dl2.ursoftware.com

URSoft, Inc

Domain Information

The domain dl2.ursoftware.com registered by URSoft, Inc was initially registered in July of 2002 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the Linode network.
Registrar:
GODADDY.COM, LLC

Server location:
Texas, United States (US)

Create date:
Monday, July 15, 2002

Expires date:
Wednesday, July 15, 2020

Updated date:
Tuesday, April 14, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ClientConnect.Q, PUP.Optional.Installer.W, PUP.Installer.ClientConnect.L, PUP.ClientConnect.AA, PUP.Optional.URSoft.Installer, PUP.Conduit.ClientCo.Installer (M), PUP.URSoft.Optional.Installer.Meta (L), PUP.URSoft.Optional (L)
78.95%

ESET NOD32
Win32/Toolbar.Babylon (variant), Win32/MyPCBackup, Win32/Toolbar.Conduit.AB (variant), Win32/Toolbar.Conduit.AE, Win32/ClientConnect (variant)
73.68%

McAfee
Artemis!DC5688A33D8F, Artemis!78D10B8D9CCA, Artemis!CAE377F98911, Artemis!F7E0DBE7B181, Artemis!C58BD0DD45D8, Artemis!21A1F9DBFBF7, Artemis!39DA548D96E4, Artemis!93130B989ACD, Artemis!A65E51EF01AB, Artemis!CA83CFD946EC, Artemis!F39E5147C1E0, Artemis!3CCD7070AF6F
73.68%

McAfee Web Gateway
Artemis!DC5688A33D8F, Artemis!78D10B8D9CCA, Artemis!CAE377F98911, Artemis!F7E0DBE7B181, Artemis!C58BD0DD45D8, Artemis!21A1F9DBFBF7
68.42%

Trend Micro House Call
TROJ_GEN.F47V0804, TROJ_GEN.F47V1113, TROJ_GEN.F47V0323, TROJ_GEN.F47V0402, TROJ_GEN.F47V0328, TROJ_GEN.F47V0407, TROJ_GEN.F47V0504
63.16%

Dr.Web
Trojan.DownLoader10.19818, Adware.Conduit.43, Adware.Babylon.15, Adware.Conduit.96, Adware.Conduit.87, Adware.Babylon.10
57.89%

VIPRE Antivirus
Conduit, Trojan.Win32.Generic, Threat.4786236
47.37%

AVG
MalSign.Generic
47.37%

Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.ClientConnect
42.11%

Baidu Antivirus
Adware.Win32.Toolbar, Trojan.Win32.Toolbar, Adware.Win32.Conduit, PUA.Win32.ClientConnect, Trojan.Win32.Agent
36.84%

K7 Gateway Antivirus
Trojan , Unwanted-Program
36.84%

K7 AntiVirus
Trojan , Unwanted-Program
36.84%

Fortinet FortiGate
W32/MyPCBackup.A, Riskware/Toolbar_Conduit, Riskware/ClientConnect
31.58%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
21.05%

avast!
Win32:Adware-BRM [PUP]
21.05%

The domain dl2.ursoftware.com has been seen to resolve to the following 2 IP addresses.

li105-80.members.linode.com
September 2, 2016

mail.ursoftware.com
December 28, 2013

File downloads found at URLs served by dl2.ursoftware.com.

1 / 68      (PUP)

1 / 68      (PUP)
http://dl2.ursoftware.com/.../dl.php?pid=yu2012&nocnet=1  (a3eec414-e8af-ebc6-f6ff-cd5ac01b5ee9_1d1e74541d7be0b)

1 / 68      (PUP)

17 / 68    (Adware)

7 / 68      (PUP)
http://dl2.ursoftware.com/.../dl.php?pid=yu2010  (your uninstaller! 2013.exe)

1 / 68      (Adware)

12 / 68    (PUP)

9 / 68      (PUP)

9 / 68      (PUP)

12 / 68    (Adware)
http://dl2.ursoftware.com/.../dl.php?pid=yu2014  (your_uninstaller_tsa1wcd3p.exe)

9 / 68      (Adware)

17 / 68    (Adware)

10 / 68    (Adware)

13 / 68    (Adware)

9 / 68      (Adware)

13 / 68    (Adware)

9 / 68      (Adware)

9 / 68      (Adware)

8 / 68      (Adware)

13 / 68    (Adware)

8 / 68      (Adware)

12 / 68    (PUP)

6 / 68      (PUP)

12 / 68    (PUP)

The following 57 files have been seen to comunicate with dl2.ursoftware.com in live environments.

 
Latest 20 of 63 files

URL:
http://dl2.ursoftware.com/

Google Analytics:
UA-121948

Title:
“Your Uninstaller! 7 - Uninstall any unwanted software/program completely. Download for free.”

Description:
“Your Uninstaller! - Free download, award winning uninstaller suite to remove programs, uninstall software completely and easily. Remove every trace of unwanted programs.”

Web server:
Apache/2.2.15 (CentOS) (PHP/5.3.3)