home

www.imp3tunes.com

MP3 Rocket Inc

Domain Information

The domain www.imp3tunes.com registered by MP3 Rocket Inc was initially registered in August of 2006 through DOMAIN.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrar:
DOMAIN.COM, LLC

Server location:
Quebec, Canada (CA)

Create date:
Wednesday, August 16, 2006

Expires date:
Monday, August 16, 2021

Updated date:
Wednesday, April 16, 2014

ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA

Root domain:
imp3tunes.com

Whois:
2 imp3tunes.com records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MP3Support.K, PUP.MP3Support.J, PUP.MP3Support.I, Adware.MP3Support.J, Adware.MP3Support.N, PUP.MP3Support.V, PUP.MP3Support.P, PUP.MP3Support.N, PUP.MP3Support.O, PUP.Installer.MP3Support, Win32.Generic.SCCE.Installer.Meta, PUP.installCore.MP3TechSupport.Installer (M)
100.00%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/Kryptik.BVVE (variant), Win32/InstallCore.JE.gen (variant), Win32/OpenCandy (variant), Win32/InstallCore.PL (variant), Win32/OpenCandy.A potentially unsafe (variant)
61.76%

Dr.Web
Adware.Downware.1417, Adware.OpenCandy.4, Trojan.Packed.25266, Trojan.MulDrop5.10078, Adware.OpenCandy.139, Adware.OpenCandy.144
44.12%

Trend Micro House Call
TROJ_GEN.F47V1114, TROJ_GEN.F47V1119, TROJ_GEN.F47V1231, TROJ_GEN.F47V1214, TROJ_GEN.F47V0324, TROJ_GEN.F47V0123, TROJ_GEN.F47V0208, TROJ_GEN.F47V0816
38.24%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, PE:Malware.XPACK/RDM!5.1, PE:Malware.XPACK-LNR/Heur!1.5594
26.47%

VIPRE Antivirus
Opencandy, Trojan.Win32.Generic
23.53%

McAfee
Artemis!E991C5E50E26, Artemis!4D68E3F49A97, Artemis!93D7ADC6E098, Artemis!3BEFAC0D397B, Artemis!A1462ABB9F46, Artemis!EF317EE22806, Artemis!6321344358BB
23.53%

Malwarebytes
PUP.Optional.Spigot.A, PUP.Optional.OpenCandy
20.59%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, Trojan.Agent.avfc, Downware.InstallCore
20.59%

Agnitum Outpost
Riskware.OpenCandy, Trojan.Kryptik, Riskware.Agent
14.71%

Baidu Antivirus
Adware.Win32.OpenCandy
14.71%

Qihoo 360 Security
Win32/Trojan.4bc, HEUR/Malware.QVM20.Gen, Win32/Trojan.8c6, HEUR/QVM41.2.Malware.Gen
11.76%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
11.76%

K7 AntiVirus
Unwanted-Program
8.82%

Fortinet FortiGate
W32/Kryptik.BVVE!tr, Riskware/OpenCandy
5.88%

The domain www.imp3tunes.com has been seen to resolve to the following 3 IP addresses.

198.72.100.90
February 21, 2016

205.204.69.6
December 1, 2014

96.125.183.246
April 16, 2014

File downloads found at URLs served by www.imp3tunes.com.

1 / 68      (PUP)
http://www.imp3tunes.com/downloads/.../mp3rocket-pro.exe  (624c42952d61432c7317378f7857a991)

9 / 68      (PUP)
http://www.imp3tunes.com/.../mp3rocket.exe  (4b524d4949d1a6752d59c78c4d204471)

1 / 68      (PUP)
http://www.imp3tunes.com/downloads/.../MP3Rocket-Win-pro.exe  (mp3rocket-pro.exe)

URL:
http://www.imp3tunes.com/

Web server:
Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.4.22

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.