home

www.hd-plugins.com

Name Management Group

Domain Information

The domain www.hd-plugins.com registered by Name Management Group was initially registered in April of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Chicago, Illinois within the United States which resides on the GigeNET network.
Registrar:
GODADDY.COM, LLC

Server location:
Illinois, United States (US)

Create date:
Thursday, April 4, 2013

Expires date:
Monday, April 4, 2016

Updated date:
Thursday, June 4, 2015

Root domain:
hd-plugins.com

Whois:
4 hd-plugins.com records

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.CoolMirage.Installer, PUP.CoolMirage.Installer (M), PUP.TanjaMat.Installer (M), PUP.CoolMirage (M), PUP (M)
94.00%

ESET NOD32
Win32/AdWare.1ClickDownload.AQ application
4.00%

McAfee
Program.Adware-SweetIM
4.00%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
2.00%

F-Secure
Application:W32/Generic.70053c248f!Online
2.00%

The domain www.hd-plugins.com has been seen to resolve to the following 12 IP addresses.

69.39.236.56
ip-69.39.236.56.hosted.by.gigenet.com
June 2, 2016

172.99.89.202
November 13, 2015

74.200.250.152
June 18, 2015

50.63.202.58
ip-50-63-202-58.ip.secureserver.net
May 2, 2015

184.169.157.32
ec2-184-169-157-32.us-west-1.compute.amazonaws.com
November 18, 2014

50.18.168.176
ec2-50-18-168-176.us-west-1.compute.amazonaws.com
November 13, 2014

50.18.172.232
ec2-50-18-172-232.us-west-1.compute.amazonaws.com
September 30, 2014

54.241.253.59
ec2-54-241-253-59.us-west-1.compute.amazonaws.com
September 5, 2014

184.169.175.49
ec2-184-169-175-49.us-west-1.compute.amazonaws.com
April 11, 2014

54.215.5.252
ec2-54-215-5-252.us-west-1.compute.amazonaws.com
February 14, 2014

50.18.168.247
ec2-50-18-168-247.us-west-1.compute.amazonaws.com
January 14, 2014

54.241.11.74
ec2-54-241-11-74.us-west-1.compute.amazonaws.com
December 18, 2013

File downloads found at URLs served by www.hd-plugins.com.

1 / 68      (Adware)
http://www.hd-plugins.com/.../loaderall.php?pub=magno--iframe4  (hdvid-codec-chrome.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../loader.php?pub=apPutlockerbanners&file=&in=d&sn=y&name=Oernxvat.Onq.F05R12.720c.UQGI-UroFhoorq-jjj.gur-bayvar-gi-fubj.oybtfcbg.pb.vy.zc4&sp=1  (codec_pack_ie.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=m2kstrip11  (codec_pack_32464_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../loader.php?pub=apPutlockerbanners&file=&in=d&sn=y&name=Lnne Viny (2013) QiQ --- Gnzvynehil.Pbz&sp=1  (yaarival28201329dvd---tamilaruvycom.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=magno_102  (codec_pack_689656_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=lsha_22  (codec_pack_772133_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=magno_104  (codec_pack_594223_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=ilem_35  (codec_pack_819830_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=1channel_strip  (codec_pack_43296_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=magno  (codec_pack_996651_ch.exe)

2 / 68      (false positives)
http://www.hd-plugins.com/.../dl2.php?pub=apSockSharept10&file=&in=d&sn=y&name=2.Snfg.2.Shevbhf.UroFho..niv&sp=1  (wrar420.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../loaderall.php?pub=magno--iframe3  (hdvid-codec-chrome.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=limit_106  (codec_pack_142015_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2d.php?build=nf&pub=m2k_888  (codec_pack_886933_ie.exe)

2 / 68      (inconclusive)
http://www.hd-plugins.com/.../dl2.php?pub=apSockSharept10&file=&in=d&sn=y&name=Fgne Gerx: Vafheerpgvba (1998).OQ.ZvavFQ-GYS.zxi&sp=1  (startrek3ninsurrection28199829bdminisd-tlfmkv.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=ilem_59  (codec_pack_268890_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=cr&pub=magno_222  (codec_pack_626091_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=atda_11  (codec_pack_940459_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=limit_57  (codec_pack_815785_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../loaderall.php?pub=magno--iframe5  (hdvid-codec-chrome.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=magno_101  (codec_pack_711084_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=1chnl_101  (downloadsetup.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=lsha_72  (codec_pack_720129_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=m2k_44  (codec_pack_620416_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=m2kab1  (codec_pack_23931_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=atdstrip  (codec_pack_282323_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?pub=vid2cv4&file=&in=d&sn=y&name=&sp=1  (downloadsetup.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=m2k_55  (codec_pack_148141_ch.exe)

1 / 68      (Adware)
http://www.hd-plugins.com/.../dl2.php?build=nf&pub=magno_111  (codec_pack_337185_ch.exe)

The following 389 files have been seen to comunicate with www.hd-plugins.com in live environments.

TCP » 69.39.236.56:80
globalupdate.exe (globalUpdate Update by globalUpdate)

TCP » 50.63.202.58:80
googleupdate.exe13d7b73 (globalUpdate Update by globalUpdate)

TCP » 69.39.236.56:8888
popdeals.exe (Today)

TCP » 69.39.236.56:80
9fe7cfbf-5cc9-4391-a512-8a764fd807c3-1-7.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80
9fe7cfbf-5cc9-4391-a512-8a764fd807c3-5.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 50.63.202.58:80
47987731-a12b-4f43-9174-d5cfd40e9863-5.exe (HighD-V1.8 by HighD)

TCP » 50.63.202.58:80
thetorntv v10-codedownloader.exe (TheTorntv V10 by esc)

TCP » 69.39.236.56:80
1573.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80
9fe7cfbf-5cc9-4391-a512-8a764fd807c3-3.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80
6054.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80
5dfde4f5-80af-4a98-8da4-e95b948f183d-10.exe (Ge-Force by Webar)

TCP » 69.39.236.56:80
a4bc936c-5e01-43ed-9315-bef9a4ae2675-10.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80
pricehorse.exe (by Pay By Ads)

TCP » 69.39.236.56:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 69.39.236.56:80
d488e0ef-38ce-4f88-bb4a-7a53ee6d0463-1-7.exe (CinemaPlus-4.5vV22.05 by Cinema PlusV22.05)

TCP » 69.39.236.56:80
dailybee.exe

TCP » 69.39.236.56:80
024a6571-2a4e-4467-b299-604f4b85d0bf-7.exe (CinemaPlus-4.5vV23.05 by Cinema PlusV23.05)

TCP » 50.63.202.58:80
47987731-a12b-4f43-9174-d5cfd40e9863-4.exe (HighD-V1.8 by HighD)

TCP » 50.63.202.58:80
9f09f8b9-cdbe-44ca-bbdf-bf3be4be9166-4.exe (iWebar)

TCP » 69.39.236.56:80
avast.exe

 
Latest 20 of 400 files

URL:
http://www.hd-plugins.com/

Web server:
Apache

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.