www.rocketbackups.com

MP3 Rocket Inc

Domain Information

The domain www.rocketbackups.com registered by MP3 Rocket Inc was initially registered in May of 2013 through REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Remove Malware from www.rocketbackups.com - Powered by Reason Core Security
Registrar:
REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER

Server location:
Quebec, Canada (CA)

Create date:
Friday, May 03, 2013

Expires date:
Wednesday, May 03, 2023

Updated date:
Monday, May 13, 2013

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.Q, PUP.Installer.MP3Support.J, PUP.Optional.Installer.SCCE, Threat.Installer.SCCE, Win32.Generic.Installer.SCCE.Meta, PUP.installCore.MP3TechSupport.Installer (M), Win32.Generic.SCCE.Installer.Meta
100.00%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
74.00%

ESET NOD32
Win32/InstallCore.UF (variant), Win32/InstallCore.RG (variant), Win32/InstallCore.WE (variant), Win32/OpenCandy.A potentially unsafe (variant), Win32/OpenCandy.E potentially unsafe (variant)
72.00%

K7 AntiVirus
Unwanted-Program
70.00%

K7 Gateway Antivirus
Unwanted-Program
70.00%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
66.00%

Dr.Web
Adware.OpenCandy.139, Adware.OpenCandy.144, Adware.OpenCandy.154, Adware.OpenCandy.155, Adware.OpenCandy.163, Adware.OpenCandy.171
64.00%

McAfee Web Gateway
Artemis, Artemis!PUP, BehavesLike.Win32.AdwareAmonetize.tc, BehavesLike.Win32.Suspicious.tc, BehavesLike.Win32.PWSZbot.tc
60.00%

McAfee
Artemis!3FE38FF4B944, Artemis!DDC73152F455, Artemis!B85103C12331, Artemis!73B537D1E288, Artemis!6321344358BB, Artemis!34200D3C38EB, Artemis!9826B77FC5A8, Artemis!004ECCB931B7, Artemis!57972EA1C2B2, Artemis!26F4F093AD68, Artemis!31D2AE687345
58.00%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
58.00%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy
58.00%

AVG
Generic
56.00%

Trend Micro House Call
Suspicious_GEN.F47V1223, Suspicious_GEN.F47V0107, Suspicious_GEN.F47V0126, Suspicious_GEN.F47V0429, Suspicious_GEN.F47V0418
48.00%

Sophos
Generic PUA CH, Generic PUA HF, Generic PUA AI, Generic PUA LA, Generic PUA JB
48.00%

Agnitum Outpost
Riskware.Agent
44.00%

The domain www.rocketbackups.com has been seen to resolve to the following 2 IP addresses.

August 27, 2015

April 26, 2014

File downloads found at URLs served by www.rocketbackups.com.

24 / 68    (Adware)
http://www.rocketbackups.com/.../mp3rocket.exe  (622360fff0a4b6c4f63d692ed22b8aff)

2 / 68      (PUP)

URL:
http://www.rocketbackups.com/

Web server:
Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4

Remove Malware from www.rocketbackups.com - Powered by Reason Core Security