file.xmusic.me

Private Person  (Proxy Registrant)

Domain Information

The domain file.xmusic.me is registered by proxy through 1API GmbH R17-ME (1387) and was originally registered in September of 2012. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dmitrov, Moskva within Russia which resides on the RIPE Network Coordination Centre network.
Remove Malware from file.xmusic.me - Powered by Reason Core Security
Registrar:
1API GmbH R17-ME (1387)

Server location:
Moskva, Russia (RU)

Create date:
Wednesday, September 19, 2012

Expires date:
Tuesday, September 19, 2023

Updated date:
Sunday, January 25, 2015

ASN:
AS42244 ESERVER Hosting Operator eServer.ru Ltd.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Avira AntiVirus
ADWARE/Adware.Gen2, Adware/Amonetize.519376.14
100.00%

ESET NOD32
Win32/Amonetize (variant), Win32/Amonetize.BW (variant), Win32/Amonetize.BP (variant)
100.00%

Reason Heuristics
PUP.Installer.Amonetizeltd.GG, PUP.Installer.Amonetizeltd.Z, PUP.Installer.ShetefSolutionsConsulting1998.X, PUP.Installer.ShetefSolutionsConsulting1998.d
100.00%

Malwarebytes
PUP.Optional.Amonetize.A
80.00%

Trend Micro House Call
TROJ_GEN.F47V0925, TROJ_GEN.F47V0918, TROJ_GEN.R02SH09JR14, TROJ_GEN.R0C1H09KJ14
80.00%

Sophos
Amonetize, Generic PUA JG
80.00%

Dr.Web
Adware.Downware.1528, Adware.Downware.1339, Adware.Downware.8868
80.00%

VIPRE Antivirus
Amonetize, Threat.4150696
60.00%

MicroWorld eScan
Gen:Variant.Graftor.161218, Gen:Variant.Adware.Strictor.68509
60.00%

McAfee
Artemis!B930966C993E, Artemis!D1C36B0C77B6, Artemis!C103D14E313D
60.00%

avast!
Win32:Amonetize-FM [PUP], Win32:Amonetize-GA [PUP]
60.00%

Bitdefender
Gen:Variant.Graftor.161610, Gen:Variant.Adware.Strictor.68509
60.00%

Lavasoft Ad-Aware
Gen:Variant.Graftor.161610, Gen:Variant.Adware.Strictor.68509
60.00%

F-Secure
Gen:Variant.Graftor.161610, Gen:Variant.Adware.Strictor.68509
60.00%

McAfee Web Gateway
BehavesLike.Win32.Downloader.hc, BehavesLike.Win32.BadFile.gh
60.00%

The domain file.xmusic.me has been seen to resolve to the following 2 IP addresses.

May 3, 2015

March 14, 2014

File downloads found at URLs served by file.xmusic.me.

11 / 68    (Adware)
http://file.xmusic.me/mp3/226904326/30089895/1318719527/.../Ylvis_-_The_Fox_(xMusic.me).mp3  (windows8.1productkeyfinderpremiumv13.09.8final__2827_il416069.exe)

22 / 68    (Adware)
http://file.xmusic.me/mp3/67914742/9252008/1047646324/.../Jimi_Hendrix_-_Wild_Thing_(xMusic.me).mp3  (dnd 4th character builder full downloader__3687_i1408312073_il569884.exe)

25 / 68    (Adware)

URL:
http://file.xmusic.me/

Google Analytics:
UA-36137980

Title:
“Популярные песни - Прослушать музыку бесплатно, быстрый поиск музыки, zaycev.net, онлайн радио, cкачать mp3 бесплатно, онлайн mp3 - xMusic.me”

Description:
“AronChupa - I'm an Albatraoz Royksopp - Here She Comes Again (Dj Antonio Remix) Егор КридKReeD - Невеста Батыр Шукенов - Мне Поможет Весна Hozier - Take Me to Church Hozier - Take Me To Chur 2k2”

SSL certificate subject:
CN=4ip.pw, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
nginx

Remove Malware from file.xmusic.me - Powered by Reason Core Security