s1.hd-plugin.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain s1.hd-plugin.com is registered by proxy through GODADDY.COM, LLC and was originally registered in February of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Studio City, California within the United States which resides on the netDNA network.
Remove Malware from s1.hd-plugin.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Thursday, February 07, 2013

Expires date:
Sunday, February 07, 2016

Updated date:
Sunday, February 08, 2015

ASN:
AS4436 AS-NLAYER - nLayer Communications, Inc.

Root domain:

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Iminent
100.00%

Sophos
FT Downloader
100.00%

ESET NOD32
Win32/Adware.1ClickDownload
100.00%

Reason Heuristics
PUP.CoolMirageltd.P, PUP.CoolMirageltd.T, PUP.CoolMirageltd.Q, PUP.CoolMirageltd.X, PUP.CoolMirageltd.Y
100.00%

Dr.Web
Adware.Downware.902
90.00%

Avira AntiVirus
APPL/CoolMirage.Gen6, APPL/CoolMirage.cuq, Adware/Yontoo.H
90.00%

Comodo Security
Application.Win32.MCool.A
80.00%

McAfee
Adware-SweetIM, Artemis!7BA306E87A08, Artemis!2B847A02CC65, Artemis!5ADBD11824F8, Artemis!F61104B9CFD4, Artemis!0245992B44EA
70.00%

Malwarebytes
PUP.BundleInstaller.DW
60.00%

avast!
Win32:Downloader-TPG [PUP]
60.00%

Microsoft Security Essentials
SoftwareBundler:Win32/OneClickDownloader
60.00%

SUPERAntiSpyware
Adware.Downware
50.00%

McAfee Web Gateway
Artemis!7BA306E87A08, Artemis!2B847A02CC65, Artemis!5ADBD11824F8, Artemis!F61104B9CFD4, Artemis!0245992B44EA
50.00%

Trend Micro House Call
TROJ_GEN.F47V0212, TROJ_GEN.F47V1116, ADW_CODECINSTALL, TROJ_GEN.F47V1007
40.00%

Panda Antivirus
Trj/CI.A
30.00%

The domain s1.hd-plugin.com has been seen to resolve to the following 2 IP addresses.

December 1, 2014

May 14, 2014

File downloads found at URLs served by s1.hd-plugin.com.

12 / 68    (Adware)

14 / 68    (Adware)

13 / 68    (Adware)

1 / 68
http://s1.hd-plugin.com/download/.../hdplugin_chrome.exe  (d88a157e299ce59ec9cc1a16dcededd2)

14 / 68    (Adware)

10 / 68    (Adware)

9 / 68      (Adware)

18 / 68    (Adware)

7 / 68      (Adware)

21 / 68    (Adware)
http://s1.hd-plugin.com/download/.../hdplugin_chrome.exe  (bdcee145df303f531cf7fba961f60ef5)

The following file have been seen to comunicate with s1.hd-plugin.com in live environments.

URL:
http://s1.hd-plugin.com/

Web server:
NetDNA-cache/2.2

Remove Malware from s1.hd-plugin.com - Powered by Reason Core Security