pxc-coding.com

Jonas Zimmermann

Domain Information

The domain pxc-coding.com registered by Jonas Zimmermann was initially registered in February of 2012 through GANDI SAS. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from pxc-coding.com - Powered by Reason Core Security
Registrar:
GANDI SAS

Server location:
Berlin, Germany (DE)

Create date:
Thursday, February 09, 2012

Expires date:
Friday, February 09, 2018

Updated date:
Friday, December 25, 2015

ASN:
AS6724 STRATO STRATO AG,DE

Scanner detections:
Detections  (86% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.A potentially unsafe (variant)
86.36%

Reason Heuristics
PUP.Installer.JonasZimmermann.q, PUP.Installer.JonasZimmermann.U, PUP.Installer.JonasZimmermann.X, PUP.Installer.JonasZimmermann.DD
59.09%

Baidu Antivirus
Adware.Win32.OpenCandy
45.45%

Dr.Web
Adware.OpenCandy.3, Adware.OpenCandy.6, Adware.OpenCandy.39, Adware.OpenCandy.137
40.91%

Sophos
Generic PUA FM, OpenCandy (PUA), PUA 'OpenCandy'
40.91%

AVG
OpenCandy, AdLoad.OpenCandy
36.36%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic, Opencandy
27.27%

Fortinet FortiGate
Riskware/OpenCandy
27.27%

K7 Gateway Antivirus
Trojan , Unwanted-Program
27.27%

K7 AntiVirus
Trojan , Unwanted-Program
27.27%

McAfee
Artemis!3CD5806CE68C, Artemis!DF1A5312C9D4, Artemis!5886CCF6F969, Artemis!678E540275B1
18.18%

Agnitum Outpost
Riskware.Agent
18.18%

Zillya! Antivirus
Adware.OpenCandy.Win32.462, Adware.OpenCandy.Win32.456, Adware.OpenCandy.Win32.453
18.18%

NANO AntiVirus
Trojan.Win32.OpenCandy.cugbau, Riskware.Win32.OpenCandy.cyducd, Trojan.Win32.OpenCandy.cuepxq
13.64%

Trend Micro House Call
Suspicious_GEN.F47V1029, TROJ_GEN.R02SH05KO14
13.64%

The domain pxc-coding.com has been seen to resolve to the following 3 IP addresses.

December 4, 2015

December 4, 2015

h2002155.stratoserver.net
December 18, 2013

File downloads found at URLs served by pxc-coding.com.

6 / 68      (PUP)

6 / 68      (PUP)

7 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

6 / 68      (PUP)

7 / 68      (PUP)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.1.0.6-Setup.exe  (alternative-flash-player-auto-updater-1.2.0.0-setup.exe)

11 / 68    (PUP)

3 / 68      (PUP)

6 / 68      (PUP)

5 / 68      (PUP)

8 / 68      (PUP)

8 / 68      (PUP)

8 / 68      (PUP)

10 / 68    (PUP)

11 / 68    (PUP)

4 / 68      (PUP)

6 / 68      (PUP)

3 / 68      (inconclusive)

5 / 68      (PUP)

3 / 68      (inconclusive)

4 / 68      (PUP)

3 / 68      (PUP)

2 / 68      (PUP)

2 / 68      (PUP)

The following file have been seen to comunicate with pxc-coding.com in live environments.

URL:
http://pxc-coding.com/

Google Analytics:
UA-29164157

Title:
“pXc-coding”

SSL certificate subject:
CN=www.pxc-coding.com, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
Apache (PHP/5.6.16,PleskLin)

Facebook:
Likes:  18
Shares:  23
Comments:  4

Statistics above are for the previous month of November 2016.

Remove Malware from pxc-coding.com - Powered by Reason Core Security