www.hd-plugins.com

Name Management Group

Domain Information

The domain www.hd-plugins.com registered by Name Management Group was initially registered in April of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from www.hd-plugins.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Thursday, April 04, 2013

Expires date:
Monday, April 04, 2016

Updated date:
Thursday, June 04, 2015

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.CoolMirageltd.U, PUP.TanjaMatkovic.S, PUP.Installer.CoolMirageltd.W, PUP.CoolMirage.S, PUP.CoolMirage.d, PUP.CoolMirage.U, PUP.CHUTCHAIKIEWNOY.K, PUP.Installer.TanjaMatkovic, PUP.CoolMirage.Installer, PUP.CoolMirage.Installer (M)
100.00%

Dr.Web
Adware.Downware.902, Adware.Downware.1263, Adware.Downware.8319, Adware.Yontoo.54, Adware.Yontoo.4
54.17%

VIPRE Antivirus
Iminent, CoolMirage Ltd, Threat.4786236, Threat.4783938
54.17%

K7 Gateway Antivirus
Unwanted-Program , Adware
37.50%

K7 AntiVirus
Unwanted-Program , Adware
37.50%

McAfee
Artemis!908D9CB2F976, Adware-SweetIM, Artemis!1009B0450E65, Artemis!4902B5BC7678, Program.Adware-SweetIM
33.33%

Sophos
FT Downloader, CoolMirage, Generic PUA LE, PUA '1 Click Downloader' (of type Adware), PUA 'FT Downloader'
33.33%

Malwarebytes
PUP.BundleInstaller.DW, PUP.Optional.OneClickDownloader.A
29.17%

Comodo Security
Application.Win32.MCool.A, Application.Win32.MCool.E, Application.Win32.CoolMirage.AS, UnclassifiedMalware
29.17%

Avira AntiVirus
APPL/CoolMirage.bqt, APPL/CoolMirage.Gen6, Adware/1ClickDownload.AA.1, APPL/CoolMirage.MD, Adware/Yontoo.71608
29.17%

AVG
AdInstaller, Generic
29.17%

Kaspersky
not-a-virus:AdWare.NSIS.Yontoo, not-a-virus:Downloader.Win32.TornTV, not-a-virus:HEUR:Downloader.Win32.Generic
29.17%

NANO AntiVirus
Riskware.Nsis.Yontoo.cvlcfp, Riskware.Text.Adware.cuhowq, Riskware.Nsis.Downware.czyjkl
25.00%

McAfee Web Gateway
Artemis!908D9CB2F976, BehavesLike.Win32.AdwareSweet.fc, BehavesLike.Win32.BadFile.kc, BehavesLike.Win32.Suspicious.hc, BehavesLike.Win32.Suspicious.fc
25.00%

G Data
NSIS.Adware.OneClickDownloader, Win32.Application.Agent.3LIORS, Gen:Application.Bundler.DefaultTab
25.00%

The domain www.hd-plugins.com has been seen to resolve to the following 11 IP addresses.

November 13, 2015

June 18, 2015

ip-50-63-202-58.ip.secureserver.net
May 2, 2015

ec2-184-169-157-32.us-west-1.compute.amazonaws.com
November 18, 2014

ec2-50-18-168-176.us-west-1.compute.amazonaws.com
November 13, 2014

ec2-50-18-172-232.us-west-1.compute.amazonaws.com
September 30, 2014

ec2-54-241-253-59.us-west-1.compute.amazonaws.com
September 5, 2014

ec2-184-169-175-49.us-west-1.compute.amazonaws.com
April 11, 2014

ec2-54-215-5-252.us-west-1.compute.amazonaws.com
February 14, 2014

ec2-50-18-168-247.us-west-1.compute.amazonaws.com
January 14, 2014

ec2-54-241-11-74.us-west-1.compute.amazonaws.com
December 18, 2013

File downloads found at URLs served by www.hd-plugins.com.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

20 / 68    (Adware)

6 / 68      (Adware)

8 / 68      (Adware)

6 / 68      (Adware)

8 / 68      (Adware)

19 / 68    (Adware)

15 / 68    (Adware)

21 / 68    (Adware)
http://www.hd-plugins.com/.../HDVidCodec_setup(18_0).exe  (908d9cb2f9766b0e5136aa15f66a3dd4)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

URL:
http://www.hd-plugins.com/

Web server:
Apache

Remove Malware from www.hd-plugins.com - Powered by Reason Core Security