dl2.ursoftware.com

URSoft, Inc

Domain Information

The domain dl2.ursoftware.com registered by URSoft, Inc was initially registered in July of 2002 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Dallas, Texas within the United States which resides on the Linode network.
Remove Malware from dl2.ursoftware.com - Powered by Reason Core Security
Registrar:
GODADDY.COM, LLC

Server location:
Texas, United States (US)

Create date:
Monday, July 15, 2002

Expires date:
Wednesday, July 15, 2020

Updated date:
Tuesday, April 14, 2015

ASN:
AS36351 SOFTLAYER - SoftLayer Technologies Inc.

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

ESET NOD32
Win32/Toolbar.Babylon (variant), Win32/MyPCBackup, Win32/Toolbar.Conduit.AB (variant), Win32/Toolbar.Conduit.AE, Win32/ClientConnect (variant)
92.86%

McAfee
Artemis!DC5688A33D8F, Artemis!78D10B8D9CCA, Artemis!CAE377F98911, Artemis!F7E0DBE7B181, Artemis!C58BD0DD45D8, Artemis!21A1F9DBFBF7, Artemis!39DA548D96E4, Artemis!93130B989ACD, Artemis!A65E51EF01AB, Artemis!F39E5147C1E0, Artemis!3CCD7070AF6F
92.86%

Trend Micro House Call
TROJ_GEN.F47V0804, TROJ_GEN.F47V1113, TROJ_GEN.F47V0323, TROJ_GEN.F47V0402, TROJ_GEN.F47V0328, TROJ_GEN.F47V0407, TROJ_GEN.F47V0504
85.71%

McAfee Web Gateway
Artemis!DC5688A33D8F, Artemis!78D10B8D9CCA, Artemis!CAE377F98911, Artemis!F7E0DBE7B181, Artemis!C58BD0DD45D8, Artemis!21A1F9DBFBF7
85.71%

Dr.Web
Trojan.DownLoader10.19818, Adware.Conduit.43, Adware.Babylon.15, Adware.Conduit.96, Adware.Conduit.87, Adware.Babylon.10
71.43%

Reason Heuristics
PUP.Installer.ClientConnect.Q, PUP.Installer.ClientConnect.L, PUP.ClientConnect.AA, PUP.Optional.URSoft.Installer
71.43%

VIPRE Antivirus
Conduit, Trojan.Win32.Generic, Threat.4786236
64.29%

AVG
MalSign.Generic
64.29%

Malwarebytes
PUP.Optional.Conduit.A, PUP.Optional.ClientConnect
57.14%

Baidu Antivirus
Adware.Win32.Toolbar, Trojan.Win32.Toolbar, Adware.Win32.Conduit, PUA.Win32.ClientConnect, Trojan.Win32.Agent
50.00%

K7 Gateway Antivirus
Trojan , Unwanted-Program
42.86%

K7 AntiVirus
Trojan , Unwanted-Program
42.86%

Fortinet FortiGate
W32/MyPCBackup.A, Riskware/Toolbar_Conduit, Riskware/ClientConnect
42.86%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
28.57%

avast!
Win32:Adware-BRM [PUP]
28.57%

The domain dl2.ursoftware.com has been seen to resolve to the following IP address.

mail.ursoftware.com
December 28, 2013

File downloads found at URLs served by dl2.ursoftware.com.

12 / 68    (PUP)

9 / 68      (PUP)

9 / 68      (PUP)

12 / 68    (Adware)
http://dl2.ursoftware.com/.../dl.php?pid=yu2014  (your_uninstaller_tsa1wcd3p.exe)

9 / 68      (Adware)

17 / 68    (Adware)

10 / 68    (Adware)

13 / 68    (Adware)

9 / 68      (Adware)

13 / 68    (Adware)

9 / 68      (Adware)

9 / 68      (Adware)

8 / 68      (Adware)

13 / 68    (Adware)

8 / 68      (Adware)

12 / 68    (PUP)

6 / 68      (PUP)

12 / 68    (PUP)

The following 4 files have been seen to comunicate with dl2.ursoftware.com in live environments.

URL:
http://dl2.ursoftware.com/

Google Analytics:
UA-121948

Title:
“Your Uninstaller! 7 - Uninstall any unwanted software/program completely. Download for free.”

Description:
“Your Uninstaller! - Free download, award winning uninstaller suite to remove programs, uninstall software completely and easily. Remove every trace of unwanted programs.”

Web server:
Apache/2.2.15 (CentOS) (PHP/5.3.3)

Remove Malware from dl2.ursoftware.com - Powered by Reason Core Security