The domain nl.afterdawn.com registered by AfterDawn Oy was initially registered in March of 1999 through CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM. This domain has been seen distributing various forms of adware (some being very aggressive) directly or via bundled installations. The hosted servers are located in Amsterdam, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network. The domain is associated with the publisher AfterDawn who is located in Oulu, Finland.
Registrar:
CSL COMPUTER SERVICE LANGENBACH GMBH D/B/A JOKER.COM
Server location:
Noord-Holland, Netherlands (NL)
Create date:
Wednesday, March 31, 1999
Expires date:
Sunday, March 31, 2019
Updated date:
Tuesday, February 11, 2014
ASN:
AS16265 LEASEWEB LeaseWeb B.V.
Scanner detections:
Adware distribution
Scan engine
Details
Detections
Reason Heuristics
PUP.MusicLab.M, PUP.Installer.Perion.T, PUP.Optional.Musiclab.Installer, PUP.OpenCandy.Installer (L), PUP.chenjunhao.Installer (M)
58.33%
ESET NOD32
MSIL/AdvancedSystemProtector, Win32/OpenCandy, Win32/OpenCandy.C potentially unsafe (variant), Win32/Toptools.A potentially unwanted (variant), Win32/OpenCandy.A potentially unsafe (variant)
41.67%
Dr.Web
Adware.OpenCandy.7, Adware.IncrediMail.14, Adware.IncrediMail.36, Program.Unwanted.603, Adware.Toolbar.576
41.67%
Trend Micro House Call
Suspicious_GEN.F47V0815, Suspicious_GEN.F47V0413
16.67%
AVG
OpenCandy, Generic
16.67%
IKARUS anti.virus
not-a-virus:AdWare.Win32.Mostofate.j, PUA.OpenCandy
16.67%
Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen, QVM06.1.Malware.Gen
16.67%
Fortinet FortiGate
Riskware/OpenCandy
16.67%
Rising Antivirus
PE:Malware.RDM.34!5.28[F1], PE:Trojan.Win32.SpeedingUpMyPC.a!1075357520
16.67%
McAfee
Artemis!A1630F4BDF5C
8.33%
Kaspersky
Trojan-Banker.Win32.ChePro
8.33%
Agnitum Outpost
Trojan.Kryptik
8.33%
Bkav FE
W32.HfsAdware
8.33%
Zillya! Antivirus
Adware.OutBrowse.Win32.64964
8.33%
Emsisoft Anti-Malware
Riskware.AdWare.Win32.Mostofate.j!IK
8.33%
The domain nl.afterdawn.com has been seen to resolve to the following IP address.
varnish.afterdawn.net
December 27, 2013
File downloads found at URLs served by nl.afterdawn.com.
Latest 30 of 113 download URLs
The following 3 files have been seen to comunicate with nl.afterdawn.com in live environments.
URL:
http://nl.afterdawn.com/
Google Analytics:
UA-2099875
Title:
“AfterDawn - Nieuws en software downloads”
Description:
“Laatste technologisch nieuws, handleidingen, product besprekingen en software downloads.”
Statistics are for the previous month.
Related Domains