cdn.systweak.com

SYSTWEAK INC

Domain Information

The domain cdn.systweak.com registered by SYSTWEAK INC was initially registered in September of 2001 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Limelight Networks, Inc. network.
Remove Malware from cdn.systweak.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Friday, September 28, 2001

Expires date:
Wednesday, September 28, 2022

Updated date:
Monday, July 29, 2013

ASN:
AS22822 LLNW-AS Limelight Networks, INC. proxy AS object

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.SystweakSoftware.V, PUP.Optional.Installer.c, PUP.Optional.SystweakSoftware.f, PUP.Optional.SystweakSoftware.FF, PUP.ThePhoneSupportPvt.Y, Win32.Generic.Systweak.Installer.Meta, PUP.Systweak.Optional.Installer.Meta (L)
96.30%

Dr.Web
Program.Unwanted.31, Program.Unwanted.39, Program.Unwanted.74, riskware program Program.Unwanted.290, is riskware program Program.Unwanted.31
51.85%

G Data
Win32.Application.RegCleanPro, Win32.Application.SysTweak, Win32.Application.Speedup
29.63%

K7 Gateway Antivirus
Trojan , Adware , Unwanted-Program
22.22%

ESET NOD32
Win32/Systweak, Win32/MyPCBackup, Win32/Toolbar.Conduit, Win32/Systweak (variant), MSIL/AdvancedSystemProtector
18.52%

Trend Micro House Call
TROJ_GEN.F47V0519, Suspicious_GEN.F47V0618, Suspicious_GEN.F47V0821, TROJ_GEN.F47V0415
18.52%

Sophos
Registry Cleaner, PUA 'Install Core Click run software'
14.81%

Malwarebytes
PUP.Optional.RegCleanerPro
11.11%

McAfee
Artemis!5B8E73834AD1, Artemis!017674A597B8, Artemis!C12875486127
11.11%

McAfee Web Gateway
Artemis!5B8E73834AD1, Artemis!017674A597B8
11.11%

Bkav FE
W32.Clod203.Trojan, W32.HfsAdware
11.11%

K7 AntiVirus
Adware , Unwanted-Program
11.11%

ESET NOD32
MSIL/AdvancedSystemProtector.F potentially unwanted application, Win32/Systweak.N potentially unwanted application, Detection.Undefined
11.11%

AVG
Systweak, Generic
7.41%

NANO AntiVirus
Trojan.Win32.Systweak.dgyrzm, Trojan.Win32.FakeAV.dttgwh
7.41%

The domain cdn.systweak.com has been seen to resolve to the following 11 IP addresses.

October 29, 2015

October 29, 2015

October 20, 2015

October 20, 2015

October 20, 2015

October 20, 2015

October 20, 2015

cdn-208-111-161-254.iad.llnw.net
April 4, 2014

cdn-208-111-160-6.iad.llnw.net
April 4, 2014

December 18, 2013

December 18, 2013

File downloads found at URLs served by cdn.systweak.com.

1 / 68      (Malware)

1 / 68      (inconclusive)
http://cdn.systweak.com/.../tamsp_20090517155999291.exe  (0484edaa4a3deadaaa364b9427c4144d)

1 / 68      (PUP)

5 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

3 / 68      (PUP)

1 / 68      (PUP)

2 / 68      (PUP)

4 / 68      (PUP)

6 / 68      (PUP)

1 / 68      (Malware)

4 / 68      (PUP)
http://cdn.systweak.com/downloads/.../supportdocktps.exe  (341e48c527b0cfcefa1bcf449ec0bfdc)

2 / 68      (PUP)

3 / 68      (PUP)

4 / 68      (PUP)

1 / 68      (Malware)

4 / 68      (PUP)

10 / 68    (PUP)

1 / 68      (Malware)

4 / 68      (PUP)

10 / 68    (PUP)

6 / 68      (PUP)

2 / 68      (PUP)

3 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcp_ntb_ad_27859_cpntb1.exe  (rcpafterdownloadcp_ntb_ad_7895_cpntb1.exe)

4 / 68      (PUP)

6 / 68      (PUP)
http://cdn.systweak.com/downloads/.../aso3setup.exe  (c1287548612731548a826f264dbe5d7e)

3 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcp_ntb_ad_6434_cpntb1.exe  (rcpafterdownloadcp_ntb_ad_7895_cpntb1.exe)

2 / 68      (PUP)

2 / 68      (PUP)

 
Latest 30 of 870 download URLs

The following 29 files have been seen to comunicate with cdn.systweak.com in live environments.

 
Latest 20 of 44 files

URL:
http://cdn.systweak.com/

SSL certificate subject:
CN=ssl311517.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Compete.com:
US visitors:  78,055

Statistics are for the previous month.

Remove Malware from cdn.systweak.com - Powered by Reason Core Security