www.safefiles.net

MP3 Rocket Inc

Domain Information

The domain www.safefiles.net registered by MP3 Rocket Inc was initially registered in March of 2006 through Network Solutions, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
Network Solutions, LLC

Server location:
Quebec, Canada (CA)

Create date:
Thursday, March 30, 2006

Expires date:
Tuesday, March 30, 2021

Updated date:
Wednesday, April 16, 2014

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.MP3Support.N, PUP.MP3Support.J, PUP.MP3Support.O, PUP.MP3Support.N, PUP.Installer.MP3Support.J, PUP.Statscom.O, PUP.installCore.MP3TechSupport.Installer (M), PUP.MP3Support.Installer (M), Win32.Generic.SCCE.Installer.Meta, PUP.InstallCore.RES (M), PUP.installCore.MP3TechS.Installer (M), PUP (M)
100.00%

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/DownloadAdmin (variant), Win32/InstallCore.PQ (variant), Win32/InstallCore.RG (variant), Win32/OpenCandy.E potentially unsafe (variant)
58.00%

Baidu Antivirus
Adware.Win32.DownloadAdmin, Adware.Win32.InstallCore, Adware.Win32.OpenCandy
54.00%

K7 AntiVirus
Unwanted-Program
52.00%

Dr.Web
Adware.Downware.1417, Program.Unwanted.62, Trojan.Packed.25266, Trojan.DownLoader11.33656, Adware.OpenCandy.154, Adware.OpenCandy.155
50.00%

K7 Gateway Antivirus
Unwanted-Program
48.00%

Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
48.00%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy
44.00%

McAfee Web Gateway
BehavesLike.Win32.Downloader.cc, Artemis, Artemis!PUP, BehavesLike.Win32.AdwareAmonetize.tc, BehavesLike.Win32.Suspicious.tc
40.00%

Trend Micro House Call
TROJ_GEN.F47V0820, TROJ_GEN.F47V0123, Suspicious_GEN.F47V0109, Suspicious_GEN.F47V1231, Suspicious_GEN.F47V1229, Suspicious_GEN.F47V1227
38.00%

McAfee
Artemis!7AAF716128A2, Artemis!ACC7CAA5F5E5, Artemis!1D173EB422B4, Artemis!B152001FF875, Artemis!34200D3C38EB, Artemis!09672008FF00, Artemis!6040E30462D3, Artemis!997BFFD78835
38.00%

Sophos
Generic PUA DO, Generic PUA NJ, Generic PUA LM, Generic PUA LH, Generic PUA HJ, Generic PUA JB, Generic PUA CP
38.00%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
38.00%

AVG
Generic
36.00%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/Adware.Gen, ADWARE/InstallCore.Gen7, PUA/InstallCore.Gen9, PUA/OpenCandy.Gen
32.00%

The domain www.safefiles.net has been seen to resolve to the following 2 IP addresses.

September 2, 2016

February 6, 2014

File downloads found at URLs served by www.safefiles.net.

1 / 68      (PUP)

1 / 68      (Adware)
http://www.safefiles.net/.../mp3rocket.exe  (8d3c3b31dad0275328bd656871d333a6)

3 / 68      (PUP)
http://www.safefiles.net/downloads/.../mp3rocket-pro.exe  (6c9dfa430a86d8722c5fd665c48a7165)

2 / 68      (PUP)
http://www.safefiles.net/downloads/.../setup-ziggytv.exe  (28018e58f8898ed7736f856470243547)

URL:
http://www.safefiles.net/

Web server:
Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4