ff.conduit-download.com

Conduit LTD.

Domain Information

The domain ff.conduit-download.com registered by Conduit LTD. was initially registered in June of 2009 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Sunday, June 07, 2009

Expires date:
Tuesday, June 07, 2016

Updated date:
Tuesday, February 02, 2016

ASN:
AS16625 AKAMAI-ASN1 Akamai Technologies European AS

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.1611.Conduit.K, PUP.1717.Conduit.I, PUP.1809.Conduit.J, PUP.1714.Conduit.H, PUP.18014.Conduit.H, PUP.1717.Bundler.Conduit, Threat.Conduit.1717.Bundler, PUP.Conduit.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.Conduit.A
75.00%

Trend Micro House Call
TROJ_GEN.F47V0814, TROJ_GEN.F47V1002, TROJ_GEN.F47V1024, TROJ_GEN.F47V0927, TROJ_GEN.F47V1003, TROJ_GEN.F47V1012, Suspici.B731731B
75.00%

Dr.Web
Adware.BGuard.15, Adware.Conduit.6, Adware.Conduit.278
75.00%

VIPRE Antivirus
Conduit, Threat.4786236, Trojan.Win32.Generic!SB.0
75.00%

Kingsoft AntiVirus
Win32.HeurC.KVM099.a.(kcloud), VIRUS_UNKNOWN
66.67%

Boost by Reason
Adware.1611.Conduit.K, Optional.Conduit.H
33.33%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen
25.00%

G Data
Win32.Application.ConduitBrothersoftTB, Win32.Adware.Conduit
16.67%

NANO AntiVirus
Riskware.Win32.BGuard.csnycu, Trojan.Win32.BGuard.csnycu
16.67%

Panda Antivirus
PUP/Conduit.A
16.67%

ESET NOD32
Win32/Conduit.SearchProtect.N potentially unwanted application
8.33%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
8.33%

Bkav FE
W32.HfsAdware
8.33%

Quick Heal
PUA.MSJDGBTIR.OD5
8.33%

The domain ff.conduit-download.com has been seen to resolve to the following 3 IP addresses.

April 5, 2016

a23-66-205-165.deploy.static.akamaitechnologies.com
February 7, 2014

a23-10-237-165.deploy.static.akamaitechnologies.com
December 26, 2013

File downloads found at URLs served by ff.conduit-download.com.

6 / 68      (PUP)
http://ff.conduit-download.com/44/326/CT3267244/Downloads/Firefox/Releases/10.20.1.8/.../systweak.exe  (7f9a0c23b671fc44f076e56a2f092c773d8e18c0e220081188aac5a3d1134e0b)

URL:
http://ff.conduit-download.com/

SSL certificate subject:
CN=*.conduit-download.com, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
Microsoft-IIS/7.5 (ASP.NET)