The domain www.rocketbackups.com registered by MP3 Rocket Inc was initially registered in May of 2013 through REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Montreal, Quebec within Canada which resides on the iWeb Technologies Inc. network.
Registrant:
MP3 Rocket Inc
Registrar:
REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER
Server location:
Quebec, Canada (CA)
Create date:
Friday, May 3, 2013
Expires date:
Wednesday, May 3, 2023
Updated date:
Monday, May 13, 2013
ASN:
AS32613 IWEB-AS - iWeb Technologies Inc.,CA
Scanner detections:
Detections (96% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.MP3Support.J, PUP.MP3Support.N, PUP.Optional.Installer.SCCE, PUP.Installer.MP3Support, Threat.Installer.SCCE, PUP.installCore.Installer, PUP.installCore.MP3TechSupport.Installer (M), Win32.Generic.SCCE.Installer.Meta, PUP.OpenCandy.SCCE.Installer.Meta (M), PUP.installCore.MP3TechS.Installer (M)
83.67%
Dr.Web
Adware.Downware.1417, Adware.OpenCandy.139, Adware.OpenCandy.163, Adware.OpenCandy.171, Win32.Parite.1
63.27%
VIPRE Antivirus
Trojan.Win32.Generic, Opencandy, Threat.46248
63.27%
AVG
Generic, Win32/Parite
63.27%
ESET NOD32
Win32/Bundled.Toolbar.Ask (variant), Win32/InstallCore.PY (variant), Win32/OpenCandy (variant), Win32/Injected (variant), Win32/OpenCandy.E potentially unsafe (variant)
61.22%
Baidu Antivirus
Adware.Win32.OpenCandy, Adware.Win32.InstallCore
59.18%
McAfee
Artemis!DD4D58D80482, Artemis!A1462ABB9F46, Artemis!9B554F1BB383, Artemis!0AC6AAF817DB, Artemis!2A6A8EA83A8E, Artemis!EF317EE22806, Artemis!9834C63403AD, Artemis!881710870ED5, Artemis!03401FFC6A8D
53.06%
Fortinet FortiGate
Riskware/InstallCore, Riskware/OpenCandy
51.02%
K7 AntiVirus
Unwanted-Program
51.02%
Zillya! Antivirus
Downloader.Agent.Win32.248040, Downloader.Agent.Win32.260269, Trojan.Kryptik.Win32.805012
46.94%
Trend Micro House Call
TROJ_GEN.F47V1119, Suspicious_GEN.F47V0911, TROJ_GEN.F47V0203, Suspicious_GEN.F47V0204, Suspicious_GEN.F47V0129, Suspicious_GEN.F47V0226, Suspicious_GEN.F47V0418
44.90%
Kaspersky
not-a-virus:Downloader.Win32.Agent, Virus.Win32.Parite
42.86%
avast!
Win32:Malware-gen, Win32:Parite
42.86%
Sophos
Generic PUA NF, Generic PUA BF, Generic PUA OB, Generic PUA JB, Virus 'W32/Parite-A'
38.78%
SUPERAntiSpyware
PUP.MP3Rocket/Variant
36.73%
The domain www.rocketbackups.com has been seen to resolve to the following 2 IP addresses.
File downloads found at URLs served by www.rocketbackups.com.
URL:
http://www.rocketbackups.com/
Web server:
Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4