home

ff.conduit-download.com

Conduit LTD.

Domain Information

The domain ff.conduit-download.com registered by Conduit LTD. was initially registered in June of 2009 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Cambridge, Massachusetts within the United States which resides on the Akamai Technologies, Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
Massachusetts, United States (US)

Create date:
Sunday, June 7, 2009

Expires date:
Tuesday, June 7, 2016

Updated date:
Tuesday, February 2, 2016

ASN:
AS16625 AKAMAI-ASN1 Akamai Technologies European AS

Root domain:
conduit-download.com

Whois:
2 conduit-download.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.1611.Conduit.K, PUP.1717.Conduit.I, PUP.1809.Conduit.J, PUP.1714.Conduit.H, PUP.18014.Conduit.H, PUP.1717.Bundler.Conduit, Threat.Conduit.1717.Bundler, PUP.Conduit.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.Conduit.A
75.00%

Trend Micro House Call
TROJ_GEN.F47V0814, TROJ_GEN.F47V1002, TROJ_GEN.F47V1024, TROJ_GEN.F47V0927, TROJ_GEN.F47V1003, TROJ_GEN.F47V1012, Suspici.B731731B
75.00%

Dr.Web
Adware.BGuard.15, Adware.Conduit.6, Adware.Conduit.278
75.00%

VIPRE Antivirus
Conduit, Threat.4786236, Trojan.Win32.Generic!SB.0
75.00%

Boost by Reason
Adware.1611.Conduit.K, Optional.Conduit.H
33.33%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen
25.00%

G Data
Win32.Application.ConduitBrothersoftTB, Win32.Adware.Conduit
16.67%

NANO AntiVirus
Riskware.Win32.BGuard.csnycu, Trojan.Win32.BGuard.csnycu
16.67%

Panda Antivirus
PUP/Conduit.A
16.67%

ESET NOD32
Win32/Conduit.SearchProtect.N potentially unwanted application
8.33%

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
8.33%

Bkav FE
W32.HfsAdware
8.33%

Quick Heal
PUA.MSJDGBTIR.OD5
8.33%

K7 AntiVirus
Unwanted-Program
8.33%

The domain ff.conduit-download.com has been seen to resolve to the following 3 IP addresses.

199.101.115.99
April 5, 2016

23.66.205.165
a23-66-205-165.deploy.static.akamaitechnologies.com
February 7, 2014

23.10.237.165
a23-10-237-165.deploy.static.akamaitechnologies.com
December 26, 2013

File downloads found at URLs served by ff.conduit-download.com.

5 / 68      (PUP)
http://ff.conduit-download.com/12/331/CT3314312/Downloads/Firefox/Releases/10.20.3.20/.../sweetpacks_a5.exe  (fflogic.exe)

6 / 68      (PUP)
http://ff.conduit-download.com/12/327/CT3279412/Downloads/Firefox/Releases/10.21.1.7/.../appbario13.exe  (fflogic.exe)

1 / 68      (PUP)
http://ff.conduit-download.com/48/326/CT3266648/Downloads/Firefox/Releases/10.21.1.7/.../protected2.exe  (fflogic.exe)

8 / 68      (PUP)
http://ff.conduit-download.com/59/175/CT1750559/Downloads/Firefox/Releases/10.21.1.7/.../bs_player_controlbar.exe  (fflogic.exe)

7 / 68      (PUP)
http://ff.conduit-download.com/67/328/CT3281067/Downloads/Firefox/Releases/10.20.1.8/.../hotmp3.exe  (fflogic.exe)

14 / 68    (PUP)
http://ff.conduit-download.com/27/331/CT3317127/Downloads/Firefox/Releases/10.20.1.8/.../whitesmoke_new_v.13.exe  (fflogic.exe)

5 / 68      (PUP)
http://ff.conduit-download.com/44/326/CT3267244/Downloads/Firefox/Releases/10.20.1.8/.../systweak.exe  (7f9a0c23b671fc44f076e56a2f092c773d8e18c0e220081188aac5a3d1134e0b)

7 / 68      (PUP)
http://ff.conduit-download.com/12/327/CT3279412/Downloads/Firefox/Releases/10.20.1.8/.../appbario13.exe  (fflogic.exe)

7 / 68      (PUP)
http://ff.conduit-download.com/63/328/CT3289663/Downloads/Firefox/Releases/10.20.1.8/.../internethelper3.1.exe  (fflogic.exe)

6 / 68      (PUP)
http://ff.conduit-download.com/5/330/CT3305605/Downloads/Firefox/Releases/3.19.0.1/.../keybar_1.15.exe  (8c8ec2fdd302ab84f31b19e6c5ce0b3e)

1 / 68      (PUP)
http://ff.conduit-download.com/91/326/ct3261691/downloads/firefox/releases/10.21.0.17/.../lior4prod.exe  (9d6f2f93da629d21b0db9b9d4619875d)

1 / 68      (PUP)
http://ff.conduit-download.com/51/326/ct3268951/downloads/firefox/releases/10.20.1.8/.../xpemode3.exe  (4c0250a23d64318bff6b40969651553a)

URL:
http://ff.conduit-download.com/

SSL certificate subject:
CN=*.conduit-download.com, OU=Domain Control Validated

SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."

Web server:
Microsoft-IIS/7.5 (ASP.NET)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.