See: https://urlquery.net/report.php?id=1421507303267 IDS alert for ET POLICY PE EXE or DLL Windows file download →
https://www.virustotal.com/nl/ip-address/83.149.126.218/information/ & http://www.herdprotect.com/ip-address-83.149.126.218.aspx

ESET-NOD32 the only one to detect this as Win32/Bundled.Toolbar.Google.D
See: http://webcache.googleusercontent.com/search?q=cache:7MUc-px058gJ:www.istdiesedateisicher.de/product/Defraggler_details.aspx+&cd=1&hl=nl&ct=clnk&gl=nl
I get a server error from there: http://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fwww.istdiesedateisicher.de%2Fproduct%2FDefraggler_details.aspx&useragentheader=&acceptheader=

Detection missed here: https://app.webinspector.com/public/reports/28870289
Detected and given as suspicious: http://zulu.zscaler.com/submission/show/ea4c2c9bc713b33b94f4d2a8af347278-1421509833

Asafaweb scan kicks up three warnings! → https://asafaweb.com/Scan?Url=www.filehippo.com
It looks like a cookie is being set without the “HttpOnly” flag being set (name : value):

FH_PreferredCulture : en-US → http://cookiepedia.co.uk/cookie/422377

DOM XSS vuln.: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.filehippo.com%2F (href=)

In Anubis analysis we find a unnamed file 0x00120028 Performs File Modification and Destruction; https://anubis.iseclab.org/?action=result&task_id=1289bfd9d208ef734558080cb582efb99&format=html and MSCTF.Shared.MUTEX.IFG. created found in tracking.

polonus