ClientConnect LTD

Publisher Information

ClientConnect LTD is a software developer located in Ness Ziona, Israel*. The company is a primary distributor of adware type software. ClientConnect is the division of browser toolbars and web browser extensions that was formed out of the merger of Conduit and Perion. Perion effectively took over Conduit's toolbar development and distribution business now named ClientConnect ("Conduit will spin off its Client Connect business, which includes its monetization and distribution platform for publishers and developers."). ClientConnect is the current distribution source of various bundlers including Search Protect and SweetPacks Toolbar. Thre are 16 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
2/4/2014 2:00:00 AM

Valid to:
2/6/2016 1:59:59 AM

Subject:
CN=ClientConnect LTD, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=DM4, O=ClientConnect LTD, L=Ness Ziona, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
201c61613e36ef7dd163280196cd80f7

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ClientConnect.P, PUP.Installer.ClientConnect.L, PUP.Installer.ClientConnect.Y, PUP.ClientConnect.O, PUP.Installer.ClientConnect.V, PUP.Installer.ClientConnect.O, PUP.ClientConnect.S, PUP.Installer.ClientConnect.R, PUP.Installer.ClientConnect.b, PUP.Installer.ClientConnect.DD, PUP.Installer.ClientConnect.Z, PUP.Installer.ClientConnect.e, PUP.Installer.ClientConnect.N, PUP.Installer.ClientConnect.I, PUP.Installer.ClientConnect.Q, PUP.ClientConnect.L, PUP.ClientConnect.I, PUP.ClientConnect.R, PUP.Installer.ClientConnect.X
100.00%

VIPRE Antivirus
Threat.4786236, Conduit, Trojan.Win32.Generic
100.00%

AVG
Generic, MalSign.Generic
100.00%

avast!
Adware-BRM [PUP], Win32:Adware-BRM [PUP]
96.00%

Dr.Web
Adware.Conduit.96, Adware.Conduit.87, Adware.Conduit.27, Adware.Conduit.43
90.00%

Malwarebytes
PUP.Optional.Conduit.A
86.00%

Trend Micro House Call
TROJ_GE.4DCE9EB6, Suspicious_GEN.F47V0623, Suspicious_GEN.F47V0701, Suspicious_GEN.F47V0613, TROJ_GEN.F47V0505, Suspicious_GEN.F47V0611
84.00%

Fortinet FortiGate
Riskware/Toolbar_Conduit
82.00%

Agnitum Outpost
PUA.Toolbar.Conduit
80.00%

NANO AntiVirus
Riskware.Win32.Conduit.dbqqxi, Riskware.Win32.Conduit.cylpml, Riskware.Win32.Conduit.cwiqdg
66.00%

13 / 68    (Adware)
mefoexpress_tsa11vy29.exe  (9efb047959018376eb28620fd0964bd1)

14 / 68    (Adware)

9 / 68      (Adware)

5 / 68      (Adware)
fdmclient.dll (by ClientConnect)  (399bb9f41be710b5381b60fad27ce920)

15 / 68    (Adware)
Foobar_2000_v1.2.9.exe (1.3.9.0.140504.01)  (8132ccb2d25a6990011f4c32f694e060)

21 / 68    (Adware)

8 / 68      (Adware)
tb_iprivobar.exe  (bd4ab384e6bba025893e9b39da15e8fc)

14 / 68    (Adware)
webcam_7_v1.3.3.0.exe (1.3.9.0.140504.01)  (be0b1427acc4a22eed46f9115bf351ae)

17 / 68    (Adware)
TVBrowser_Portable_v3.3.3.exe (1.3.9.0.140504.01)  (ab1c1836ea98433d7fd8b18301ead656)

20 / 68    (Adware)
allmyapps_tsa15dokv.exe (1.3.9.0.140504.01)  (9e38742376616772dc780b1bf7617cad)

19 / 68    (Adware)
IMVU.exe (1.3.9.0.140504.01)  (51802ac33271f9064e34d3ec352cbd40)

14 / 68    (Adware)
paint.net_tsv29d3s7.exe (1.3.9.0.140504.01)  (5bfd242e9f0286ed545fdfe3f540cac7)

16 / 68    (Adware)
vcardconverter_tsa35ig0l.exe (1.3.9.0.140504.01)  (75f935bf1150f05e9c71b31d0030bf3b)

16 / 68    (Adware)
Unlocker_64bit_v1.9.1.exe (1.3.9.0.140504.01)  (58d16a44e9fad0fa5bd6630a6daeb795)

21 / 68    (Adware)
Online_TV_Player_4.9.3.0.exe (1.3.9.0.140504.01)  (536280ce38048fb11f0f03d22e390726)

6 / 68      (Adware)
zenmate_tsa25bsgz.exe  (a11bf71578e044bc67dfdd36ea5bfd48)

20 / 68    (Adware)
visualboyadvance_tsa23qp5b.exe (1.3.9.0.140504.01)  (4b441f164e7ae3caf28af91fb1e87b52)

9 / 68      (Adware)
utorrent.exe  (d97823e1c36c516c3682011ecc85be35)

9 / 68      (Adware)
utorrent.exe  (9bc0a86b2d591b0c826af0b710c2b46e)

15 / 68    (Adware)
shakirabonita.exe (1.3.9.0.140504.01)  (b1c7b3c12af739b93c7f784306f29370)

13 / 68    (Adware)
setup.exe (1.3.9.0.140504.01)  (033aec805d1d29beb4b2dc96df826a52)

17 / 68    (Adware)
reimageexpress_tsa13k7qs.exe (1.3.9.0.140504.01)  (04d43440dcea3a31aea3e3c86ce10d06)

27 / 68    (Adware)
project64_tsa23qmi8.exe (1.3.9.0.140504.01)  (fe59be387c6639e9571db45c69763e54)

16 / 68    (Adware)
PhotoPosPro.exe (1.3.9.0.140504.01)  (950506ed05130a05aae51cc411a5abbe)

18 / 68    (Adware)
Paint.NET.exe (1.3.9.0.140504.01)  (4d337bbd16f08e0c57bf254822a45753)

15 / 68    (Adware)
mypcbackup.exe (1.3.9.0.140504.01)  (de5b1c846e0e6e0b7cdb40e6087aaca0)

17 / 68    (Adware)
mypcbackup.exe (1.3.9.0.140504.01)  (4a17447bdac7622aa114b3550da03435)

15 / 68    (Adware)
mouseserver_tsa34pawg.exe (1.3.9.0.140504.01)  (5ecca2155dda222d1bce99321a759542)

13 / 68    (Adware)
lastend_blackjack_2008.exe (1.3.9.0.140504.01)  (2f86e94a479106ba91bb11b3e7ddfff8)

17 / 68    (Adware)
keyboardandmousecleaner_installer.exe (1.3.9.0.140504.01)  (f28f6ccf974dd34d0f5619555b96d18e)

 
Latest 30 of 196 files

Downloads URLs for files signed by ClientConnect LTD.

19 / 68    (Adware)

Top-level domains owned by ClientConnect LTD.

The certificates below are also signed by ClientConnect LTD.

552491364DFD4261C3C5D20F5503F94C  (Jun 19, 2014 to Jun 20, 2016)

123F28AFC6155B8A2D814F4215DA7FE6  (May 13, 2014 to May 14, 2016)

66CB8C3D79A78302BD990C405680DC66  (May 03, 2014 to May 04, 2016)

36AC210D3412C8646EB3F4C8EE541402  (Apr 29, 2014 to Apr 30, 2016)

7D43A9D40B810B6AC20F2CDF15B5CCF6  (Feb 04, 2014 to Feb 06, 2016)

35FA40A94299F9F62EFBCE7B4C008CFA  (Feb 04, 2014 to Feb 06, 2016)

454C936FBC51DA40868FE2AB4727B946  (Feb 04, 2014 to Feb 06, 2016)

473768C4887B47780C938DAAD614AACD  (Feb 04, 2014 to Feb 06, 2016)

41F2089F74119A9424A811A0F468F781  (Feb 04, 2014 to Feb 05, 2016)

4B1AA4E0160AB83115939D2007F97611  (Feb 04, 2014 to Feb 05, 2016)

10 of 16 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Detection Incidence by Country
* Note, the details and description above are based on the code signing digital signature issued to ClientConnect LTD by VeriSign, Inc. on February 04, 2014 with the serial number '201c61613e36ef7dd163280196cd80f7'.