www.ezmp3s.com

MP3 Rocket Inc

Domain Information

The domain www.ezmp3s.com registered by MP3 Rocket Inc was initially registered in November of 2003 through DOMAIN.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
DOMAIN.COM, LLC

Server location:
Quebec, Canada (CA)

Create date:
Tuesday, November 25, 2003

Expires date:
Monday, November 25, 2019

Updated date:
Tuesday, November 26, 2013

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.I, PUP.MP3Support.N, PUP.MP3Support.J, PUP.MP3Support.O, PUP.MP3Support.Q, PUP.Installer.MP3Support.N, PUP.Installer.MP3Support.J, Win32.Generic.SCCE.Installer.Meta, PUP.installCore.MP3TechSupport.Installer (M), PUP.installCore.IronInst.Installer (M), PUP.MP3Rocket.Toolbar (L)
100.00%

ESET NOD32
Win32/Kryptik.BVVE (variant), Win32/Bundled.Toolbar.Ask (variant), Win32/InstallCore.UF (variant), Win32/OpenCandy.A potentially unsafe (variant)
73.68%

Dr.Web
Trojan.MulDrop5.10078, Adware.Downware.1417, Program.Unwanted.62, Adware.OpenCandy.171
31.58%

Trend Micro House Call
TROJ_GEN.F47V0324, Suspicious_GEN.F47V1223, Suspicious_GEN.F47V0413, Suspicious_GEN.F47V0418
26.32%

Fortinet FortiGate
W32/Kryptik.BVVE!tr, Riskware/InstallCore, Riskware/OpenCandy
26.32%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
26.32%

Agnitum Outpost
Trojan.Kryptik, Riskware.Agent
21.05%

McAfee
Artemis!3FE38FF4B944, Artemis!EF317EE22806, Artemis!124BFF12BC0C, Artemis!03401FFC6A8D
21.05%

K7 AntiVirus
Unwanted-Program
21.05%

K7 Gateway Antivirus
Unwanted-Program
21.05%

McAfee Web Gateway
Artemis, BehavesLike.Win32.PWSZbot.tc, BehavesLike.Win32.AdwareAmonetize.tc
21.05%

Sophos
Generic PUA CH, Generic PUA JB
21.05%

Malwarebytes
PUP.Optional.Spigot.A
15.79%

Zillya! Antivirus
Trojan.Kryptik.Win32.805012, Downloader.Agent.Win32.260269
15.79%

VIPRE Antivirus
Trojan.Win32.Generic
15.79%

The domain www.ezmp3s.com has been seen to resolve to the following 2 IP addresses.

August 22, 2016

April 16, 2014

File downloads found at URLs served by www.ezmp3s.com.

10 / 68    (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (4a4a32dac4e6bff94a8758d0133b7a0d)

24 / 68    (Adware)
http://www.ezmp3s.com/.../mp3rocket.exe  (78f3126e103daa6563f3bc4339e98887)

1 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (bf7f697635e02a4079177df0f65c7788)

31 / 68    (Adware)
http://www.ezmp3s.com/.../mp3rocket.exe  (124bff12bc0c8ef5933e5d2e6c9c30e3)

1 / 68      (PUP)
http://www.ezmp3s.com/downloads/.../mp3rocket-pro.exe  (6513fde459fb439264d47540274a7bc5)

12 / 68    (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (3fe38ff4b944c0c8786aaccdecfb2e9e)

5 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (7f7dd60ab8a2108c88ad15ab787eaf0c)

2 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (d0644c0b169c5054472cfd8242f8305d)

1 / 68      (Adware)

11 / 68    (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (5b24d78c05d608749946e730298e19cc)

3 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (aa7928868fa024477d313097dafb3deb)

2 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (de3d5c44f6dc7ef864746c75916673d4)

2 / 68      (PUP)

2 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (dedcaeb5bf1a65fd8a64aa72e78cedcb)

2 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (06cc5b20127a2e14a054b363ff7f310b)

4 / 68      (PUP)
http://www.ezmp3s.com/.../mp3rocket.exe  (57d1b4d15c8e71be6e7cfcd60ae1ee86)

2 / 68      (PUP)
http://www.ezmp3s.com/downloads/.../setup-ziggytv.exe  (28018e58f8898ed7736f856470243547)

1 / 68      (PUP)
http://www.ezmp3s.com/downloads/.../mp3rocket-pro.exe  (beb269e7e56c780484c7859cb6492f17)

8 / 68      (PUP)

URL:
http://www.ezmp3s.com/

Web server:
Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4