home

www.roms4droid.com

Jacob Mathias

Domain Information

The domain www.roms4droid.com registered by Jacob Mathias was initially registered in January of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Mountain View, California within the United States which resides on the Google Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Sunday, January 31, 2010

Expires date:
Saturday, January 31, 2015

Updated date:
Monday, January 21, 2013

ASN:
AS15169 GOOGLE - Google Inc.

Root domain:
roms4droid.com

Whois:
1 roms4droid.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

VIPRE Antivirus
InstallCore, Trojan.Win32.Generic, Adware.Win32.InstallCore.ba, Threat.4786018, Threat.5063361, Threat.4150696
100.00%

Dr.Web
Trojan.Packed.24524, Adware.InstallCore.124
90.91%

Avira AntiVirus
APPL/InstallCore.QO.5, ADWARE/InstallCore.Gen7
81.82%

Reason Heuristics
Unnamed.Threat.19, PUP.ISfreemium.S, PUP.MaxSetup.S, PUP.MaxSetup.n, PUP.MaxSetup.s, PUP.ExtendedSetup.S, PUP.ISfreemium.f
81.82%

ESET NOD32
Win32/InstallCore.DK (variant), Win32/InstallCore.CF (variant), Win32/InstallCore.BC (variant), Win32/InstallCore.IS (variant)
72.73%

Sophos
Install Core Click run software
63.64%

Comodo Security
UnclassifiedMalware, Application.Win32.InstallCore.BWAM
54.55%

G Data
Win32.Application.InstallCore
45.45%

Norman
Kryptik.CDMO, InstallCore.RBUR, Gen:Variant.Strictor.104402
45.45%

AVG
Generic5, Adware Generic_c.DZE
45.45%

McAfee
Artemis!0692618BBE47, Artemis!8B82E66EFD59, Artemis!4BC723307C4C, Artemis!B45E3CDEC3B5
36.36%

K7 AntiVirus
Unwanted-Program
36.36%

Trend Micro House Call
TROJ_GEN.F47V1006, TROJ_GEN.F47V0911, TROJ_GEN.F47V0129, TROJ_GEN.F47V1011
36.36%

Fortinet FortiGate
W32/InstallCore.DK, Riskware/InstallCore
36.36%

Vba32 AntiVirus
Downware.InstallCore
36.36%

The domain www.roms4droid.com has been seen to resolve to the following 3 IP addresses.

184.168.221.22
ip-184-168-221-22.ip.secureserver.net
July 29, 2016

74.125.29.121
qg-in-f121.1e100.net
March 7, 2014

96.47.236.112
96.47.236.112.static.afterburst.com
December 25, 2013

File downloads found at URLs served by www.roms4droid.com.

6 / 68      (Adware)
http://www.roms4droid.com/downloader.php?romid=1143  (roms4droid_gameboy-advance_1143_extract.exe)

19 / 68    (PUP)
http://www.roms4droid.com/.../download-poke-w2.php  (pokemon_black_2_extractor.exe)

17 / 68    (Adware)
http://www.roms4droid.com/.../download-gba.php  (gba_bios_extractor.exe)

4 / 68      (Adware)
http://www.roms4droid.com/downloader.php?romid=3083  (roms4droid_gameboy-color_3083_extract.exe)

9 / 68      (PUP)
http://www.roms4droid.com/downloader.php?romid=3081  (roms4droid_gameboy-color_3081_extract.exe)

10 / 68    (Adware)
http://www.roms4droid.com/.../download-psx.php  (psx_bios_extractor.exe)

10 / 68    (Adware)
http://www.roms4droid.com/downloader.php?romid=3080  (R4D_Pokemon - Crystal Version (UE) (V1.1) [C][!].zip.exe)

10 / 68    (Adware)
http://www.roms4droid.com/downloader.php?romid=3433  (R4D_Pokemon - Blue Version (UA) [S][BF1].gb.zip.exe)

8 / 68      (Adware)
http://www.roms4droid.com/.../download-psx.php  (psx_bios_extractor.exe)

8 / 68      (Adware)
http://www.roms4droid.com/.../download-gba.php  (gba_bios_extractor.exe)

15 / 68    (PUP)
http://www.roms4droid.com/.../download-psx.php  (psx_bios_extractor.exe)

The following 10 files have been seen to comunicate with www.roms4droid.com in live environments.

TCP » 184.168.221.22:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 184.168.221.22:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 184.168.221.22:80
produpd.exe (produpd.exe by Vested Development, Inc)

TCP » 184.168.221.22:587
w.exe

TCP » 74.125.29.121:80
snackr.exe

TCP » 74.125.29.121:80
client.exe

TCP » 74.125.29.121:80
10100012.exe

TCP » 74.125.29.121:80
qupiaku.exe

TCP » 74.125.29.121:80
kukcavh.exe

TCP » 74.125.29.121:80
eenaosu.exe

URL:
http://www.roms4droid.com/

Google Analytics:
UA-19209410

Title:
“PSX ROMs, GBA ROMs, N64 ROMs, SNES ROMs - Roms4Droid”

Description:
“Download PSX ROMs, GBA ROMs, GBC ROMs, N64 ROMs, SNES ROMs”

Web server:
lighttpd/1.4.32 (PHP/5.3.3)

Facebook:
Likes:  103
Shares:  711
Comments:  126

Twitter:
Shares:  298

Compete.com:
US visitors:  19,568

Quantcast US:
Rank:  857,265

Statistics are for the previous month.

loveroms.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.