www.pc-file.net

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain www.pc-file.net is registered by proxy through GODADDY.COM, LLC and was originally registered in May of 2013. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon Technologies Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from www.pc-file.net - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Wednesday, May 15, 2013

Expires date:
Sunday, May 15, 2016

Updated date:
Saturday, May 16, 2015

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.,US

Root domain:

Scanner detections:
Detections  (82% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.AppsInstallerSL.M, PUP.FIRSERIASL.N, PUP.FIRSERIASL.H, PUP.FIRSERIASL.V, PUP.POPELERSYSTEMSL.K, PUP.Installer.Solimba, PUP.Solimba, PUP.Solimba.Bundler, PUP.Solimba.AppsInstaller.Installer (M), PUP.Solimba.FIRSERIA.Bundler (M), PUP.Solimba.Firseria.Bundler (M), Adware.Solimba.AppsInstaller.Installer (M)
93.33%

Malwarebytes
PUP.Optional.AppsInstaller, PUP.Optional.Firseria, PUP.Optional.Bundler
46.67%

VIPRE Antivirus
DownloadMR, Trojan.Win32.Generic, Threat.4150696, Threat.4758821, Threat.4782980
46.67%

K7 Gateway Antivirus
Trojan , Unwanted-Program
46.67%

K7 AntiVirus
Trojan , Unwanted-Program , DoS-Trojan
46.67%

Sophos
Solimba Installer, PUA 'Solimba Installer'
46.67%

Comodo Security
Application.Win32.FirseriaInstaller.RRA, TrojWare.Win32.Trojan.Obfuscated.~EN, Application.Win32.Solimba.KUY, Application.Win32.Firseria.GH
46.67%

Avira AntiVirus
APPL/Firseria.A.25, TR/Crypt.XPACK.Gen, APPL/Firseria.Gen, APPL/Firseria.grtqw, PUA/Firseria.grtqw
46.67%

Vba32 AntiVirus
Downware.Morstar
46.67%

AVG
BundleApp, Adware AdInstaller.Firseria, Adware BundleApp.FP, Adware BundleApp_r.AI, Adware BundleApp.BL
46.67%

Agnitum Outpost
PUA.Firseria, PUA.Downloader, PUA.Agent
46.67%

McAfee Web Gateway
Artemis!83F01B419C0D, Heuristic.BehavesLike.Win32.Suspicious-BAY.G, BehavesLike.Win32.Downloader.gc, BehavesLike.Win32.SoftPulse.dc
46.67%

Rising Antivirus
AU3SCRIPT:Dropper.Insrun!1.9E21, PE:PUF.FirseriaInstaller@CV!1.9C54, PE:Malware.XPACK-HIE/Heur!1.9C48, PE:Trojan.Dropper!6.1E56
40.00%

G Data
Win32.Application.Morstar, Gen:Application.Bundler.Firseria, Gen:Variant.Adware.Graftor.147911, Trojan.Generic.12760932
40.00%

NANO AntiVirus
Riskware.Win32.Downware.cxbprf, Trojan.Win32.Morstar.cslwyy, Trojan.Win32.Morstar.dmuxrd, Riskware.Win32.Downware.cxkjch
40.00%

The domain www.pc-file.net has been seen to resolve to the following 9 IP addresses.

ec2-52-2-153-162.compute-1.amazonaws.com
December 19, 2015

ec2-54-164-36-16.compute-1.amazonaws.com
December 19, 2015

ec2-52-4-203-31.compute-1.amazonaws.com
June 19, 2015

ec2-107-21-52-178.compute-1.amazonaws.com
June 19, 2015

ec2-54-235-133-59.compute-1.amazonaws.com
February 23, 2015

ec2-54-235-187-184.compute-1.amazonaws.com
July 31, 2014

ec2-54-243-35-60.compute-1.amazonaws.com
June 13, 2014

ec2-54-225-165-202.compute-1.amazonaws.com
May 2, 2014

ec2-107-22-251-68.compute-1.amazonaws.com
December 28, 2013

File downloads found at URLs served by www.pc-file.net.

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

36 / 68    (Adware)

37 / 68    (Adware)

38 / 68    (Adware)

1 / 68      (Adware)

26 / 68    (Adware)

33 / 68    (Adware)

33 / 68    (Adware)

18 / 68    (Adware)

URL:
http://www.pc-file.net/

Google Analytics:
UA-40922796

Title:
“PC-File”

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
nginx

Remove Malware from www.pc-file.net - Powered by Reason Core Security