facecores.com

hwuaye

Domain Information

The domain facecores.com registered by hwuaye was initially registered in November of 2013 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from facecores.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Wednesday, November 20, 2013

Expires date:
Thursday, November 20, 2014

Updated date:
Wednesday, November 20, 2013

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.F47V1214, TROJ_GEN.F47V0318, TROJ_GEN.R0CBH07CB14
100.00%

Trend Micro
ADW_CORES, ADW_ADPLUG
100.00%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-PKR.S, Artemis!74A973CB233C, Artemis!BCFA63EF9F40
100.00%

MicroWorld eScan
Trojan.GenericKD.1608312, Adware.Generic.906744
66.67%

nProtect
Trojan.GenericKD.1608312, Trojan-Clicker/W32.PimpMyWindow.1381376
66.67%

McAfee
Artemis!74A973CB233C, Artemis!BCFA63EF9F40
66.67%

avast!
Win32:Dropper-gen [Drp], Win32:PUP-gen [PUP]
66.67%

Bitdefender
Trojan.GenericKD.1608312, Adware.Generic.906744
66.67%

Lavasoft Ad-Aware
Trojan.GenericKD.1608312, Adware.Generic.906744
66.67%

F-Secure
Trojan.GenericKD.1608312, Adware.Generic.906744
66.67%

Kingsoft AntiVirus
Win32.Troj.GenericKD.v.(kcloud), Win32.Troj.PimpMyWindow.j.(kcloud)
66.67%

G Data
Trojan.GenericKD.1608312, Adware.Generic.906744
66.67%

Baidu Antivirus
PUA.Win32.Agent, Adware.Win32.PimpMyWindow
66.67%

Reason Heuristics
Threat.Win.Reputation.IMP
66.67%

Quick Heal
AdWare.PimpMyWindow.g3 (Not a Virus)
66.67%

The domain facecores.com has been seen to resolve to the following 2 IP addresses.

ip-50-63-202-85.ip.secureserver.net
April 30, 2014

March 14, 2014

File downloads found at URLs served by facecores.com.

36 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (74a973cb233ccef7c252cc06e466ad68)

34 / 68    (PUP)
http://facecores.com/.../appcolor.exe  (7fb498f6e1e8c2784102fa594ca1ca41)

4 / 68
http://facecores.com/.../appcoresfacebook.exe  (5b3142afa1ad6a3c4d2bba05a71c27b1)

The following file have been seen to comunicate with facecores.com in live environments.

URL:
http://facecores.com/

Google Analytics:
UA-48205950

Description:
“Cansado do azul de sempre do seu face? Face Colorido permite você mudar para sua cor preferida!”

Web server:
Microsoft-IIS/7.5

Alexa:
Global rank:  4,455,175
Backlinks:  1

Statistics above are for the previous month of August 2015.

Remove Malware from facecores.com - Powered by Reason Core Security