www.ammyy.com

WHOISGUARD, INC.  (Proxy Registrant)

Domain Information

The domain www.ammyy.com is registered by proxy through ENOM, INC. and was originally registered in January of 2008. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Remove Malware from www.ammyy.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Berlin, Germany (DE)

Create date:
Tuesday, January 29, 2008

Expires date:
Sunday, January 29, 2017

Updated date:
Monday, August 24, 2015

ASN:
AS24940 HETZNER-AS Hetzner Online GmbH,DE

Root domain:

Scanner detections:
Detections  (76% detected)

Scan engine
Details
Detections

Rising Antivirus
PE:Malware.Ammyy!6.854, PE:Malware.Ammyy!6.1139, PE:Malware.Agent!6.FD5, PE:Win32.Virut.ec!1608462, PE:Win32.KUKU.GEN!1463551
84.62%

Reason Heuristics
PUP.Service.Ammyy.F, PUP.Service.Ammyy.G, PUP.Ammyy.F, PUP.AmmyyGroup.L, Threat.Win.Reputation.IMP, PUP.Ammyy.G, Win32.Generic.Ammyy.Meta
84.62%

Kaspersky
not-a-virus:RemoteAdmin.Win32.Ammyy, not-a-virus:RemoteAdmin.Win32.Agent, Virus.Win32.Sality, UDS:DangerousObject.Multi.Generic
80.77%

Dr.Web
Program.RemoteAdmin.701, Program.Ammyy.1, Win32.Virut.56, riskware program Program.RemoteAdmin.701, riskware program Program.RemoteAdmin.701, Win32.Sector.22
80.77%

ESET NOD32
Win32/RemoteAdmin.Ammyy, Win32/RemoteAdmin.Ammyy (variant), Win32/RemoteAdmin.Ammyy.C potentially unsafe (variant), Win32/Injector.CNUX (variant)
76.92%

NANO AntiVirus
Riskware.Win32.Ammyy.cqmwzu, Trojan.Win32.RemoteAdmin.cqzmlg, Trojan.Win32.RemoteAdmin.cqwpdg, Riskware.Win32.Ammyy.csrlye, Riskware.Win32.RemoteAdmin.cxogte
73.08%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Virus , Unwanted-File
65.38%

K7 AntiVirus
Unwanted-Program , Trojan , Virus
65.38%

avast!
Win32:PUP-gen [PUP], Win32:Virtu-A, Win32:Sality, Win32:SaliCode, Win32:RemoteAdmin-D [PUP], Win32:RemoteAdmin-B [PUP], Win32:Malware-gen
65.38%

Bkav FE
W32.Clod242.Trojan, W32.Clodaa2.Trojan, W32.Clod820.Trojan, W32.Clod052.Trojan, W32.Cloda1c.Trojan, W32.Vetor.PE, W32.Sality.PE
61.54%

Baidu Antivirus
Hacktool.Win32.RemoteAdmin, HackTool.Win32.RemoteAdmin, Virus.Win32.Virut.$NBP, Virus.Win32.Sality.$Emu, Hacktool.Win32.Ammyy
61.54%

Agnitum Outpost
Riskware.RemoteAdmin, Win32.Virut.AB.Gen, Win32.Sality.FA.Gen, Trojan.DR.Injector
57.69%

AhnLab V3 Security
Unwanted/Win32.RemoteAdmin, PUP/Win32.RemoteAdmin, Win-AppCare/Remoteaammyy.667344, Win32/Virut.F, Win32/Kashu.E, Trojan/Win32.Dridex
57.69%

VIPRE Antivirus
Remote-Access.Win32.Ammyy, Trojan.Win32.Generic, Threat.4737366, Threat.4734158, Threat.4721115
57.69%

Avira AntiVirus
SPR/RemoteAdmin.AG, SPR/RemoteAdmin.C.1, SPR/RemoteAdmin.AB, W32/Virut.Gen, W32/Sality.AT, SPR/RemoteAdmin.765952, TR/AD.Gamarue.Y.1717
53.85%

The domain www.ammyy.com has been seen to resolve to the following 2 IP addresses.

static.159.105.243.136.clients.your-server.de
January 28, 2016

ammyy.com
August 4, 2013

File downloads found at URLs served by www.ammyy.com.

0 / 68
http://www.ammyy.com/AA_v3.exe  (a4b1b5f8a01f5c94e4a5a2dcaf4558b7)

2 / 68      (inconclusive)
http://www.ammyy.com/AA_v3.4.exe  (07ea3c7c7e49cb29e59fe041341c54b8)

0 / 68
http://www.ammyy.com/AA_v3.5.exe  (942072a96ebe0955f53081d68e7df8f9)

14 / 68    (PUP)
http://www.ammyy.com/AA_v3.5.rar  (d0117d6722b5c75fdccb5218d814c009)

7 / 68      (Adware)
http://www.ammyy.com//aa_v3.exe  (2cbf5657ffd8858a9597f296a60270c2)

26 / 68    (Adware)
http://www.ammyy.com/AA_v2.exe  (saga_remote.exe)

21 / 68    (Adware)

13 / 68    (Adware)

0 / 68
http://www.ammyy.com/.../AmmyyCustomizer.exe  (b0df5bc5fe5eaeaf74dce90881b36a7f)

16 / 68    (Adware)

31 / 68    (Adware)
http://www.ammyy.com/AA_v3.3.exe  (d22d719495f23e38805bbea5df434abb)

URL:
http://www.ammyy.com/

Google Analytics:
UA-21138530

Title:
“Ammyy Admin - Free Zero-Config Remote Desktop Software, Remote Desktop Connection and Remote Access Software”

Description:
“Popular zero-config free remote desktop software. It's used for system administration, webinars and instant remote desktop connection over the Internet. Free remote access software Ammyy Admin makes control of a remote PC quick and simple.”

Web server:
Apache/2.2.15 (CentOS)

Facebook:
Likes:  1,350
Shares:  2,486
Comments:  1,209

Statistics are for the previous month.

Remove Malware from www.ammyy.com - Powered by Reason Core Security