www.htchome.org

N/A

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Moscow, Moscow City within Russia which resides on the RIPE Network Coordination Centre network.
Remove Malware from www.htchome.org - Powered by Reason Core Security
Registrar:
DomainContext, Inc. (R1744-LROR)

Server location:
Moscow City, Russia (RU)

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Trend Micro House Call
ADW_TOMOS, TROJ_SPNR.3ABM15, Suspicious_GEN.F47V0418
100.00%

ESET NOD32
Win32/Somoto, Win32/Somoto.Q potentially unwanted
100.00%

K7 AntiVirus
Unwanted-Program , Trojan
66.67%

K7 Gateway Antivirus
Unwanted-Program , Trojan
66.67%

Trend Micro
ADW_TOMOS, TROJ_SPNR.3ABM15
66.67%

Sophos
Somoto BetterInstaller, Mal/Generic-S
66.67%

Kaspersky
not-a-virus:Downloader.NSIS.Agent, Trojan.Win32.Badur
66.67%

Fortinet FortiGate
Riskware/Somoto, W32/Badur.Q!tr
66.67%

McAfee
Artemis!2CC0802F80F1, Artemis!CDB0227BA266
66.67%

Bkav FE
W32.Clod0fa.Trojan
33.33%

Malwarebytes
PUP.Optional.Somoto
33.33%

NANO AntiVirus
Trojan.Win32.Agent.cruvhh
33.33%

F-Prot
W32/SomotoBetterInstaller.A
33.33%

avast!
Win32:Somoto-F [PUP]
33.33%

Clam AntiVirus
Adware.Somoto-1
33.33%

The domain www.htchome.org has been seen to resolve to the following 3 IP addresses.

July 16, 2015

July 16, 2015

seorim.ru
January 22, 2014

File downloads found at URLs served by www.htchome.org.

10 / 68    (PUP)
http://www.htchome.org/jegUS  (htchome31setup.exe)

5 / 68      (PUP)
http://www.htchome.org/jegUS  (htchome_setup.exe)

24 / 68    (Adware)
http://www.htchome.org/jegUS  (htchome_setup.exe)

The following file have been seen to comunicate with www.htchome.org in live environments.

URL:
http://www.htchome.org/

Google Analytics:
UA-20437684

Title:
“HTC Home 3 - is a free weather widget for Windows”

Description:
“Official web-site HTC Home 3”

SSL certificate subject:
CN=sni81602.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx (PHP/5.5.9-1ubuntu4.5)

Facebook:
Likes:  647
Shares:  489
Comments:  193

Statistics are for the previous month.

Remove Malware from www.htchome.org - Powered by Reason Core Security