNzVtOEVjN1VGSS0yTkZ0QThXMWFzR1pF/.../oploverz_-_RZHS_14_[mini]_[D1F65172].mkv  (41c037ab03fa66a700e7ca8f385b3ec1)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=ttCR1g T2XgKe2cSgsNfECzYvShEh/tiuIgnoTTjXL4=&c=3zvWPph/Fjf4Pd evrNmLzbgIUHVEeN4PpwTZigKrXTT/UHWRkArO1NRdm2wJvSLYwZtwHqsrHrJDO3bo6eBCN OhzirxhhpRdOcR7feFo7VtNDyALKF2 gNM8ow8/vT&downloadAs=oploverz_-_RZHS_14_m.exe&fallback_url=https://s03.solidfilesusercontent.com/M2MzNmYwZWJkNWJmNTdiMGJhMjk1YzNmYzQzOTdjYzU1ZjEwMDIzNjoxYkpyV1M6bDZWNzVtOEVjN1VGSS0yTkZ0QThXMWFzR1pF/.../oploverz_-_RZHS_14_[mini]_[D1F65172].mkv  (97801a01f7ca03e8d7013ee525300880)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=LKSjAbhLIKuh8mjvjmZ8alBns0MHrckiOzlihlrHOHo=&c=fwqkQ7bdFrKQeRE51sc/dyXOMt/E/nhdAytPc87nY3ZnfMgrUqObUPTJ7kUBTz5fI1FWiJea10Z2ygvKvjFjP3SRlEFqa04aoUPSORCa70G7 zpqiXPwWDw41t9RAlhD&downloadAs=Baxon-OperationKillP.exe&fallback_url=http://.../get.php?file=d976e105&m3  (dd79f3ca9d76136ac652208c747083c6)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=krUjLBJGUBd4n4c2cu2DPZKlxdR940lJR t8kWT4Tug=&c=81kvX8ZMuVEAGWhZTOUgzZjWNoib71er40ViqATRcrbOjhQpKV17HhZBYzblcnSt3GFZ7By8YhFp9EHkKmx9xjTUyx6LF5PQge1ItITF9b7 etUCMtQ/57ryBQalz5Kg&downloadAs=CitiesSkylines-CODEX.exe&fallback_url=http://.../get.php?file=764fd3f2&m3  (5bd44c1f93634d16268fd1fd67234da6)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=XUcs9X0msEhXAAx1oa2MtoR5LMhWbVKBe2I3Y5pp5vc=&c=rzv4QM9f4LRGUnWBRP3k771hc pe8Gi zIYltMZtiu/tWBTlL2t7FaF3YhPab1wciELMjovUy5vbydKkpWpT0pfvvbaT43lzYuVekJeZhGrq/sYkn6s9MwxUazNFStqL&downloadAs=Nokia_Care_Suite_541.exe&fallback_url=https://s01.solidfilesusercontent.com/YjBlZDRjZTI2YWYwMjU3ZmE2M2MzNDAyYmE3NDQzMmRkNmZmMmM3ZToxYksxQ246Vi1VSnhVRVJmQ1hsblIzdkZ4eDVHQ0F0WF8w/.../Nokia_Care_Suite_5.4.119.1432.zip  (d151452ebdda4e891d5ac3ea424d2782)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=gNiqHNVdPN4asX30VUTCtoFLFiaMnm icJB/Hf5cfLI=&c=rMfID6irQZO4wZlzFFNzcSKX9PPhGxuNiNLrO3BTAESwIUQfTX8K0nHW 6XZpg4proigfH3tW9BoFNguATImDzCuUoatrlC5qb79u4T/0zVDq9AsWSkSh40GtIAMUZZT&downloadAs=SP_Flash_Tool_v31332.exe&fallback_url=https://s03.solidfilesusercontent.com/M2FiODU4MTUyYjRjNmVlYzlkNGY1MDQxYmEyNGM2MjA2MmQxNmQwMToxYkswZ2U6bE82cnFUQUhUWEwxUEctVEl5YlBmbklSc0ZF/.../SP_Flash_Tool_v3.1332.0.187.rar  (e759d779af5f841772c6e0c896fba16c)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=OSy5watAGzE9Mg8YMiz9kUwdFQbvhE7HOGfA/9e56lM=&c=KPBZJzpjpmtXl8sxS6dyYvyksJeogyFV8Zd6FhKCcmscSvy68b1aiI/zTGvoy lN/3MFkMjhDvwGQpDBXXxaYe3K2K6ED8myY4P8mmIdXflHhC/sVdhHCYNEFWmtN8qB&downloadAs=MediaTek_USB_VCOM_dr.exe&fallback_url=https://s03.solidfilesusercontent.com/YzA2Y2VhM2UzZWFiOWE2MGY2ZjcwMTJlYTEwZTkxNjk4NWZjNDIwODoxYkswaGQ6eTJPMmxUMld3NFVxQnNEVEp4RXhiRE1qN1RB/.../MediaTek_USB_VCOM_drivers.rar  (ab9e3d350d1a001f207001c2001ba883)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=Sir4fZjF27zOR BGmTSEHMoIBP66n4BGfRt2XGn77J4=&c=BIyV8FTemIed/mbme/DSbjDJJrC3MkpDQ9vxHjb50hFklf5wOyHWZH63n3yR66MeJXLuESmiU6dfkj3k8Q7rvKEwFLf0V0MPU8zeGxcorMKH6WHjmiiZCY6366pJOyaq&downloadAs=CHHOTA_BHEEMwwwfully.exe&fallback_url=http://.../get.php?file=5ef4fb18&m3  (fe75bf685cd2c53131490e74be893327)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=jaR1g/I4xWVqyFw ZRup2a4YhC1wu6QoSOCuXBDtnyk=&c=law MQXs1KDKn9nGiYymI65Km/sM6EQXqA0QjpappOe0n HTC/16E9/0G1rVo0Gr7tGf3sYHyZX3cdPOjJuMrgATWpLnz6VihQ1lxzcOFj9KadNcXp6qfQcp6vS0Zj3v&downloadAs=Priddy_Ugly_-_My_Swi.exe&fallback_url=http://.../get.php?file=5e9d650c&m3  (3698f2be65cf3c4f214b32a096edfa46)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=ZR1 fNxBtHVGKidOLER7NMFnJFTBSXXux45fuPRZMaE=&c=DXUNTD5IwTt3kpxM2AEc0NqRQXicnZ3K4x2yqsO0YlBlkJJlyMEB8cGLb0 vsyXECsuXx1M9Q4CxzCIOqJe6Q23ZHEpaHYR7CJ3AYTVgnPsFa2Psj7GhN fYF KBym96&downloadAs=Pattern_Password_dis.exe&fallback_url=http://.../get.php?file=a76f64ff&m3  (8901138b6c3f3fb6f1ba177130eff85f)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=G1L7P5BQjtlx7FOEkueXIzmV8Bp68g5UwVJU/vbCYjw=&c=DfHeSA/ZdHrqnnAtYIRL5boZKFs/F1t Kyg8oX3I19cu5Nz0nEXq/B62AFuwJ5nteyFXU79aB8Gh6mst9O0OooiVh86mF0N5DweMvzwT0xBt7cE7sIYdwz6zlg9yKm i&downloadAs=Raymond_ndash_Jikata.exe&fallback_url=http://.../get.php?file=bf543fc6&m3  (d59446f8ef0bbd6d4b1f0f7b0a37a766)

1 / 68      (Adware)
http://www.clearpresentguard.com/c?x=HLSeMmIeUfu6Dp5NsL901NXI5j0h8P pC9u9VRIXPRE=&c=qyPVrS2witTeQbYT zJEt1Y4RsSvNx8RlKeOK1wury7Z5wSU S8ul9PJbJK5jBtjZBEc0kMRjktBDMzSkgkmC4cImJOnSJxz/ypppFGnks2HSwhYuPsw6eLJGMlgz15e&downloadAs=facebook_pro.exe&fallback_url=http://.../get.php?file=b21fb7ca&m3  (5e2dd81bc49d1fc52ebc65c3cf6ca57e)

The following 36 files have been seen to comunicate with www.clearpresentguard.com in live environments.

TCP » 52.38.209.219:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.33.46.229:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.33.46.229:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 52.38.209.219:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 52.38.209.219:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 52.24.26.116:443
online-guardian-v2.0.9.exe

TCP » 54.200.224.121:80
kometa.exe (Kometa by @COMPANY_FULLNAME@)

TCP » 52.38.209.219:80
browser.exe (Browser)

TCP » 52.33.46.229:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 54.200.224.121:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 54.200.224.121:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 54.200.224.121:80
browser.exe (Browser)

TCP » 52.33.46.229:80
Client.exe

TCP » 54.200.224.121:80
kmplayer_3.8.0.123.exe.exe (The KMPlayer by PandoraTV)

TCP » 52.24.26.116:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 52.24.26.116:443
036629fbd4864725737a8ba8fe7e8cd6.exe

TCP » 52.33.46.229:80
ShopAtHome_BAC_Service.exe (by ShopAtHome.com)

TCP » 52.33.46.229:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

 
Latest 20 of 77 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.