home

download.flashupdatenow.com

wenjie chen

Domain Information

The domain download.flashupdatenow.com registered by wenjie chen was initially registered in July of 2015 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Beaumaris, Victoria within Australia which resides on the Asia Pacific Network Information Centre network.
Registrar:
SANTIAMDOMAINS.COM LLC

Server location:
Victoria, Australia (AU)

Create date:
Wednesday, July 15, 2015

Expires date:
Friday, July 15, 2016

Updated date:
Tuesday, July 21, 2015

ASN:
AS133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU

Root domain:
flashupdatenow.com

Whois:
4 flashupdatenow.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Air Software.AirSoftware.Bundler (M), PUP.InstallCore.11 (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Outbrowse.Outborwse.Installer (M), PUP.Air Software (M)
100.00%

Malwarebytes
PUP.Optional.AirInstaller
34.69%

K7 AntiVirus
Unwanted-Program , Adware
34.69%

F-Prot
W32/AirInstall.A.gen, W32/AirInstall.A8.gen
34.69%

avast!
Adware-gen [Adw], Win32:Installer-L [PUP], PUP-gen [PUP]
34.69%

Sophos
AirInstaller, PUA 'AirInstaller'
34.69%

Comodo Security
Application.Win32.AirAdInstaller.B, Application.Win32.AirAdInstaller.A, Application.Win32.Agent.AJ
34.69%

Avira AntiVirus
ADWARE/Adware.Gen7, Adware/Airinstall.J
34.69%

Vba32 AntiVirus
AdWare.AirAdInstaller
34.69%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
34.69%

IKARUS anti.virus
AdWare.AdWare.Gen7, AdWare.AirInst, not-a-virus:AdWare.Win32, not-a-virus:WebToolbar.Win32.Agent
34.69%

Qihoo 360 Security
Malware.QVM01.Gen
34.69%

nProtect
Trojan-Clicker/W32.AirAdInstaller.824744, Trojan/W32.Agent.1125288.B, Trojan-Clicker/W32.AirAdInstaller.823720.B, Trojan-Clicker/W32.AirAdInstaller.1115272.B
34.69%

Dr.Web
Adware.Downware.1410, Trojan.SMSSend.4187, Adware.Downware.1363, Trojan.SMSSend.4317
34.69%

VIPRE Antivirus
Threat.4782985, AirInstaller
34.69%

The domain download.flashupdatenow.com has been seen to resolve to the following 4 IP addresses.

204.11.56.37
July 31, 2016

103.224.182.207
lb-182-207.above.com
May 18, 2016

192.184.12.62
December 15, 2015

103.224.182.243
lb-182-243.above.com
August 27, 2015

File downloads found at URLs served by download.flashupdatenow.com.

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=kP10xK2m7V  (setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=110725303&sid=777-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=98636078&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=07_47856002_122d42d4-6812-4373-b363-83270997ccd8&sid=227373&filename=setup.exe  (setup.exe.exe)

0 / 68
http://download.flashupdatenow.com/get/click/.../?uid=7ceed6aec1994a1ba68c589ed44103ec&sid=flvload&filename=Flash_setup  (install_flashplayer15x32_mssd_aaa_aih.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?sid=QPLfv9Xjm07I0rxU1DP0kBRt2suJDQymhovcD0Zfr3hm0FXkkY-4tDol20_jwJIctsSIY2lKSD33tRcCTnWupUr-MsAxkz_ZjDgLj4q6pqQxArYG7He-lFo7BJirrvjQ9CSe06lTRDCQsv2o8KHvxjWOxsl5SCsGSCha8hCFiCK9IMIQ9vssetgbXXZhDPBVYe77Iw2wOnzPb17nxpD8tZorhppdGVkDUWass1G7RdqsxKKIFNH1tVauXhiSXWoU3soOtqfPRz5nV4_ozRTPOiRu3av3Z0aLppLgYLB_dCKvmsTppBPInfWQCQQXYea5O5n7qF4NdwocuxiDCw8rSRjdU1mp62qJgWxUxDufvm9DL3JzMjSGAhT6rQ&filename=Flash_Setup  (flash_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=07_44025960_59297a7f-7041-425f-b372-b9bb72f643ba&sid=227373&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=99156057&sid=777-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=111951254&sid=674-p.nzzjzjfiztcztmnd&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=101863044&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=105293500&sid=674&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=1601704&sid=nym1CM_r5rjEr7L6WhACGIuoxb_t3MPhWyIMMTA3LjEwLjM5LjYzKAE.&filename=Flash_Setup  (flash_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=101318493&sid=674-p.ndumjmynjdimtkyy&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=dn10pY9kSV  (setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=100904206&sid=674&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=TD10nVj6mz  (setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=109247797&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=162661462&sid=1054&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=104050531&sid=674&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=DT10ysLjkr  (setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=167165867&sid=1054&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=04d5c4c4049e492996bf5e7a25eb2ff4&sid=flvload&filename=Flash_setup  (flash_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=103294451&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=112900309&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=103143745&sid=674-p.ngniyjlzjanzcnwu&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=102903019&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

1 / 68      (PUP)
http://download.flashupdatenow.com/get/click/.../?uid=8e0b503f7e7146ccaa5eb9320daa3c45&sid=flvload&filename=Flash_setup  (flash_setup.exe)

34 / 68    (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=$98954360&sid=674&filename=FPP_Setup  (fpp_setup.exe)

31 / 68    (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=121171187&sid=674-p.ngniyjlzjanzcnwu&filename=FPP_Setup  (fpp_setup.exe)

34 / 68    (Adware)
http://download.flashupdatenow.com/get/click/.../?uid=107283247&sid=674-&filename=FPP_Setup  (fpp_setup.exe)

 
Latest 30 of 65 download URLs

The following 22 files have been seen to comunicate with download.flashupdatenow.com in live environments.

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.207:80
pooface.exe (Ja)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
fuzezipsetup.exe (Fuze Zip by Koyote Soft)

TCP » 103.224.182.207:80
CureTraffic.exe (CureTraffic by Vitbian telecom S.L)

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
emuletorrent.exe

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

TCP » 103.224.182.243:587
www.exe

TCP » 103.224.182.207:443
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
BruteforceSaveData.exe (Bruteforce Save Data by 2014 by Aldo Vargas - http://www.aldostools.org)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.243:80
download.exe (Gerenciador de Download by ASSISTENTE DE DOWNLOAD)

TCP » 103.224.182.243:80
online-guardian-v2.0.9.exe

TCP » 103.224.182.243:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 103.224.182.207:80
online-guardian.exe

TCP » 103.224.182.207:80
winsec.exe (winsec.exe by Security Verifier)

TCP » 103.224.182.207:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 103.224.182.207:80
googleupd.exe (Google Update by Google)

 
Latest 20 of 36 files

URL:
http://download.flashupdatenow.com/

Google Analytics:
UA-19309218

Title:
“flashupdatenow.com”

Description:
“This website is for sale! flashupdatenow.com is your first and best source for information about flashupdatenow . Here you will also find topics relating to issues of general interest. We hope you find what you are looking for!”

Web server:
Apache

1-vinstaller.com

123mplayer.com

7s9nzohf.com

ad131m.com

amateurporntubed.com

applicationcube.com

check-live.com

checkupdatenow.com

cloudbox03.com

cloudbox06.com

cloudbox40.com

coolsoftwaredownloads.com

datacardbar.info

datingsweater.com

dbtalk.net

deliciousgoldfish.com

differentdownload.com

downloadcobol.com

downloadcobra.com

downloadcocci.com

downloadd.org

downloadinator.com

ex-soft.net

extremetrucker.com

fastupdate24.com

fetch-files.com

freeapplocationdownloads.com

freedownloadbrushes.com

generaldownload.com

generallydownload.com

30 of 93 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.