home

You Two Lab (Extreme White Limited)

Publisher Information

You Two Lab (Extreme White Limited) is a software developer located in Nicosia, Agios Dometios in CY*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
COMODO CA Limited

Valid from:
4/15/2015 2:00:00 AM

Valid to:
4/15/2016 1:59:59 AM

Subject:
CN=You Two Lab (Extreme White Limited), O=You Two Lab (Extreme White Limited), STREET=Tassou Papadopulu 6 (flat/office 22), L=Nicosia, S=Agios Dometios, PostalCode=2373, C=CY

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00da184da11a5376568b6099b7928bccbb

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.YouTwoLab(ExtremeWhiteLimited), PUP.ExtremeWhite.Bundler.Installer.Meta (M), Threat.Win.Reputation.IMP, PUP.ExtremeWhite.Bundler.Meta (M), Win32.Generic.YouTwoLabExtremeWhiteLimited.Task.Meta, PUP.ExtremeWhite.Bundler (M)
100.00%

Dr.Web
Trojan.Crossrider1.43107
56.52%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.CrossRider, HEUR:Trojan-Downloader.Win32.Generic, Virus.Win32.Slugin
56.52%

VIPRE Antivirus
Threat.4789396, Crossrider
54.35%

Malwarebytes
PUP.Optional.Crossbrowse.C
54.35%

avast!
Win32:Malware-gen, Win32:Patched-JI
52.17%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
43.48%

Sophos
PUA 'AppRider' (of type Adware)
41.30%

Avira AntiVirus
ADWARE/CrossRider.1977928.6, ADWARE/CrossRider.1977928.10, ADWARE/CrossRider.1977928.12
41.30%

ESET NOD32
Win32/Toolbar.CrossRider.CT potentially unwanted (variant)
34.78%

1 / 68      (PUP)
utility.exe  (fc35215d2f109d8bb0273e10b6b8e500)

1 / 68      (PUP)
7cb8cfa6-60af-466c-9b53-58578fd72c43.exe  (16cb01c2cbe838e6598a3f25f3aac620)

1 / 68      (PUP)
setup.exe  (a16eaae24f1321f2a9590b4b7fdd3744)

1 / 68      (PUP)
nsl5fbc.tmp  (3413fa9d8c80a8eb8a189905cbe2355e)

1 / 68      (PUP)
43c8bf84-1615-435f-ac51-656f5dcd8d7b.exe  (d5911ecaf565b4c08544ed6cec00a007)

1 / 68      (PUP)
8279.exe  (a3ffaf8c660708bc003781a0b9d97331)

1 / 68      (PUP)
4582.exe  (7ea657b3155148bc6d546834aa821dd8)

1 / 68      (PUP)
34.exe  (1dd04a0d275beab7c9585651d5a2b198)

11 / 68    (PUP)
setup.exe  (cc4c686311262e8840775d9fcbb7d916)

1 / 68      (PUP)
utility.exe  (bcc025605b514dc1c102ff8ece4c6554)

1 / 68      (PUP)
c2f5b448-b4f6-48a2-8bc7-6323fb1349bc.exe  (2b8abbd2816f9b72012bf7a0e4568303)

1 / 68      (PUP)
30b7d787-ae6a-4117-bf8b-533997e6cdd8.exe  (c2ff7d241d698925958e6da7c722d34a)

1 / 68      (PUP)
30b7d787-ae6a-4117-bf8b-533997e6cdd8.exe  (2536aa2cf95393a3cf21d3648dc3deb1)

1 / 68      (PUP)
9632.exe  (8054ebd5d6e6f21871ca6b33cae1b8e6)

1 / 68      (PUP)
5349.exe  (cadaf7095df92344b9d2c6f0f328fa60)

1 / 68      (PUP)
9356.exe  (734963112170c092feb0f5e8565bb47f)

1 / 68      (PUP)
4574.exe  (833d78d9385dc3b7b7b8a7ce5706c337)

1 / 68      (PUP)
setup.exe  (2afc07d28c2342c32c5cbe7f2dfb77f2)

23 / 68    (PUP)
4378.exe  (13574f56f4665ffbbc6ea06016476785)

20 / 68    (PUP)
6019.exe  (1eba2522deb1b9ce05463e50fd4d53cf)

15 / 68    (PUP)
2435.exe  (b9f9d834e594a0c06f117270c19e49ef)

18 / 68    (PUP)
9199.exe  (14cb2cec62c85460c1b1be8e5bf63230)

1 / 68      (PUP)
setup.exe  (068ff1e477c4c7ca26a1a72519a2f1d1)

12 / 68    (PUP)
utility.exe  (a7ea897da3dc380b898b602df9b0595e)

13 / 68    (PUP)
5859.exe  (dc24df79a82dcf59d28f0cd675de2cfb)

8 / 68      (PUP)
1695.exe  (6af3c39dc467711763c0cdea42bdf686)

13 / 68    (PUP)
7c4f325c-4868-4609-934b-9971be1bda4.exe  (9508f3b33bca10f7baaf748e35573d32)

1 / 68      (PUP)
utility.exe  (5b9704baa2281672d795511688276d49)

8 / 68      (PUP)
2518.exe  (07d3b21c444beabfddd4b12667bc684b)

10 / 68    (PUP)
9134a8ac-341b-43a2-8adc-6ec4226c59c2.exe  (1f151875320f79acbd83f71cdd77f1e9)

 
Latest 30 of 46 files

Downloads URLs for files signed by You Two Lab (Extreme White Limited).

9 / 68      (PUP)
http://download.allnetserveline.com/crcb/.../mini_installer.exe  (616971abdc8ad06489bf0ac2650be30c)

23 / 68    (PUP)
http://113.171.224.216/.../installer.exe  (13574f56f4665ffbbc6ea06016476785)

23 / 68    (PUP)
http://113.171.224.178/.../installer.exe  (13574f56f4665ffbbc6ea06016476785)

13 / 68    (PUP)
http://dl.keybufferbox.com/crcb/107/.../installer.exe  (9508f3b33bca10f7baaf748e35573d32)

23 / 68    (PUP)
http://dl.keyprobox.com/crcb/.../installer.exe  (13574f56f4665ffbbc6ea06016476785)

13 / 68    (PUP)
http://download.rgbdomsrv.com/crcb/107/.../installer.exe  (9508f3b33bca10f7baaf748e35573d32)

9 / 68      (PUP)
http://download.allnetserveline.com/crcb/113/.../mini_installer.exe  (76430c713bd3e6321fea30fa23f95ef8)

18 / 68    (PUP)
http://dl.keyprobox.com/crcb/.../installer.exe  (14cb2cec62c85460c1b1be8e5bf63230)

12 / 68    (PUP)
http://download.allnetserveline.com/crcb/113/.../mini_installer.exe  (2dad77a591c5ba1725bcdb7552925a45)

10 / 68    (PUP)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (1f151875320f79acbd83f71cdd77f1e9)

20 / 68    (PUP)
http://dl.globalnodemax.com/crcb/.../mini_installer.exe  (1eba2522deb1b9ce05463e50fd4d53cf)

9 / 68      (PUP)
http://download.allnetserveline.com/crcb/.../mini_installer.exe  (364ce48c7168f2eb954c3015da9b81c1)

12 / 68    (PUP)
http://download.allnetserveline.com/crcb/113/.../mini_installer.exe  (7fd225f54a70258a132605d1bff9411d)

8 / 68      (PUP)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (6af3c39dc467711763c0cdea42bdf686)

9 / 68      (PUP)
http://dl.keyprobox.com/crcb/.../installer.exe  (3fc0cb3da9ab0e8f677b25a866a54753)

The following websites host and distribute files published by You Two Lab (Extreme White Limited).

dl.globalnodemax.com

download.rgbdomsrv.com

download.allnetserveline.com

dl.keybufferbox.com

dl.ourstaticdatastorage.com

dl.keyprobox.com

The following publishers (by Authenticode signature organization name) are related.

Digit Network (Extreme White Limited)

City Center Games (Extreme White Limited)

Oral Teams (Extreme White Limited)

NightWish Center (Bright Circle Investments Ltd)

York New Labs (Extreme White Limited)

Web Bar Media

ClientConnect LTD

Baggio Technologies (BrightCircle Investments Limited)

think-cell Software GmbH

Somoto Ltd

Site on Spot Limited

Performix LLC

* Note, the details and description above are based on the code signing digital signature issued to You Two Lab (Extreme White Limited) by COMODO CA Limited on April 15, 2015 with the serial number '00da184da11a5376568b6099b7928bccbb'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.