www.safefiles.net

MP3 Rocket Inc

Domain Information

The domain www.safefiles.net registered by MP3 Rocket Inc was initially registered in March of 2006 through Network Solutions, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Remove Malware from www.safefiles.net - Powered by Reason Core Security
Registrar:
Network Solutions, LLC

Server location:
Quebec, Canada (CA)

Create date:
Thursday, March 30, 2006

Expires date:
Tuesday, March 30, 2021

Updated date:
Wednesday, April 16, 2014

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.MP3Support.J, PUP.Installer.MP3Support.P, PUP.MP3Support.X, PUP.MP3Support.Q, PUP.MP3Support.J, PUP.MP3Support.N, PUP.Installer.MP3Support.U, PUP.installCore.MP3TechSupport.Installer (M), Win32.Generic.SCCE.Installer.Meta
95.92%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy (variant), Win32/InstallCore.PO (variant), Win32/InstallCore.PL (variant), Win32/OpenCandy.A potentially unsafe (variant)
67.35%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
44.90%

K7 Gateway Antivirus
Unwanted-Program
42.86%

K7 AntiVirus
Unwanted-Program
42.86%

Trend Micro House Call
TROJ_GEN.F47V1231, TROJ_GEN.F47V1008, Suspicious_GEN.F47V0714, Suspicious_GEN.F47V0805, Suspicious_GEN.F47V0731, Suspicious_GEN.F47V0814
38.78%

Fortinet FortiGate
Riskware/InstallCore, HTML/Redirector.BK!tr, Riskware/OpenCandy
32.65%

Dr.Web
Win32.Sector.21, Adware.OpenCandy.4, Adware.Downware.1417, Adware.OpenCandy.144, Adware.OpenCandy.155, Adware.Downware.2220
30.61%

McAfee Web Gateway
Artemis!93D7ADC6E098, Adware-OneStep.l, Artemis!PUP, BehavesLike.Win32.PUP.tc, BehavesLike.Win32.AdwareAmonetize.tc
30.61%

McAfee
Artemis!93D7ADC6E098, Adware-OneStep.l, Artemis!DD4D58D80482, Artemis!7189732064BB, Artemis!9B554F1BB383, Artemis!3FE38FF4B944, Artemis!AE2810AABD2E, Artemis!004ECCB931B7, Artemis!57972EA1C2B2
28.57%

Avira AntiVirus
W32/Sality.AT, Adware/InstallCore.A.433, ADWARE/InstallCore.Gen9, PUA/DownloadAdmin.Gen, PUA/OpenCandy.Gen
26.53%

Sophos
Generic PUA FP, Generic PUA NF, Generic PUA HN, Generic PUA BF, Generic PUA CH, Generic PUA JB
26.53%

VIPRE Antivirus
Opencandy, Trojan.Win32.Generic
24.49%

Agnitum Outpost
Riskware.OpenCandy, Riskware.Agent
20.41%

AVG
Generic
20.41%

The domain www.safefiles.net has been seen to resolve to the following IP address.

February 6, 2014

File downloads found at URLs served by www.safefiles.net.

5 / 68      (PUP)
http://www.safefiles.net/.../mp3rocket.exe  (90efdc94cda884075498c9f9828de422)

2 / 68      (PUP)
http://www.safefiles.net/downloads/.../mp3rocket-pro.exe  (dd497a78ca3d5f194985b5396cff01da)

3 / 68      (PUP)

1 / 68      (PUP)

URL:
http://www.safefiles.net/

Web server:
Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4

Remove Malware from www.safefiles.net - Powered by Reason Core Security