www.audiograbber.org

Stefan Vetter

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Berlin, Berlin within Germany which resides on the RIPE Network Coordination Centre network.
Registrar:
RegistryGate GmbH (R1565-LROR)

Server location:
Berlin, Germany (DE)

ASN:
AS34788 NMM-AS Neue Medien Muennich GmbH,DE

Root domain:

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.M, PUP.CyberservicesBV.i, PUP.CyberservicesBV.a, PUP.CyberservicesBV.V, PUP.Covus, PUP.Bundler.Covus, Threat.Covus.Bundler, PUP.Covus.Bundler, PUP.Outbrowse.CyberservicesBV (M), PUP.Outbrowse.CyberservicesBV.Bundler (M), PUP.Covus.HEYDAYEN.Bundler (M), PUP.Outbrowse.Cyberser.Bundler (M), PUP.Covus.Freemium.Bundler (M), PUP.Outbrowse (M)
86.84%

AVG
Skodna.Generic_c, Adware Generic_r.OC, Cyberservices
42.11%

ESET NOD32
Win32/DownloadGuide.A potentially unwanted application, Win32/DownloadGuide.D potentially unwanted application, Win32/DownloadGuide.F potentially unwanted application
39.47%

VIPRE Antivirus
DownloadGuide, Threat.4890059, Threat.4150696, Threat.4371328
36.84%

Dr.Web
Adware.Funmoods.1, Adware.Downware.5119, Adware.Downware.6044, Trojan.Packed, Adware.Downware.9866, Adware.Downware.10484
31.58%

K7 Gateway Antivirus
Trojan , Unwanted-Program
28.95%

K7 AntiVirus
Trojan , Unwanted-Program
28.95%

Antiy Labs AVL
VCS/Environment.DigitalFN, Trojan/Win32.TSGeneric, GrayWare[AdWare:not-a-virus]/Win32.Amonetize, RiskWare[Downloader:not-a-virus]/Win32.DownloadHelper
28.95%

Avira AntiVirus
APPL/DownloadGuide.Gen2, PUA/DownloadGuide.Gen, APPL/DownGuide.595984
23.68%

NANO AntiVirus
Trojan.Win32.DownloadGuide.djpwcg, Trojan.Win32.DownloadHelper.dnpsqf, Trojan.Win32.DownloadHelper.dnpscv, Riskware.Nsis.Adware.dpxxla
21.05%

ESET NOD32
Win32/Toolbar.Funmoods (variant), Win32/DownloadGuide (variant), Win32/Toolbar.Escort, Win32/DownloadGuide.D potentially unwanted (variant)
18.42%

Malwarebytes
PUP.Funmoods, PUP.FunMoods, PUP.Optional.Breitschopp, PUP.Optional.DownloadGuide, PUP.Optional.Freemium.A
15.79%

Agnitum Outpost
Riskware.Agent
15.79%

herdProtect (fuzzy)
a variant of 8cae975824886624b9eb6d424c3c646fa994d6ab, a variant of 383bb6d71a0127b166fc9fe68ac458a867d68f57, a variant of 96e89fefa3edec97f65f5d35070eb74d612c5f92
15.79%

Bkav FE
W32.HfsAdware
15.79%

The domain www.audiograbber.org has been seen to resolve to the following IP address.

dd32310.kasserver.com
January 23, 2014

File downloads found at URLs served by www.audiograbber.org.

1 / 68      (Adware)
http://www.audiograbber.org/.../agmp3plugin  (download_audiograbber_mp3_plugin.exe)

1 / 68      (Adware)
http://www.audiograbber.org/.../agsetup183  (download_audiograbber.exe)

1 / 68      (PUP)
http://www.audiograbber.org/.../videograbber  (download_videograbber.exe)

3 / 68      (PUP)

1 / 68
http://www.audiograbber.org/files/.../agmp3plugin.exe  (369d74e42a5a1140fa6890802d7f4bfa)

URL:
http://www.audiograbber.org/

Google Analytics:
UA-12605793

Title:
“Audiograbber, free CD ripper, mp3 encoder and audio recorder for Windows”

Web server:
Apache (PHP/5.4.42-nmm1)

Facebook:
Likes:  34
Shares:  256
Comments:  35

Twitter:
Shares:  522

Statistics are for the previous month.