home

www.safefiles.net

MP3 Rocket Inc

Domain Information

The domain www.safefiles.net registered by MP3 Rocket Inc was initially registered in March of 2006 through Network Solutions, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
Network Solutions, LLC

Server location:
Quebec, Canada (CA)

Create date:
Thursday, March 30, 2006

Expires date:
Tuesday, March 30, 2021

Updated date:
Wednesday, April 16, 2014

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.

Root domain:
safefiles.net

Whois:
3 safefiles.net records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.MP3Support.N, PUP.MP3Support.J, PUP.MP3Support.O, PUP.MP3Support.N, PUP.Installer.MP3Support.J, PUP.Statscom.O, PUP.installCore.MP3TechSupport.Installer (M), PUP.MP3Support.Installer (M), Win32.Generic.SCCE.Installer.Meta, PUP.InstallCore.RES (M), PUP.installCore.MP3TechS.Installer (M), PUP (M)
100.00%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/DownloadAdmin (variant), Win32/InstallCore.PQ (variant), Win32/InstallCore.RG (variant), Win32/OpenCandy.E potentially unsafe (variant)
58.00%

Baidu Antivirus
Adware.Win32.DownloadAdmin, Adware.Win32.InstallCore, Adware.Win32.OpenCandy
54.00%

K7 AntiVirus
Unwanted-Program
52.00%

Dr.Web
Adware.Downware.1417, Program.Unwanted.62, Trojan.Packed.25266, Trojan.DownLoader11.33656, Adware.OpenCandy.154, Adware.OpenCandy.155
50.00%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
48.00%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy
44.00%

Trend Micro House Call
TROJ_GEN.F47V0820, TROJ_GEN.F47V0123, Suspicious_GEN.F47V0109, Suspicious_GEN.F47V1231, Suspicious_GEN.F47V1229, Suspicious_GEN.F47V1227
38.00%

McAfee
Artemis!7AAF716128A2, Artemis!ACC7CAA5F5E5, Artemis!1D173EB422B4, Artemis!B152001FF875, Artemis!34200D3C38EB, Artemis!09672008FF00, Artemis!6040E30462D3, Artemis!997BFFD78835
38.00%

Sophos
Generic PUA DO, Generic PUA NJ, Generic PUA LM, Generic PUA LH, Generic PUA HJ, Generic PUA JB, Generic PUA CP
38.00%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
38.00%

AVG
Generic
36.00%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/Adware.Gen, ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen9, PUA/OpenCandy.Gen
32.00%

SUPERAntiSpyware
PUP.InstallCore/Variant, PUP.MP3Rocket/Variant
32.00%

Agnitum Outpost
Riskware.Agent
26.00%

The domain www.safefiles.net has been seen to resolve to the following 2 IP addresses.

198.72.100.89
September 2, 2016

174.142.5.87
February 6, 2014

File downloads found at URLs served by www.safefiles.net.

1 / 68      (PUP)
http://www.safefiles.net/downloads/rockettorrents/.../RocketTorrents-Win-pro.exe  (3a03b6ce4c9e8aff757d4fe27638f104)

1 / 68      (Adware)
http://www.safefiles.net/.../mp3rocket.exe  (8d3c3b31dad0275328bd656871d333a6)

3 / 68      (PUP)
http://www.safefiles.net/downloads/.../mp3rocket-pro.exe  (6c9dfa430a86d8722c5fd665c48a7165)

2 / 68      (PUP)
http://www.safefiles.net/downloads/.../setup-ziggytv.exe  (28018e58f8898ed7736f856470243547)

URL:
http://www.safefiles.net/

Web server:
Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4

mp3rocket.com

mp3rocket.me

free-music-downloads.cc

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.