home

nl.pc-file.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain nl.pc-file.com is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Friday, May 10, 2013

Expires date:
Sunday, May 10, 2015

Updated date:
Thursday, May 8, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:
pc-file.com

Whois:
2 pc-file.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AppsInstallerSL.Q, PUP.Installer.FIRSERIASL.K, PUP.Installer.BechiroSL.I, PUP.Solimba.FIRSERIA.Bundler (M)
100.00%

IKARUS anti.virus
PUA.MSIL.Solimba
100.00%

Emsisoft Anti-Malware
Application.Bundler.Firseria.M, Gen:Variant.Application.Bundler.Kazy.132995
100.00%

Kaspersky
Trojan-Banker.Win32.Agent, not-a-virus:AdWare.Win32.Fiseria
100.00%

VIPRE Antivirus
Threat.4782980, DownloadMR
75.00%

K7 AntiVirus
Trojan , Unwanted-Program
75.00%

Sophos
Solimba Installer
75.00%

Comodo Security
Application.Win32.FirseriaInstaller.RRA, Application.Win32.Firseria.MAP, Application.Win32.Firseria.AFGH
75.00%

Avira AntiVirus
APPL/Firseria.A.35, APPL/Firseria.Gen8
75.00%

G Data
Win32.Application.Morstar, Application.Bundler.Firseria, Gen:Variant.Application.Bundler.Kazy.132995
75.00%

Vba32 AntiVirus
Downware.Morstar
75.00%

ESET NOD32
Win32/FirseriaInstaller.H potentially unwanted application, MSIL/Solimba.AH potentially unwanted application
75.00%

AVG
BundleApp, Adware BundleApp_r, Adware BundleApp.GW
75.00%

Panda Antivirus
Trj/Genetic.gen, Adware/Firseria
75.00%

AhnLab V3 Security
PUP/Win32.Firseria
75.00%

The domain nl.pc-file.com has been seen to resolve to the following 5 IP addresses.

52.86.173.174
ec2-52-86-173-174.compute-1.amazonaws.com
May 19, 2016

54.210.177.99
ec2-54-210-177-99.compute-1.amazonaws.com
May 19, 2016

54.235.133.59
ec2-54-235-133-59.compute-1.amazonaws.com
November 1, 2014

54.235.187.184
ec2-54-235-187-184.compute-1.amazonaws.com
August 24, 2014

54.225.165.202
ec2-54-225-165-202.compute-1.amazonaws.com
May 24, 2014

File downloads found at URLs served by nl.pc-file.com.

1 / 68      (Adware)
http://nl.pc-file.com/microsoft-powerpoint/download/.../6077  (microsoft powerpoint.exe)

29 / 68    (Adware)
http://nl.pc-file.com/terraria/download/.../13891  (terraria.exe)

40 / 68    (Adware)
http://nl.pc-file.com/adwcleaner/download/.../11450  (adwcleaner.exe)

12 / 68    (Adware)
http://nl.pc-file.com/revo-uninstaller/download/.../95  (revo uninstaller.exe)

URL:
http://nl.pc-file.com/

Google Analytics:
UA-40922796

Title:
“PC-File”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

pc-file.info

pc-file.net

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.