apps.foxtab.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain apps.foxtab.com is registered by proxy through GODADDY.COM, LLC and was originally registered in September of 2008. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Ashburn, Virginia within the United States which resides on the Amazon.com, Inc. network. The domain uses the Amazon Web Services (AWS) cloud computing platform.
Remove Malware from apps.foxtab.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Virginia, United States (US)

Create date:
Saturday, September 06, 2008

Expires date:
Friday, September 06, 2019

Updated date:
Sunday, January 05, 2014

ASN:
AS14618 AMAZON-AES - Amazon.com, Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Malwarebytes
Adware.Agent, PUP.Adware.InstallCore, PUP.Optional.InstallCore.A, Affiliate.Downloader
80.00%

VIPRE Antivirus
Trojan.Win32.Generic, InstallCore.b
80.00%

Avira AntiVirus
ADWARE/InstallCore.Gen, ADWARE/InstallCore.Gen9, PUA/InstallCore.Gen
80.00%

Sophos
Install Core Installer, Troj/Agent-TTL, Install Core Click run software, Install Core Installer (PUA)
80.00%

ESET NOD32
Win32/SweetIM (variant), Win32/InstallCore, Win32/InstallCore (variant), Win32/InstallCore.JW (variant), Win32/InstallCore.D potentially unwanted (variant)
80.00%

Reason Heuristics
PUP.Installer.IronSource.P, PUP.Installer.InstallCoreCTechnologies.R, PUP.Installer.ADLSoft.O, Threat.Win.Reputation.IMP, PUP.installCore.MusicConverterT.Installer (M), PUP.installCore.VideoConverterTechnologies.Installer (M), PUP.installCore.ClickRunSoftware.Installer (M)
80.00%

F-Prot
W32/InstallCore.I.gen, W32/Agent.MC.gen
60.00%

Comodo Security
ApplicUnwnt.Win32.AdWare.InstallCore.1, Heur.Suspicious, ApplicUnwnt.Win32.AdWare.InstallCore.0
60.00%

Dr.Web
Adware.InstallCore.39, Trojan.Packed.24524, Adware.InstallCore.5, Trojan.InstallCore.941, Adware.InstallCore.14, Trojan.DownLoader4.50291
60.00%

Fortinet FortiGate
Riskware/InstallCore.AAAA, W32/Agent.TTL!tr, Adware/InstallCore.C
60.00%

McAfee
Artemis!E83F9AD00251, Artemis!1D54A908FCCB, RDN/Generic PUP.x!bhh, Artemis!22D18A6CE31A, Artemis!41A24C1155E0
50.00%

avast!
Win32:InstallCore-BA [PUP], Win32:InstallCore-HF [PUP], Win32:PUP-gen [PUP], Win32:InstallCore-F [PUP]
50.00%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-PKR.G, Heuristic.BehavesLike.Win32.Suspicious-BAY.K, Artemis!PUP, BehavesLike.Win32.Ramnit.th
50.00%

Baidu Antivirus
Trojan.Win32.Agent, Adware.Win32.InstallCore
50.00%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Adware
50.00%

The domain apps.foxtab.com has been seen to resolve to the following 3 IP addresses.

ec2-107-21-94-174.compute-1.amazonaws.com
January 8, 2014

ec2-107-21-215-95.compute-1.amazonaws.com
January 8, 2014

ec2-23-23-97-79.compute-1.amazonaws.com
January 8, 2014

File downloads found at URLs served by apps.foxtab.com.

1 / 68      (Adware)
http://apps.foxtab.com/.../FLVPlayerSetup.exe  (950975226b1c664cc0bcf71078e9bc96)

21 / 68    (PUP)
http://apps.foxtab.com/RC/.../VideoConverterSetup.exe  (41a24c1155e06caceede102a9b56d7ea)

1 / 68      (Adware)
http://apps.foxtab.com/.../MusicConverterSetup.exe  (59c90f8b15f289d5d3b7c4a78d1492ba)

30 / 68    (Adware)
http://apps.foxtab.com/RC/.../VideoConverterSetup.exe  (1f2706b8211fff0ff5e8a7c7c5b7e36b)

22 / 68    (Adware)
http://apps.foxtab.com/prod/.../VideoToMp3Setup.exe  (22d18a6ce31a7479f5bac0180bfde6ce)

24 / 68    (PUP)
http://apps.foxtab.com/RC//.../VideoConverterSetup.exe  (45b869b355451b3ef37f4eb8a4347d0b)

16 / 68    (Adware)
http://apps.foxtab.com/.../PDFConverterSetup.exe  (2c371fae5575b4365c1aa0f17273076d)

14 / 68    (Adware)
http://apps.foxtab.com/RC/.../FlvPlayerSetup.exe  (46be55a3217e57c73ed2cfd50962c1ec)

29 / 68    (Adware)
http://apps.foxtab.com/RC/.../VideoToMP3Setup.exe  (1d54a908fccbf02c58b5af64a1ba3815)

12 / 68    (PUP)
http://apps.foxtab.com/.../PDFConverterSetup.exe  (e83f9ad002519eb463d000b29727fefb)

URL:
http://apps.foxtab.com/

Network:
Amazon Web Services (AWS), running an EC2 instance

Web server:
Microsoft-IIS/7.0

Compete.com:
US visitors:  1,007

Statistics are for the previous month.

Remove Malware from apps.foxtab.com - Powered by Reason Core Security