www.mp3rocket.me

Paschal Rousseau

Domain Information

The domain www.mp3rocket.me registered by Paschal Rousseau was initially registered in September of 2010 through Key-Systems GmbH R44-ME. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the Netelligent Hosting Services Inc. network.
Registrar:
Key-Systems GmbH R44-ME (269)

Server location:
Quebec, Canada (CA)

Create date:
Tuesday, September 28, 2010

Expires date:
Tuesday, September 28, 2021

Updated date:
Wednesday, March 21, 2012

ASN:
AS10929 NETELLIGENT - Netelligent Hosting Services Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.MP3Support.J, PUP.MP3Support.X, PUP.MP3Support.O, PUP.MP3Support.J, PUP.Installer.MP3Support.J, PUP.Optional.Installer.SCCE, Win32.Generic.SCCE.Installer.Meta, PUP.installCore.MP3TechSupport.Installer (M), PUP.installCore.MP3TechS.Installer (M), PUP.OpenCandy.SCCE.Installer.Meta (M), PUP.MP3Rocket.Toolbar (L), PUP.InstallCore.RE11 (M)
97.92%

ESET NOD32
Win32/OpenCandy, Win32/Bundled.Toolbar.Ask (variant), Win32/OpenCandy (variant), Win32/InstallCore.RG (variant), Win32/OpenCandy.A potentially unsafe (variant), Win32/OpenCandy.E potentially unsafe (variant)
50.00%

Dr.Web
Adware.OpenCandy.4, Adware.Downware.1417, Adware.OpenCandy.139, Adware.OpenCandy.144, Adware.OpenCandy.141, Adware.OpenCandy.171
39.58%

Baidu Antivirus
Adware.Win32.InstallCore, Adware.Win32.OpenCandy
39.58%

Trend Micro House Call
TROJ_GEN.F47V1231, Suspicious_GEN.F47V0109, Suspicious_GEN.F47V0227, Suspicious_GEN.F47V0127, Suspicious_GEN.F47V0413, Suspicious_GEN.F47V0417
35.42%

VIPRE Antivirus
Opencandy, Trojan.Win32.Generic
35.42%

McAfee
Artemis!D88710A3AA8B, Artemis!1D173EB422B4, Artemis!AE8310D5C385, Artemis!E91AFE16DB3A, Artemis!EF317EE22806, Artemis!91ECF579E4F5, Artemis!53E805F9835E
35.42%

Fortinet FortiGate
Riskware/OpenCandy
31.25%

AVG
Generic, JS/MultiBundle
29.17%

Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.243272, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
29.17%

Agnitum Outpost
Riskware.OpenCandy, Riskware.Agent
27.08%

K7 AntiVirus
Unwanted-Program
27.08%

Bkav FE
W32.HfsAdware
25.00%

Kaspersky
not-a-virus:Downloader.Win32.Agent
22.92%

Sophos
Generic PUA JB
22.92%

The domain www.mp3rocket.me has been seen to resolve to the following 4 IP addresses.

November 29, 2014

February 7, 2014

mail.mp3rocket.me
February 7, 2014

February 7, 2014

File downloads found at URLs served by www.mp3rocket.me.

8 / 68      (PUP)
http://www.mp3rocket.me/.../mp3rocket.exe  (80006b024cc09a66c725323774e24746)

1 / 68      (Adware)
http://www.mp3rocket.me/.../MP3Rocket_Setup.exe  (e58028012f80f1a3c08f88409998e0cb)

9 / 68      (Adware)

2 / 68      (PUP)

URL:
http://www.mp3rocket.me/

Title:
“MP3 Rocket Download YouTube to mp3 conversion done right”

Web server:
Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4

Facebook:
Likes:  42,969
Shares:  355,524
Comments:  9,742

Statistics are for the previous month.