home

download.updatenowpro.com

REACTIVATION PERIOD

Domain Information

The domain download.updatenowpro.com registered by REACTIVATION PERIOD was initially registered in February of 2014 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Digital Ocean, Inc. network.
Registrar:
ENOM, INC.

Server location:
New York, United States (US)

Create date:
Tuesday, February 4, 2014

Expires date:
Thursday, February 4, 2016

Updated date:
Friday, March 18, 2016

ASN:
AS14061 DIGITALOCEAN-ASN - Digital Ocean, Inc.

Root domain:
updatenowpro.com

Whois:
4 updatenowpro.com records

Google Safe Browsing:
malware

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.AirSoftware.F, PUP.Air Software.AirSoftware.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.Air Software (M)
100.00%

Avira AntiVirus
ADWARE/Adware.Gen
51.11%

Sophos
AirInstaller, PUA 'AirInstaller'
51.11%

Vba32 AntiVirus
AdWare.AirAdInstaller.ajov
51.11%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
51.11%

AVG
Generic_r, Adware Generic_r.JF
51.11%

IKARUS anti.virus
Win32.Malware
51.11%

AhnLab V3 Security
PUP/Win32.AirAdInstaller
51.11%

NANO AntiVirus
Riskware.Win32.AirAdInstaller.cwanhi, Riskware.Win32.AirAdInstaller.cwbkcs
51.11%

Qihoo 360 Security
Malware.QVM18.Gen, HEUR/Malware.QVM01.Gen
51.11%

nProtect
Trojan-Clicker/W32.AirAdInstaller.824744, Trojan-Clicker/W32.AirAdInstaller.862632
51.11%

F-Prot
W32/AirInstall.A8.gen, W32/A-8c0ea402
51.11%

G Data
Win32.Adware.Airadinstaller
51.11%

Zillya! Antivirus
Adware.AirAdInstaller.Win32.150
51.11%

Malwarebytes
PUP.Optional.AirAdInstaller
48.89%

The domain download.updatenowpro.com has been seen to resolve to the following 12 IP addresses.

192.230.92.93
192.230.92.93.ip.incapdns.net
August 6, 2016

199.83.132.93
199.83.132.93.ip.incapdns.net
June 24, 2016

104.130.124.96
June 2, 2016

208.91.197.197
May 30, 2016

204.11.56.48
May 17, 2016

98.124.243.35
February 8, 2016

62.75.207.166
static-ip-62-75-207-166.inaddr.ip-pool.com
January 31, 2016

108.168.218.35
108.168.218.35-static.reverse.softlayer.com
January 5, 2015

162.243.2.91
empire.airinstaller.com
August 10, 2014

173.192.195.228
173.192.195.228-static.reverse.softlayer.com
May 31, 2014

184.154.116.114
chicago.airinstaller.com
April 4, 2014

192.241.237.97
uswestmeganode1.airinstaller.com
March 18, 2014

File downloads found at URLs served by download.updatenowpro.com.

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=290768508&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=266930853&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=265077629&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=292116264&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=282215891&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=274204870&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=273332585&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=294055295&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=256767230&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=293124863&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=299639080&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=270982177&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=269621855&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=298230575&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=273320320&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=290502449&sid=1301&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=275675270&sid=1258&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=279830086&sid=777&filename=setup.exe  (setup.exe.exe)

1 / 68      (Adware)
http://download.updatenowpro.com/get/click/.../?uid=268315457&sid=1258&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=289011266&sid=1258&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=274757266&sid=777&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=273090709&sid=1258&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=285056093&sid=1300&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=272640034&sid=777&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=265950574&sid=1258&filename=setup.exe  (setup.exe.exe)

37 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=285131097&sid=777&filename=setup.exe  (setup.exe.exe)

35 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=298154768&sid=1258&filename=setup.exe  (setup.exe.exe)

34 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=289779876&sid=1258&filename=setup.exe  (setup.exe.exe)

30 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=289298290&sid=777&filename=setup.exe  (setup.exe.exe)

44 / 68    (Adware)
http://download.updatenowpro.com/get/click/.../?uid=274371635&sid=777&filename=setup.exe  (setup.exe.exe)

 
Latest 30 of 45 download URLs

The following 7 files have been seen to comunicate with download.updatenowpro.com in live environments.

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 104.130.124.96:443
translategenius.crx

TCP » 173.192.195.228:80
setup.exe (Software Updater by AirInstaller)

TCP » 204.11.56.48:80
chrome.crx

TCP » 204.11.56.48:80
chrome.crx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.