www.roms4droid.com

Jacob Mathias

Domain Information

The domain www.roms4droid.com registered by Jacob Mathias was initially registered in January of 2010 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Mountain View, California within the United States which resides on the Google Inc. network.
Remove Malware from www.roms4droid.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Sunday, January 31, 2010

Expires date:
Saturday, January 31, 2015

Updated date:
Monday, January 21, 2013

ASN:
AS15169 GOOGLE - Google Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

VIPRE Antivirus
InstallCore, Trojan.Win32.Generic, Adware.Win32.InstallCore.ba, Threat.4786018, Threat.5063361
100.00%

Dr.Web
Trojan.Packed.24524, Adware.InstallCore.124
90.00%

Avira AntiVirus
APPL/InstallCore.QO.5, ADWARE/InstallCore.Gen7
90.00%

ESET NOD32
Win32/InstallCore.DK (variant), Win32/InstallCore.CF (variant), Win32/InstallCore.BC (variant), Win32/InstallCore.IS (variant)
80.00%

Reason Heuristics
Unnamed.Threat.19, PUP.ISfreemium.S, PUP.MaxSetup.S, PUP.MaxSetup.n, PUP.MaxSetup.s, PUP.ExtendedSetup.S, PUP.ISfreemium.f
80.00%

Sophos
Install Core Click run software
70.00%

Comodo Security
UnclassifiedMalware, Application.Win32.InstallCore.BWAM
60.00%

G Data
Win32.Application.InstallCore
50.00%

McAfee
Artemis!0692618BBE47, Artemis!8B82E66EFD59, Artemis!4BC723307C4C, Artemis!B45E3CDEC3B5
40.00%

K7 AntiVirus
Unwanted-Program
40.00%

K7 Gateway Antivirus
Unwanted-Program
40.00%

Trend Micro House Call
TROJ_GEN.F47V1006, TROJ_GEN.F47V0911, TROJ_GEN.F47V0129, TROJ_GEN.F47V1011
40.00%

Fortinet FortiGate
W32/InstallCore.DK, Riskware/InstallCore
40.00%

Norman
Kryptik.CDMO, InstallCore.RBUR
40.00%

AVG
Generic5
40.00%

The domain www.roms4droid.com has been seen to resolve to the following 2 IP addresses.

qg-in-f121.1e100.net
March 7, 2014

96.47.236.112.static.afterburst.com
December 25, 2013

File downloads found at URLs served by www.roms4droid.com.

23 / 68    (PUP)
http://www.roms4droid.com/.../download-poke-w2.php  (pokemon_black_2_extractor.exe)

19 / 68    (Adware)

4 / 68      (Adware)
http://www.roms4droid.com/downloader.php?romid=3083  (roms4droid_gameboy-color_3083_extract.exe)

11 / 68    (PUP)
http://www.roms4droid.com/downloader.php?romid=3081  (roms4droid_gameboy-color_3081_extract.exe)

11 / 68    (Adware)

10 / 68    (Adware)
http://www.roms4droid.com/downloader.php?romid=3080  (R4D_Pokemon - Crystal Version (UE) (V1.1) [C][!].zip.exe)

10 / 68    (Adware)
http://www.roms4droid.com/downloader.php?romid=3433  (R4D_Pokemon - Blue Version (UA) [S][BF1].gb.zip.exe)

8 / 68      (Adware)

9 / 68      (Adware)

17 / 68    (PUP)

The following 6 files have been seen to comunicate with www.roms4droid.com in live environments.

URL:
http://www.roms4droid.com/

Google Analytics:
UA-19209410

Title:
“PSX ROMs, GBA ROMs, N64 ROMs, SNES ROMs - Roms4Droid”

Description:
“Download PSX ROMs, GBA ROMs, GBC ROMs, N64 ROMs, SNES ROMs”

Web server:
lighttpd/1.4.32 (PHP/5.3.3)

Facebook:
Likes:  103
Shares:  711
Comments:  126

Twitter:
Shares:  298

Compete.com:
US visitors:  19,568

Quantcast US:
Rank:  857,265

Statistics are for the previous month.

Remove Malware from www.roms4droid.com - Powered by Reason Core Security