www.safefiles.com

MP3 Rocket Inc

Domain Information

The domain www.safefiles.com registered by MP3 Rocket Inc was initially registered in June of 2004 through Network Solutions, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Remove Malware from www.safefiles.com - Powered by Reason Core Security
Registrar:
Network Solutions, LLC

Server location:
Quebec, Canada (CA)

Create date:
Wednesday, June 23, 2004

Expires date:
Wednesday, June 23, 2021

Updated date:
Wednesday, April 16, 2014

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.J, Adware.MP3Support.J, PUP.MP3Support.V, PUP.MP3Support.P, PUP.Installer.MP3Support.P, PUP.MP3Support.N, PUP.Optional.Installer.SCCE
100.00%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy, Win32/Kryptik.BVVE (variant), Win32/InstallCore.JE.gen (variant), Win32/OpenCandy (variant), Win32/InstallCore.PL (variant)
73.17%

Trend Micro House Call
TROJ_GEN.F47V1119, TROJ_GEN.F47V1231, TROJ_GEN.F47V1214, TROJ_GEN.F47V0324, TROJ_GEN.F47V0827, TROJ_GEN.F47V0123, Suspicious_GEN.F47V0819
39.02%

K7 Gateway Antivirus
Unwanted-Program
34.15%

K7 AntiVirus
Unwanted-Program
34.15%

McAfee
Artemis!E991C5E50E26, Artemis!4D68E3F49A97, Artemis!93D7ADC6E098, Artemis!3BEFAC0D397B, Artemis!E2CAC0C06901, Artemis!DD4D58D80482, Artemis!54AF8CE7CE54, Artemis!7189732064BB, Artemis!ACC7CAA5F5E5, Artemis!A1462ABB9F46, Artemis!9B554F1BB383, Artemis!B124DE6B6AD1
31.71%

Baidu Antivirus
Adware.Win32.OpenCandy, Adware.Win32.InstallCore
31.71%

McAfee Web Gateway
Artemis!E991C5E50E26, Artemis!4D68E3F49A97, Artemis!93D7ADC6E098, Artemis!3BEFAC0D397B, Artemis!A1462ABB9F46
26.83%

Malwarebytes
PUP.Optional.Spigot.A, PUP.Optional.OpenCandy, PUP.Optional.InstallCore, PUP.Optional.Mp3Rocket
21.95%

Dr.Web
Adware.Downware.1417, Adware.OpenCandy.4, Trojan.Packed.25266, Trojan.MulDrop5.10078, Adware.OpenCandy.139
21.95%

Qihoo 360 Security
Win32/Trojan.4bc, HEUR/Malware.QVM20.Gen, Win32/Virus.Adware.f22, Win32/Trojan.8c6, Win32/Virus.Adware.94c
21.95%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1, PE:PUF.OpenCandy!1.9DE5, PE:Malware.XPACK-LNR/Heur!1.5594, PE:Malware.Gamevance!6.5B4
19.51%

Sophos
Generic PUA NF, Generic PUA KD, Generic PUA HN, Generic PUA NJ, Generic PUA BF, Generic PUA HF, Generic PUA LH, Generic PUA JB
19.51%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/InstallCore.Gen7
19.51%

Fortinet FortiGate
W32/Kryptik.BVVE!tr, Riskware/InstallCore, Riskware/OpenCandy
17.07%

The domain www.safefiles.com has been seen to resolve to the following 2 IP addresses.

November 29, 2014

February 5, 2014

File downloads found at URLs served by www.safefiles.com.

7 / 68      (PUP)
http://www.safefiles.com/.../mp3rocket.exe  (3acb19183a0b5128e41c3a08b34a378e)

2 / 68      (PUP)
http://www.safefiles.com/downloads/.../mp3rocket-pro.exe  (ea32a04cce2a081627948e880a932de4)

URL:
http://www.safefiles.com/

Web server:
Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4

Remove Malware from www.safefiles.com - Powered by Reason Core Security