home

cdn.systweak.com

WHOIS PRIVACY PROTECTION SERVICE, INC.  (Proxy Registrant)

Domain Information

The domain cdn.systweak.com is registered by proxy through ENOM, INC. and was originally registered in September of 2001. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dulles, Virginia within the United States which resides on the Limelight Networks, Inc. network.
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Friday, September 28, 2001

Expires date:
Sunday, September 28, 2025

Updated date:
Monday, March 28, 2016

ASN:
AS22822 LLNW-AS Limelight Networks, INC. proxy AS object

Root domain:
systweak.com

Whois:
3 systweak.com records

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Systweak.Installer.Meta (L), PUP.Systweak.ThePhone.Installer.Meta (L), PUP.Systweak (L), PUP.TuneUpPro.Optional (L), PUP.Systweak.SUPERTUN.Installer.Meta (M), PUP.SysTweak.Installer.Meta (L)
100.00%

ESET NOD32
Win32/Systweak.A potentially unwanted application
3.03%

The domain cdn.systweak.com has been seen to resolve to the following 11 IP addresses.

104.20.65.202
October 29, 2015

104.20.66.202
October 29, 2015

104.20.13.98
October 20, 2015

104.20.12.98
October 20, 2015

104.20.11.98
October 20, 2015

104.20.10.98
October 20, 2015

104.20.14.98
October 20, 2015

208.111.161.254
cdn-208-111-161-254.iad.llnw.net
April 4, 2014

208.111.160.6
cdn-208-111-160-6.iad.llnw.net
April 4, 2014

208.111.128.6
December 18, 2013

208.111.128.7
December 18, 2013

File downloads found at URLs served by cdn.systweak.com.

1 / 68      (PUP)
http://cdn.systweak.com/downloads/.../supportdocktps.exe  (bf594451436c6fa6f91b0f52a1b97c09)

1 / 68      (PUP)
http://cdn.systweak.com/.../afosetup_xpi.exe  (afosetup_apk.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tall_070802395120741198.exe  (tall_060808123451261407.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcp_ntb_ad_6348_cpntb1.exe  (1dae89090fd71c1473fcdda9ceb314ea)

0 / 68
http://cdn.systweak.com/downloads/.../rcpsetup_softonic_new_es_pd_new.exe  (8824a56ce9db9e232c48bbedd985a0d8)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpsetupst_RC1_MX_L_1.exe  (80af77e619547622c7a6d098b66e5c79)

1 / 68      (PUP)
http://cdn.systweak.com/.../afosetup_Torrent.exe  (e33bed9e70ffba72fe19443cfa915cb4)

1 / 68      (PUP)
http://cdn.systweak.com/runcamps/.../rcpsp_17070620043126907.exe  (rcpsp_190705320498911147.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcm_ad_17499_cm2.exe  (rcpafterdownloadcm_ad_21310_cm2.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../aspsetupnlg_nl_aspconf_rb_es-nl_aspconf_rb_es_8mar.exe  (aspsetupnlg_nlsg_aspcompshrt_en-nlsg_aspcompshrt_en_21jan.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcp_ntb_ad_7893_cpntb1.exe  (rcpafterdownloadcp_ntb_ad_7895_cpntb1.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcp_ntb_ad_7890_cpntb1.exe  (rcpafterdownloadcp_ntb_ad_7895_cpntb1.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../dpfsetupnlg_nl_dpfwc_rb_en_13jan.exe  (7c78f10446d99c017b646c72f158291b)

1 / 68      (PUP)
http://cdn.systweak.com/.../tall_290807152881673761.exe  (tall_220808051742610329.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../regclean_my439491.exe  (2a246eb93defc2c1d3dc20680c14e466)

1 / 68      (PUP)
http://cdn.systweak.com/.../afosetup_MP3.exe  (afosetup_jar.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tamsp_080903022133649674.exe  (tamsp_230802061015663639.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpafterdownloadcp_ntb_ad_10580_cpntb2.exe  (rcpafterdownloadcp_ntb_ad_7895_cpntb1.exe)

1 / 68      (PUP)
http://cdn.systweak.com/runcamps/.../rcp_040701354860180135.exe  (rcp_030712332493598172.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpsetupdsnr_ds0.exe  (rcpsetupdsnr_ds455311011.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../rcpsetupst_RC1_MX_F_1.exe  (rcpsetupst_rc1_zz_l_1.exe)

1 / 68      (PUP)
http://cdn.systweak.com/runcamps/.../rcp_030708331901397235.exe  (rcp_030712332493598172.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tamsp_140804161348835629.exe  (tamsp_070809485989317493.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../afosetup_RAR.exe  (afosetup_7z.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tall_250803134486473762.exe  (tall_220808051742610329.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tamnsp_030909372419416692.exe  (tamnsp_210811501376519837.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tamsp_2108113059973829.exe  (tamsp_230802061015663639.exe)

1 / 68      (PUP)
http://cdn.systweak.com/.../tupp25044_ES.exe  (tupp25044_nl.exe)

1 / 68      (PUP)
http://cdn.systweak.com/runcamps/.../rcp_300707313364865559.exe  (rcp_200703480315654393.exe)

2 / 68      (PUP)
http://cdn.systweak.com/downloads/.../rcpsetup1_dcomnew_sec_728_dcomnew_sec_728.exe  (6f6ec754341fbad49ec87b7b094a0f01)

 
Latest 30 of 1,040 download URLs

The following 150 files have been seen to comunicate with cdn.systweak.com in live environments.

TCP » 208.111.161.254:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.160.6:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.128.6:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.128.7:80
AppVerifierapc.exe (AppApcVerifier)

TCP » 208.111.128.7:80
k9pcp.exe (k9pcp by K9Tools)

TCP » 208.111.161.254:80
crossbrowse.exe (Crossbrowse)

TCP » 208.111.128.7:80
Patcher.exe (Audition Patcher by Axeso5.com)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.128.6:80
sysmon.exe (SysMon)

TCP » 208.111.128.6:80
pcsp.exe (PC Speedup Pro by pcspeeduppro.com)

TCP » 208.111.161.254:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 208.111.128.7:80
sysmon.exe (SysMon)

TCP » 208.111.128.6:80
asc.exe (Advance-System Care by advancedpctools.com)

TCP » 208.111.128.7:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.161.254:80
browserairexec.exe (BrowserAir by Goobzo)

TCP » 208.111.128.6:80
Patcher.exe (Audition Patcher by Axeso5.com)

TCP » 208.111.160.6:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 208.111.160.6:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 208.111.128.7:80
AdvancedSystemProtector.exe (ASP)

TCP » 208.111.160.6:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 292 files

URL:
http://cdn.systweak.com/

SSL certificate subject:
CN=ssl311517.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.