www.mp3rocket.me

Paschal Rousseau

Domain Information

The domain www.mp3rocket.me registered by Paschal Rousseau was initially registered in September of 2010 through Key-Systems GmbH R44-ME. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the Netelligent Hosting Services Inc. network.
Remove Malware from www.mp3rocket.me - Powered by Reason Core Security
Registrar:
Key-Systems GmbH R44-ME (269)

Server location:
Quebec, Canada (CA)

Create date:
Tuesday, September 28, 2010

Expires date:
Tuesday, September 28, 2021

Updated date:
Wednesday, March 21, 2012

ASN:
AS10929 NETELLIGENT - Netelligent Hosting Services Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.J, PUP.Installer.MP3Support.L, PUP.MP3Support.M, PUP.Installer.MP3Support.P, PUP.Installer.MP3Support.J, PUP.Optional.Installer.SCCE, Win32.Generic.Installer.SCCE.Meta, Win32.Generic.SCCE.Installer.Meta, PUP.installCore.MP3TechSupport.Installer (M)
100.00%

ESET NOD32
Win32/OpenCandy (variant), Win32/InstallCore.PY (variant), Win32/InstallCore.OZ (variant), Win32/InstallCore.UF (variant), Win32/OpenCandy.A potentially unsafe (variant), Win32/OpenCandy.E potentially unsafe (variant)
82.98%

Trend Micro House Call
Suspicious_GEN.F47V0911, Suspicious_GEN.F47V1124, Suspicious_GEN.F47V1223, Suspicious_GEN.F47V0107, Suspicious_GEN.F47V1231, Suspicious_GEN.F47V0124, Suspicious_GEN.F47V0418
70.21%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
65.96%

McAfee
Artemis!DD4D58D80482, Artemis!A900944E7CCD, Artemis!077D63B36085, Artemis!3FE38FF4B944, Artemis!B85103C12331, Artemis!B152001FF875, Artemis!16984365EF68, Artemis!EA0B4C903A48, Artemis!73B537D1E288, Artemis!EF317EE22806, Artemis!6321344358BB, Artemis!881710870ED5, Artemis!26F4F093AD68
63.83%

Sophos
Generic PUA NF, Install Core, Generic PUA CH, Generic PUA AI, Generic PUA LM, Generic PUA JO, Generic PUA LH, Generic PUA PO
59.57%

McAfee Web Gateway
Artemis, Artemis!A900944E7CCD, Artemis!PUP, BehavesLike.Win32.PWSZbot.tc, BehavesLike.Win32.AdwareAmonetize.tc
57.45%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
57.45%

K7 AntiVirus
Unwanted-Program
53.19%

K7 Gateway Antivirus
Unwanted-Program , Trojan
51.06%

Dr.Web
Trojan.Packed.25266, Adware.OpenCandy.139, Adware.OpenCandy.141, Adware.OpenCandy.144, Adware.OpenCandy.154, Adware.OpenCandy.163
48.94%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy
42.55%

Agnitum Outpost
Riskware.Agent
38.30%

Kaspersky
not-a-virus:Downloader.Win32.Agent
36.17%

Bkav FE
W32.HfsAdware
34.04%

The domain www.mp3rocket.me has been seen to resolve to the following 4 IP addresses.

November 29, 2014

February 7, 2014

mail.mp3rocket.me
February 7, 2014

February 7, 2014

File downloads found at URLs served by www.mp3rocket.me.

24 / 68    (Adware)
http://www.mp3rocket.me/.../mp3rocket.exe  (78f3126e103daa6563f3bc4339e98887)

21 / 68    (Adware)

22 / 68    (PUP)

2 / 68      (PUP)
http://www.mp3rocket.me/.../mp3rocket_2.exe  (ed33c742f028df6338c20e7e5694a633)

7 / 68      (PUP)
http://www.mp3rocket.me/downloads/.../mp3rocket-pro.exe  (ea0b4c903a48f064dd7140ffdde4f060)

7 / 68      (PUP)
http://www.mp3rocket.me/.../mp3rocket_is.exe  (a900944e7ccdf250588d26e76c1a05db)

URL:
http://www.mp3rocket.me/

Title:
“MP3 Rocket Download YouTube to mp3 conversion done right”

Web server:
Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4

Facebook:
Likes:  42,569
Shares:  353,124
Comments:  9,742

Statistics are for the previous month.

Remove Malware from www.mp3rocket.me - Powered by Reason Core Security