home

pxc-coding.com

Jonas Zimmermann

Domain Information

The domain pxc-coding.com registered by Jonas Zimmermann was initially registered in February of 2012 through GANDI SAS. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
GANDI SAS

Server location:
Berlin, Germany (DE)

Create date:
Thursday, February 9, 2012

Expires date:
Friday, February 9, 2018

Updated date:
Friday, December 25, 2015

ASN:
AS6724 STRATO STRATO AG,DE

Whois:
3 pxc-coding.com records

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.JonasZimmermann.G, PUP.OpenCandy.Installer (L), PUP.JonasZimmermann.Installer (M), PUP.JonasZim.Installer (M), Threat.Win.Reputation.IMP
89.47%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.A potentially unsafe (variant)
52.63%

Sophos
OpenCandy (PUA), PUA 'OpenCandy'
42.11%

K7 AntiVirus
Unwanted-Program
42.11%

Zillya! Antivirus
Adware.OpenCandy.Win32.462, Adware.OpenCandy.Win32.453, Adware.OpenCandy.Win32.456
36.84%

Fortinet FortiGate
Adware/OpenCandy, Riskware/OpenCandy
31.58%

Malwarebytes
PUP.Optional.OpenCandy
26.32%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy
15.79%

Baidu Antivirus
Adware.Win32.OpenCandy
15.79%

Dr.Web
Adware.OpenCandy.3, Adware.OpenCandy.137
10.53%

AVG
AdLoad.OpenCandy
10.53%

Agnitum Outpost
Riskware.Agent
10.53%

McAfee
Artemis!5886CCF6F969, Artemis!678E540275B1
10.53%

Quick Heal
AdWare.OpenCandy.r8 (Not a Virus)
5.26%

F-Prot
W32/OpenCandy.A2.gen
5.26%

The domain pxc-coding.com has been seen to resolve to the following 3 IP addresses.

104.18.36.159
December 4, 2015

104.18.37.159
December 4, 2015

85.214.224.119
h2002155.stratoserver.net
December 18, 2013

File downloads found at URLs served by pxc-coding.com.

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=75297&vp_edd_act=download&expire=NTA2NzE5NDU1MQ==  (donotspy78-1.0.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2NzkxMzU0NA==  (donotspy10-1.1.0.0-setup.exe)

6 / 68      (PUP)
http://pxc-coding.com/downloads/.../Office-Trial-Extender-1.0.0.7-Setup.exe  (4613bacf34f66e30a26aeda8607af84c)

1 / 68      (Malware)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.1.0.3-Setup.exe  (alternative-flash-player-auto-updater-1.2.0.1-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/downloads/.../DoNotSpy10-1.1.0.0-Setup.exe  (9012497a7fd72f19da47d0e666bb6f08)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2NDMyMDk5OQ==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MDgxMzQ5Mg==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MTczNjY1MA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MDE4OTM4MQ==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.1.0.6-Setup.exe  (alternative-flash-player-auto-updater-1.2.0.1-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1ODA5NjEwMg==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MTU3OTI2MA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MDY3MTQxMw==  (donotspy10-1.1.0.0-setup.exe)

0 / 68
http://pxc-coding.com/downloads/.../Aero-Enabler-1.0.0.4-Setup.exe  (btb+lja9.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MDYzNTkzNg==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=1&did=7692&vp_edd_act=download&expire=NTA2MDgyMDA4NQ==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1OTExNzEyOA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1OTA2NzA0OA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1OTcwMjU1MA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NjcyMTE1Mw==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NjE0ODk2OA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NzI4OTk1Ng==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7621&vp_edd_act=download&expire=MTQ1ODY1MTEyNg==  (alternative-flash-player-auto-updater-1.2.0.1-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NzM2NTYyMg==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NjU3NTAzMA==  (donotspy10-1.1.0.0-setup.exe)

1 / 68      (PUP)
http://pxc-coding.com/downloads/.../Alternative-Flash-Player-Auto-Updater-1.2.0.1-Setup.exe  (alternative-flash-player-auto-updater-1.1.0.3-setup.exe)

5 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NTgyNTA0Mg==  (donotspy10-1.0.0.2-setup.exe)

5 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NTQ1MzM4Mg==  (donotspy10-1.0.0.2-setup.exe)

5 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ0ODczOTQ0MQ==  (donotspy10-1.0.0.2-setup.exe)

5 / 68      (PUP)
http://pxc-coding.com/?file=0&did=7692&vp_edd_act=download&expire=MTQ1NTE4Mjk5Ng==  (donotspy10-1.0.0.2-setup.exe)

 
Latest 30 of 65 download URLs

The following file have been seen to comunicate with pxc-coding.com in live environments.

TCP » 85.214.224.119:80
Tweak Me!.exe (Tweak Me! by pXc-coding.com)

May 24, 2016
dl1.pxc-coding.com

URL:
http://pxc-coding.com/

Google Analytics:
UA-29164157

Title:
“pXc-coding”

SSL certificate subject:
CN=www.pxc-coding.com, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
Apache (PHP/5.6.19,PleskLin)

Facebook:
Likes:  19
Shares:  24
Comments:  4

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.