home

up1.nhksoftware.net

Starline Alliance LTD.

Domain Information

The domain up1.nhksoftware.net registered by Starline Alliance LTD. was initially registered in October of 2014 through PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Haarlem, Noord-Holland within Netherlands which resides on the RIPE Network Coordination Centre network.
Registrar:
PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM

Server location:
Noord-Holland, Netherlands (NL)

Create date:
Friday, October 10, 2014

Expires date:
Saturday, October 10, 2015

Updated date:
Friday, October 10, 2014

ASN:
AS62403 DISKGROUP Disk Group Ltd.,CZ

Root domain:
nhksoftware.net

Whois:
1 nhksoftware.net record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ROSA.X, PUP.Installer.ROSA.Y, PUP.Installer.ROSA.EE, PUP.Installer.ROSA.i, PUP.Installer.ROSA.g, PUP.ROSA.Installer (M), PUP (M)
100.00%

Avira AntiVirus
APPL/Downloader.Gen9, APPL/Downloader.Gen4, PUA/bmMedia.Gen4
19.57%

AVG
Generic
19.57%

Agnitum Outpost
Riskware.Agent
17.39%

IKARUS anti.virus
AdWare.Agent, Win32.SuspectCrc, PUA.bmMedia, not-a-virus:AdWare.Winner
15.22%

Dr.Web
Trojan.Packed.29079
13.04%

avast!
Win32:Malware-gen, Win32:Rootkit-gen [Rtk]
13.04%

ESET NOD32
Win32/bmMedia.CP (variant), Win32/bmMedia.CS, Win32/bmMedia.DH (variant), Win32/bmMedia.CG
10.87%

VIPRE Antivirus
Threat.4150696
10.87%

NANO AntiVirus
Trojan.Win32.BmMedia.djhbvb, Trojan.Win32.BmMedia.didzhh, Trojan.Win32.XPACK.djrkrh
10.87%

ESET NOD32
Win32/bmMedia.BY potentially unwanted application, Win32/bmMedia.CS potentially unwanted application, Win32/bmMedia.CG potentially unwanted application
10.87%

Emsisoft Anti-Malware
Adware.Agent.ONV, Gen:Variant.Kazy.483613
8.70%

Norman
Adware.Agent.ONV, Gen:Variant.Kazy.483613, Kelihos.BW
8.70%

MicroWorld eScan
Adware.Agent.ONV, Gen:Variant.Kazy.483613
8.70%

F-Prot
W32/A-e6de93f4, W32/A-12625e94
8.70%

The domain up1.nhksoftware.net has been seen to resolve to the following IP address.

185.36.100.166
October 20, 2014

File downloads found at URLs served by up1.nhksoftware.net.

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/installer?carrier_cmd_uri=name://18 Wheels Of Steel Across America.rar&referral=tf816.0.1.1.2010a157be0a321&file_name=18_Wheels_Of_Steel_Across_America.rar  (18_wheels_of_steel_across_america.rar_48y7w.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.1810560cb3dc209&file_name=DownloadFileSetup  (downloadfilesetup_721qu.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t359c7.0.0.2012.1610cd63d037523&file_name=DownloadFileSetup  (downloadfilesetup_63toj.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=te7889.0.0.301.2210c9c9bb21e23&file_name=DownloadFileSetup  (downloadfilesetup_65hyn.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t54d2.0.0.torrent.1910ebc41d9ca21&file_name=DownloadFileSetup  (downloadfilesetup_83dmy.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t359c7.0.0.2012.15100327b262423&file_name=DownloadFileSetup  (downloadfilesetup_22htx.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.16106f9d30be404&file_name=DownloadFileSetup  (downloadfilesetup_95ufp.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.1710979d2231702&file_name=DownloadFileSetup  (downloadfilesetup_96z2r.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.2010f4a9ffdb802&file_name=DownloadFileSetup  (downloadfilesetup_86yux.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t359c7.0.0.2012.2010fe959919822&file_name=DownloadFileSetup  (downloadfilesetup_34eij.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=te7889.0.0.301.2310cd538fe0000&file_name=DownloadFileSetup  (DownloadFileSetup_99Lfh.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.171028c6244d201&file_name=DownloadFileSetup  (downloadfilesetup_82vwc.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=tcdbf.0.0.2011.2210bdeba155818&file_name=DownloadFileSetup  (downloadfilesetup_37ygm.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4d37.0.0.2013.1810457f5797318&file_name=DownloadFileSetup  (downloadfilesetup_10zal.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t9bfe.0.0.008.2210596ed38a622&file_name=DownloadFileSetup  (downloadfilesetup_34qgp.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t9bfe.0.0.008.22101348fe96222&file_name=DownloadFileSetup  (downloadfilesetup_43mie.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.201019ca6cc9f03&file_name=DownloadFileSetup  (downloadfilesetup_43x5s.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t47afd.0.0.2013.23109f05c34bc04&file_name=DownloadFileSetup  (downloadfilesetup_065qg.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.1610f229188f221&file_name=DownloadFileSetup  (downloadfilesetup_804nv.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.16104d38b84a501&file_name=DownloadFileSetup  (downloadfilesetup_96mpl.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.16108efcb817220&file_name=DownloadFileSetup  (downloadfilesetup_38sjd.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/installer/?carrier_cmd_uri=name://DownloadSetup&referral=t2b83.chrome.0.results.19108a169e70208&file_name=DownloadSetup  (downloadsetup_51ivu.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t54d2.0.0.torrent.18105c8c12a3108&file_name=DownloadFileSetup  (downloadfilesetup_82tde.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t54d2.0.0.torrent.19102e67a20e119&file_name=DownloadFileSetup  (downloadfilesetup_12big.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=te132.0.0.torrent.221030408da1419&file_name=DownloadFileSetup  (downloadfilesetup_61wqo.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/installer?carrier_cmd_uri=name://MP3 Gain-win-full-1_2_5.rar&referral=tf816.0.1.1.2110997dd676104&file_name=MP3_Gain_win_full_1_2_5.rar  (mp3_gain_win_full_1_2_5.rar_08tnk.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t47afd.0.0.2013.22100f41ee6c820&file_name=DownloadFileSetup  (downloadfilesetup_54yz0.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=ta166.1228.0.torrent.2110f8d243cf700&file_name=DownloadFileSetup  (downloadfilesetup_28pz1.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.19102f1be444623&file_name=DownloadFileSetup  (downloadfilesetup_831rq.exe)

1 / 68      (Adware)
http://up1.nhksoftware.net/wdm/.../?carrier_cmd_uri=&referral=t4b67.0.0.torrent.1610b334cdb3516&file_name=DownloadFileSetup  (downloadfilesetup_58nnw.exe)

 
Latest 30 of 55 download URLs

URL:
http://up1.nhksoftware.net/

Web server:
nginx

cdnde.net

euzcdn.net

fstaticstorage.net

gdatafiles.net

servestatical.net

zghost.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.