home

ie.conduit-download.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain ie.conduit-download.com is registered by proxy through ENOM, INC. and was originally registered in June of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the MCI Communications Services, Inc. d/b/a Verizon Business network.
Registrar:
ENOM, INC.

Server location:
Illinois, United States (US)

Create date:
Sunday, June 7, 2009

Expires date:
Wednesday, June 7, 2017

Updated date:
Monday, May 9, 2016

ASN:
AS20940 AKAMAI-ASN1 Akamai International B.V.,US

Root domain:
conduit-download.com

Whois:
3 conduit-download.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Toolbar.Conduit.H, PUP.Nana10Toolbar.Conduit.H, PUP.Elf115Toolbar.Conduit.H, PUP.Toolbar.Conduit.L, PUP.VuzeRemoteToolbar.Conduit.H, PUP.FLVRunnerBToolbar.Conduit, PUP.Toolbar.Bundler.Conduit, PUP.Conduit.Toolbar.Bundler, PUP.Conduit.Bundler, PUP.Conduit.Bundler (M), PUP.Conduit.Installer (M), PUP.Conduit (M)
98.00%

Dr.Web
Adware.BGuard.15, Adware.Conduit.6, Adware.Conduit.33, Adware.Conduit.82, Threat.Undefined, Adware.Conduit.278, Adware.Conduit.3
46.00%

VIPRE Antivirus
Conduit, Threat.4786236
44.00%

Malwarebytes
PUP.Optional.Conduit.A
42.00%

NANO AntiVirus
Riskware.Win32.Toolbar.cspetd, Trojan.Win32.BGuard.csnycu, Riskware.Win32.BGuard.csnycu, Trojan.Win32.Toolbar.cspetd, Trojan.Win32.Toolbar.deinxo
38.00%

Comodo Security
Application.Win32.Conduit.~f, Application.Win32.Conduit.~A
38.00%

Panda Antivirus
PUP/Conduit.A, Adware/Conduit
38.00%

Trend Micro House Call
TROJ_GEN.F47V0809, TROJ_GEN.F47V1113, TROJ_GEN.F47V1019, TROJ_GEN.F47V0903, TROJ_GEN.F47V1008, TROJ_GEN.F47V0813, TROJ_GEN.F47V0915
34.00%

Agnitum Outpost
PUA.Toolbar.Conduit
34.00%

ESET NOD32
Win32/Toolbar.Conduit potentially unwanted application, Win32/Conduit.SearchProtect.J potentially unwanted application, Detection.Undefined, Win32/Toolbar.Conduit.B potentially unwanted application
30.00%

Boost by Reason
Optional.Conduit.H
22.00%

G Data
Win32.Application.ConduitBrothersoftTB, Win32.Adware.Conduit, Win32.Trojan.Agent.MFS43O
22.00%

K7 AntiVirus
Unwanted-Program
18.00%

ESET NOD32
Win32/Toolbar.Conduit (variant), Win32/Conduit.SearchProtect
14.00%

McAfee
Artemis!6F413C1D180E, Artemis!34BEA7711604, Artemis!C4AA2772A3E5, Artemis!8182D575C182, Artemis!4E9AC7B4494B, Artemis!B70F6673F7A8
14.00%

The domain ie.conduit-download.com has been seen to resolve to the following 91 IP addresses.

104.96.220.122
a104-96-220-122.deploy.static.akamaitechnologies.com
September 2, 2016

104.96.220.184
a104-96-220-184.deploy.static.akamaitechnologies.com
September 2, 2016

23.50.225.8
a23-50-225-8.deploy.static.akamaitechnologies.com
August 24, 2016

23.219.88.167
a23-219-88-167.deploy.static.akamaitechnologies.com
August 24, 2016

184.29.106.64
a184-29-106-64.deploy.static.akamaitechnologies.com
July 22, 2016

184.29.106.34
a184-29-106-34.deploy.static.akamaitechnologies.com
July 22, 2016

23.15.7.107
a23-15-7-107.deploy.static.akamaitechnologies.com
July 22, 2016

23.15.7.122
a23-15-7-122.deploy.static.akamaitechnologies.com
July 20, 2016

23.15.8.9
a23-15-8-9.deploy.static.akamaitechnologies.com
July 19, 2016

65.158.47.136
June 29, 2016

204.237.142.97
June 8, 2016

204.237.142.106
June 8, 2016

104.96.220.249
a104-96-220-249.deploy.static.akamaitechnologies.com
June 7, 2016

23.220.148.43
a23-220-148-43.deploy.static.akamaitechnologies.com
June 7, 2016

23.220.148.27
a23-220-148-27.deploy.static.akamaitechnologies.com
June 7, 2016

23.220.148.26
a23-220-148-26.deploy.static.akamaitechnologies.com
June 7, 2016

23.15.8.51
a23-15-8-51.deploy.static.akamaitechnologies.com
June 6, 2016

23.15.8.32
a23-15-8-32.deploy.static.akamaitechnologies.com
June 6, 2016

23.15.7.105
a23-15-7-105.deploy.static.akamaitechnologies.com
June 4, 2016

23.15.9.144
a23-15-9-144.deploy.static.akamaitechnologies.com
May 25, 2016

23.15.9.152
a23-15-9-152.deploy.static.akamaitechnologies.com
May 25, 2016

118.214.160.163
a118-214.160-163.deploy.akamaitechnologies.com
May 25, 2016

118.214.160.162
a118-214.160-162.deploy.akamaitechnologies.com
May 25, 2016

96.16.98.8
a96-16-98-8.deploy.akamaitechnologies.com
May 25, 2016

96.16.98.113
a96-16-98-113.deploy.akamaitechnologies.com
May 25, 2016

104.96.221.91
a104-96-221-91.deploy.static.akamaitechnologies.com
May 18, 2016

23.220.148.50
a23-220-148-50.deploy.static.akamaitechnologies.com
May 17, 2016

65.158.47.8
May 17, 2016

65.158.47.9
May 16, 2016

65.158.47.48
May 16, 2016

 
Showing 30 of 91 IP Addresses

File downloads found at URLs served by ie.conduit-download.com.

1 / 68      (inconclusive)
http://ie.conduit-download.com/6/235/CT2357906/Downloads/.../kidstv.exe  (d40c3517b9f8a32ee85cc7bb48c58f08)

1 / 68      (PUP)
http://ie.conduit-download.com/87/278/CT2780387/Downloads/IE/Releases/6.2.2.4/.../isradiobar.exe  (7aad23b84878cc56dc1fedeccabd840e)

1 / 68      (PUP)
http://ie.conduit-download.com/16/142/CT1425416/Downloads/IE/Releases/5.3.7.1/.../Radio_G.exe  (f8e01cf53740aa6043b8c59cb2fb5100)

1 / 68      (PUP)
http://ie.conduit-download.com/85/15/CT151685/Downloads/IE/Releases/5.3.7.1/.../Radio_Israel.exe  (445380853a4ef7c4e933e633595600d0)

1 / 68      (PUP)
http://ie.conduit-download.com/96/154/CT1545496/Downloads/IE/Releases/5.5.0.10/.../israelifm.exe  (927737d475edde0005c973e4e724c68b)

1 / 68      (PUP)
http://ie.conduit-download.com/12/25/CT256412/Downloads/IE/Releases/5.5.0.10/.../Pico.exe  (dd81ce3f6e60a1868663b1ff77bf0e21)

1 / 68      (PUP)
http://ie.conduit-download.com/80/132/CT1320680/Downloads/IE/Releases/6.15.0.27/.../A_Free_Ride_Games_Bar.exe  (a9e633a526fcc118d9eb1dedd345db9e)

10 / 68    (PUP)
http://ie.conduit-download.com/34/331/CT3311834/Downloads/IE/Releases/6.16.1.9/.../Installl_Converter_A.exe  (e985488c40c3be022809c3ce475cbdc652499c280945936f560d1aeacb29271c)

22 / 68    (PUP)
http://ie.conduit-download.com/16/329/CT3293216/Downloads/IE/Releases/6.14.0.27/.../Vgrabber_v1.5.exe  (ielogic.exe)

1 / 68      (PUP)
http://ie.conduit-download.com/57/230/CT2304157/Downloads/IE/Releases/6.8.9.0/.../XfireXO.exe  (ielogic.exe)

1 / 68      (PUP)
http://ie.conduit-download.com/69/241/CT2411669/Downloads/IE/Releases/6.9.0.16/.../TenchisTV.exe  (012172cb2cca1f2ff3ed634e8430b9bf)

1 / 68      (PUP)
http://ie.conduit-download.com/95/286/CT2866295/Downloads/IE/Releases/6.3.0.26/.../Elf_1.15.exe  (e30b036d73f50bfbe5d69c92b403a203)

8 / 68      (PUP)
http://ie.conduit-download.com/43/320/CT3202343/Downloads/IE/Releases/6.10.3.27/.../Nana10.exe  (ielogic.exe)

11 / 68    (PUP)
http://ie.conduit-download.com/11/327/CT3279411/Downloads/IE/Releases/6.14.0.28/.../appbario12.exe  (ielogic.exe)

11 / 68    (PUP)
http://ie.conduit-download.com/22/328/CT3287822/Downloads/IE/Releases/6.15.0.27/.../MixiDJ_V8.exe  (ielogic.exe)

10 / 68    (PUP)
http://ie.conduit-download.com/81/322/CT3227981/Downloads/IE/Releases/6.15.0.27/.../appbario7.exe  (ielogic.exe)

2 / 68      (PUP)
http://ie.conduit-download.com/15/208/CT2088315/Downloads/IE/Releases/6.9.0.16/.../Kepm.exe  (57b85d2d19073f9fadc398e66ce1cf5c)

6 / 68      (PUP)
http://ie.conduit-download.com/98/328/CT3282698/Downloads/IE/Releases/6.17.1.25/.../SweetTunes1.exe  (060efb0eaa93eee9baf57bb43d188a43)

7 / 68      (PUP)
http://ie.conduit-download.com/12/331/CT3314312/Downloads/IE/Releases/6.17.1.25/.../SweetPacks_A5.exe  (ielogic.exe)

9 / 68      (PUP)
http://ie.conduit-download.com/78/236/CT2365378/Downloads/IE/Releases/.../Mako.exe  (ab60480cd8fdbd7e8cdc189b9f35b1b6)

1 / 68      (PUP)
http://ie.conduit-download.com/16/142/CT1425416/Downloads/IE/Releases/6.11.2.6/.../Radio_G.exe  (ielogic.exe)

11 / 68    (PUP)
http://ie.conduit-download.com/22/328/CT3282722/Downloads/IE/Releases/6.14.0.28/.../FreeOnlineRadioPlayerRecorder_V1.exe  (ielogic.exe)

1 / 68      (PUP)
http://ie.conduit-download.com/75/286/CT2867875/Downloads/IE/Releases/6.8.10.0/.../TechComputerModz.exe  (ffe7da96ea27f673c3a0df1db2ae5184)

1 / 68      (PUP)
http://ie.conduit-download.com/9/232/CT2326609/Downloads/IE/Releases/6.8.6.0/.../mystuti.exe  (015c24bbf567e42a9bd633aeb3abb46e)

1 / 68      (PUP)
http://ie.conduit-download.com/44/276/CT2767344/Downloads/IE/Releases/6.1.0.7/.../youngistaan.me.exe  (1da97e01bfd74235631be177d682bf36)

1 / 68      (PUP)
http://ie.conduit-download.com/87/278/CT2780387/Downloads/IE/Releases/6.3.1.12/.../isradiobar.exe  (c01825226eeb825f864334aee982969a)

1 / 68      (PUP)
http://ie.conduit-download.com/43/320/CT3202343/Downloads/IE/Releases/6.12.0.11/.../Nana10.exe  (2a2b039ec59c318408b231911428497c)

1 / 68      (PUP)
http://ie.conduit-download.com/81/329/CT3298581/Downloads/IE/Releases/6.14.0.29/.../MixiDJ_V45.exe  (ielogic.exe)

1 / 68      (PUP)
http://ie.conduit-download.com/37/328/CT3282137/Downloads/IE/Releases/6.10.3.27/.../FLV_Runner_B.exe  (7f2e87098075601e43051c0eaf999cc5)

21 / 68    (PUP)
http://ie.conduit-download.com/67/328/CT3281067/Downloads/IE/Releases/6.15.0.27/.../HotMP3.exe  (ielogic.exe)

 
Latest 30 of 460 download URLs

The following 453 files have been seen to comunicate with ie.conduit-download.com in live environments.

TCP » 184.51.126.75:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.17:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.122:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.17:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.75:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.122:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.122:80
plugin.exe

TCP » 104.96.220.184:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.56:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.220.122:80
plugin.exe

TCP » 184.51.126.75:443
messengertime.exe

TCP » 184.51.126.75:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.51.126.75:443
kometa.exe (Kometa by Kometa Authors)

TCP » 184.51.126.75:443
beamrise.exe (Beamrise by The Beamrise Authors)

TCP » 23.15.7.107:80
browser.exe (Browser)

TCP » 184.51.126.75:80
browser.exe (Browser)

TCP » 104.96.220.184:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 104.96.221.144:80
apptrailers.exe

TCP » 104.96.221.144:80
Mobogenie.exe (Mobogenie by Mobogenie.com)

TCP » 23.62.6.129:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 518 files

URL:
http://ie.conduit-download.com/

Web server:
Microsoft-IIS/7.5 (ASP.NET)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.