home

FIRSERIA, S.L.

Publisher Information

FIRSERIA, S.L. is a software publisher located in Badalona, Barcelona in Spain*. The company is a primary distributor of unwanted software. Firseria (Solimba Aplicaciones S.L.) based on Spain is a company that runs various download portals including winportal.com and descargargratis.com which are designed as download sites that distribute legitimate 'Free Downloads', however they use a custom download manager (DownloadMR) to package bundled offers with each installation "Additionally, the download manager offers the optional installation of a toolbar.". These offeres include adware, toolbars and various other potential unwanted software. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
7/23/2013 9:00:00 PM

Valid to:
7/24/2014 8:59:59 PM

Subject:
CN="FIRSERIA, S.L.", OU=IT, O="FIRSERIA, S.L.", L=Badalona, S=Barcelona, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
73c4780fac0cd497b0778732fb8af673

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Solimba (M)
100.00%

1 / 68      (Adware)
winrar.exe (by Firser)  (32eb18e992b725855ce48432b21c1d1a)

1 / 68      (Adware)
media go.exe (by Firseria·s·l·)  (e00ceb42dd00b092bbfb00358679e63b)

1 / 68      (Adware)
imgburn.exe (by Firseria·s·l)  (e6aef3c520696e7f38e64ae5ed71772f)

1 / 68      (Adware)
wifigen 1.0.exe (by Firseria·s·l·)  (657d4474b2ee36aebafed9bd409c2325)

1 / 68      (Adware)
opera.exe (by Firseria)  (b568a97ae63cd1902788c810c9aeac66)

1 / 68      (Adware)
skype.exe (by Firseria·s·l·)  (466bf27d93ed652c223f14b7850a683f)

1 / 68      (Adware)
licdxx82.exe (by Firser)  (6163580f32c5f635ba34ed32a97e55ac)

1 / 68      (Adware)
the sims 2.exe (by Firser)  (4b73d8ec84f3bfb1439241496a49f16e)

1 / 68      (Adware)
4hyp1x4+.exe (by Firseria·s·l·)  (2ff18d1327ec350260e55ce06e7de144)

1 / 68      (Adware)
microsoft office 2010.exe (by :Firseria s.l.:)  (7544569fca356362ad330c33b9d6d37c)

1 / 68      (Adware)
avast! free antivirus.exe (by Firseria)  (82bcb22fd5662134cf6cdd9e33e83b49)

1 / 68      (Adware)
poweriso.exe (by F¡rser¡a s·l·)  (c32505ce9df70547445cf295e816f846)

1 / 68      (Adware)
windows live messenger.exe (by Firseria)  (0c9e3ebce27c2d61009e3b020e3b4bd4)

1 / 68      (Adware)
picasa.exe (by Firseria)  (9612b740a14b70538f91f1c147fba184)

1 / 68      (Adware)
google chrome.exe (by Firseria·s·l)  (9dfe0c54b776534facd3500ea5d08a95)

1 / 68      (Adware)
skype.exe (by Firseria·s·l·)  (5f7dc8aba01f3846fc438c256f91ac65)

1 / 68      (Adware)
skype.exe (by Firseria·s·l·)  (0cfbb8fa41434696c0fe53a5ad4e7244)

1 / 68      (Adware)
microsoft word.exe (by Firseria·s·l)  (b144c5260caa2c8e66a8c992fa8fd49f)

1 / 68      (Adware)
free pdf editor.exe (by Firseria·s·l)  (1ef1227e90c98df1a4853e008d997230)

1 / 68      (Adware)
the sims 2.exe (by Firseria·s·l·)  (d5b00d51fd9e9342721eb6aa88c6df94)

1 / 68      (Adware)
n5878.exe (by Firseria·s·l·)  (044b8c20b480e61884cfa5541a101e2a)

1 / 68      (Adware)
itunes.exe (by Firseria·s·l·)  (43e2da81e6f198fd163539950d320639)

1 / 68      (Adware)
itunes.exe (by Firseria·s·l·)  (3746f8119dd34c7fd04d067f98cd400e)

1 / 68      (Adware)
steam.exe (by Firseria)  (08596ed6041a386644ea8dbf1f47720a)

1 / 68      (Adware)
adobe photoshop.exe (by Firseria·s·l·)  (9e18c2dc4eb9d163e2ca5e50285bd059)

1 / 68      (Adware)
adobe photoshop.exe (by Firseria·s·l·)  (e7f363811573be6ba58c58b69f9212ce)

1 / 68      (Adware)
microsoft office 2010.exe (by Firser)  (8254b0ede8019db9547418241c9510c3)

1 / 68      (Adware)
avast! free antivirus.exe (by Firser)  (c3ac04d8c6ce479081b7a2e592764ab0)

1 / 68      (Adware)
avast! free antivirus.exe (by Firseria·s·l·)  (d0fc4b4a5edfcc5e21d63968290ad76b)

1 / 68      (Adware)
flv_media_player.exe (by Firseria)  (d43d31a27ac94fe1ad8551ef260e3068)

 
Latest 30 of 21,450 files

Downloads URLs for files signed by FIRSERIA, S.L..

1 / 68      (Adware)
http://jp.download366.info/media-go/download/.../894  (media go.exe)

1 / 68      (Adware)
http://pt.pc-file.info/microsoft-word/download/.../6086  (microsoft word.exe)

1 / 68      (Adware)
http://www.download366.info/google-talk/download/.../422  (google talk.exe)

1 / 68      (Adware)
http://www.pc-file.info/photoscape/download/.../1351  (photoscape.exe)

Top-level domains owned by FIRSERIA, S.L..

winportal.com

descargargratis.com

downloadmr.com

socdn.com

pc-file.info

download366.com

download-best-games.com

win-install.com

downloadaixeechahgho.com

The following certificate is also signed by FIRSERIA, S.L..

7658ACC15B33D93ABD5A967181DEF901  (Jul 24, 2014 to Jul 23, 2016)

The following publishers (by Authenticode signature organization name) are related.

Solimba Aplicaciones S.L.

Apps Installer S.L.

SETUPPROCESS

Firseria

Apps Installer SL

Bechiro S.L.

POPELER SYSTEM, S.L.

Popeler System sl

RAPIDDOWN

PortalProgramas

Eilio Developments sl

Eilio Developments s.l.

Eilio Developments, s.l.

* Note, the details and description above are based on the code signing digital signature issued to FIRSERIA, S.L. by Thawte, Inc. on July 23, 2013 with the serial number '73c4780fac0cd497b0778732fb8af673'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.