home

downloads.updatesoftnow.com

PERFECT PRIVACY, LLC  (Proxy Registrant)

Domain Information

The domain downloads.updatesoftnow.com is registered by proxy through DUCKBILLEDDOMAINS.COM LLC and was originally registered in November of 2015. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Digital Ocean, Inc. network.
Registrar:
DUCKBILLEDDOMAINS.COM LLC

Server location:
New York, United States (US)

Create date:
Tuesday, November 10, 2015

Expires date:
Thursday, November 10, 2016

Updated date:
Tuesday, November 10, 2015

ASN:
AS14061 DIGITALOCEAN-ASN - Digital Ocean, Inc.

Root domain:
updatesoftnow.com

Whois:
7 updatesoftnow.com records

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.installCore.Compiler.Installer (M), PUP.Adknowledge.InstallM.Installer (M), PUP.Air Software.Download.Bundler (M), PUP.Air Software.AirSoftw.Bundler (M), PUP.SecurePCCleaner.SUPERTUN.Installer.Meta (M), PUP.Air Software (M), PUP.Adknowledge (M), Win32.Generic, PUP.Tightrope (M)
97.92%

F-Secure
Riskware.Application.Bundler.AirInstaller
2.08%

The domain downloads.updatesoftnow.com has been seen to resolve to the following 25 IP addresses.

69.162.80.60
60-80-162-69.static.reverse.lstn.net
August 26, 2016

95.211.219.66
August 25, 2016

95.211.219.65
August 20, 2016

95.211.219.67
August 12, 2016

69.162.80.59
59-80-162-69.static.reverse.lstn.net
August 7, 2016

69.162.80.55
55-80-162-69.static.reverse.lstn.net
August 7, 2016

69.162.80.58
58-80-162-69.static.reverse.lstn.net
August 6, 2016

78.41.204.29
hosted-by.snel.com
August 4, 2016

69.162.80.61
61-80-162-69.static.reverse.lstn.net
August 3, 2016

5.39.99.52
December 7, 2015

5.39.99.50
November 23, 2015

5.39.99.51
November 18, 2015

167.114.156.214
ns513839.ip-167-114-156.net
November 12, 2015

5.39.99.49
November 12, 2015

64.74.223.43
August 27, 2015

173.192.195.228
173.192.195.228-static.reverse.softlayer.com
May 16, 2014

162.243.2.91
empire.airinstaller.com
May 13, 2014

108.168.218.35
108.168.218.35-static.reverse.softlayer.com
May 1, 2014

184.154.116.114
chicago.airinstaller.com
April 23, 2014

192.241.139.115
justice.airinstaller.com
April 23, 2014

192.241.237.97
uswestmeganode1.airinstaller.com
April 16, 2014

50.23.68.85
50.23.68.85-static.reverse.softlayer.com
April 14, 2014

173.192.195.226
173.192.195.226-static.reverse.softlayer.com
April 13, 2014

192.241.231.245
babar.airinstaller.com
March 6, 2014

108.168.218.34
108.168.218.34-static.reverse.softlayer.com
February 24, 2014

File downloads found at URLs served by downloads.updatesoftnow.com.

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=63795-f5d333a8-c748-4686-ae0a-9e008f670c22ERON_US&sid=xbox 360 error status codes xbox error status codes xbox support xbox 360 error codes xbox 360&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=197cb64f1ad947f7ae48c7fe5b89c3c9&sid=xx&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=<<AFFSUB>>&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=1405373343629_1405373335365_110_20290_178239856_1&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=63640-4300_1009_us&sid=AP&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=8e1de344ca534a8ebb739f568f3b8967&sid=xx&filename=Setup  (setup.exe)

1 / 68      (inconclusive)
http://downloads.updatesoftnow.com/get/click/.../?uid=1406059254884_1406058797716_116_38014_220404234_1&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=63574-b8925b4a-6003-4438-912c-6b8517a0ed1c&sid=AP&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=20zmJx1417niUdKH3i4l.q1xnyvJ000.&sid=sdeF24l2Ly0FutMxxY-cSRvehP-0PUjmjzCoMIlfgC-9kAFQFK6WTmyIb8pG_N0qurO91GNm9otKqmlGZ7CvSmA_bfFeyEyE_V77kBrIzoyz1rsvxAglA60RRcZt7K5yDKeq6J5QBrcpMP4DetrH6j4-7vgwZW7s7K80943cS6zWHWs24YogxhoX8Gtt38B-GUJ2aKj2JqRUBCJav5dlepzWndV9TsZCzcof9gY4WmYwoQLuxvD20chqnn68vwxHhH6B7gafHeSh67BjxIIKQk9-tyPK5L1YDC3m0CMKlOS_5L4H820lVF1M3RfUykHG6vwRGVtgzbIBA2W70NK5FZe9vtyG89z7SV15w-Kap2ph9cPMouVfpdAWFppWO43lDBYsUWgJcEddLS6NiG6x6yRbcfTFrUN4DlKSgwTnFq6DDMZ8P7XVCU7jaGGcddmrGfj0dD9HIuVmMQ&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=<<AFFSUB>>&sid=nbsplit&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=1198b392fdfd48debcc8d06b438f6cd3&sid=xx&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=Ym89MSZjaXBpZD0xNTA5MDAwJmNpc2lkPUJDOThFODRFNDE0NjYwMDMxNDM1Njk2NDU3JmNpcmlkPUJDOThFODRFNDE0NjYwMDQxNzMxMzI3OTE1JnNsaWQ9MCZzdWJpZD0xMDAyJmNpdWlkPTgzMTk5MjAwNzA5NTk0OTczNTImc289MSZjcmlkPTIwODIzMTgmZXhjaWQ9MjImbW10PS0xJmNudHJ5PTIyNyZjaWNtcD0yNTgyOTgmcHViaWQ9MTgwMA==&filename=SoftwareUpdate  (softwareupdate.exe)

0 / 68
http://downloads.updatesoftnow.com/get/click/.../?uid=1410046404724_1410046395486_105_25749_103687358_1&sid=RONs&filename=Setup  (Setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=1409698933575_1409698930259_127_31602_198653261_1&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=1404248794677_1404248788713_109_605_41243776_1&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=Ym89MSZjaXBpZD0xNTA5MDQwJmNpc2lkPUNBRDJGRTZBNjkzMDkwMTg5Nzg2NTAyNjIwJmNpcmlkPUNBRDJGRTZBNjkzMDkwMTkwMTY4OTI1MjgwOCZzbGlkPTAmc3ViaWQ9NTc3MSZjaXVpZD0tNzc1OTI5MTYxNTM4NzY0MTc0MCZzbz0xJmNyaWQ9MjA4MjE1OCZleGNpZD0yMiZtbXQ9LTEmY250cnk9MjkmY2ljbXA9MjU4NTU4JnB1YmlkPTkwNTA=&sid=9050-5771&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=60245a2bc2734ef59926141fccd58555&sid=85841&filename=Setup  (setup.exe)

1 / 68      (PUP)
http://downloads.updatesoftnow.com/get/click/.../?uid=1e9e841b9ac14effa47cfbf62e7332e0&sid=xx&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=64175-1049807&sid=xx&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=Ym89MSZjaXBpZD0xNTA5MDAwJmNpc2lkPThEODc3OEY0NzczMDc1MTgxNjY5MzcxMyZjaXJpZD04RDg3NzhGNDc3MzA3NjEzMzY0NzkzODkmc2xpZD0wJnN1YmlkPTEwMDgmY2l1aWQ9LTEzMzM4MTcxMzkyNTE2NDIzODcmc289MSZjcmlkPTIwODIzMTgmZXhjaWQ9MjImbW10PS0xJmNudHJ5PTIyNyZjaWNtcD0yNTgyOTgmcHViaWQ9OTEwMA==&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=043202b8122349cb9510f9e2e4599953&sid=xx&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=63640-2030_2080_us&sid=split&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=20yZjV1RiFrjSt113K2seL1xjZET000.&sid=Zo5wN5PvGextL3g4H3g54A1p5ZFKEpMVRFvhLlPE5SS7qCNP6WvxAwVC70Mne1gIncPM99Wi7NhG2T2looReihQh_ysOctioW1NL_V7LQX1RrFPF-rFeZnTcgWV9-70r9Nyzjy1OhqJxyTK3yUMa9q65RqCI_M0tAit9VOCHUw9u1QCAzAKnjXhBT2N7ZRkcQys265_Hu-NCSXHWURoB8hXdRjJVoXuT7GX-JlMB0y27gdlqG6jK4dTDMQm_NhHU-WDYD2hqG4q_MaYUOKTdv-W8VWuvtcrhiwcV-K3SAJiPDyb2rvtjlvmShV3HfswQ3TCU7Tw7x4Pcux9iZm5IpTUzcVgC64c-uQfw9PEoxd4_kTSwU5fJAK6pM5uKpso6ftgF9EO_xOgqNUNShHoSdj_DEtq41R7kpCx_a4S3zQRESKmdH0twqjXE1BfaTKbGfG8UYEZ2NlSDDg&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=d9d57527c76d4016bd305b14ef0cb41f&sid=xx&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=63640-1700_1024_us&sid=AP&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=1405185682139_1405185607284_117_5859_40832603_1&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=Ym89MSZjaXBpZD0xNTA5MDAwJmNpc2lkPTRCMUI1QkFFNDUxNTAzMTcyMDA3MzYyODk1JmNpcmlkPTRCMUI1QkFFNDUxNTAzMTgxOTkzMTgxMDY1JnNsaWQ9MCZzdWJpZD01NzIwJmNpdWlkPTg4NzcyMzEzMjg0ODY4NDU0Njkmc289MSZjcmlkPTIwODIzMTgmZXhjaWQ9MjImbW10PS0xJmNudHJ5PTIyNyZjaWNtcD0yNTgyOTgmcHViaWQ9OTAyMA==&filename=SoftwareUpdate  (softwareupdate.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=9c085690be8843ff994de42ffc0c89ba&sid=(null)&filename=Setup  (setup.exe)

1 / 68      (Adware)
http://downloads.updatesoftnow.com/get/click/.../?uid=65139-90f95eb5-0416-46bb-a51b-9a987dfb34bdRON_US&sid=AP&filename=SoftwareUpdate  (softwareupdate.exe)

 
Latest 30 of 951 download URLs

The following 47 files have been seen to comunicate with downloads.updatesoftnow.com in live environments.

TCP » 167.114.156.214:3333
webproxy.exe

TCP » 167.114.156.214:80
setup_info.exe

TCP » 167.114.156.214:80
tencent.exe (by Tencent)

TCP » 167.114.156.214:80
rs.exe

TCP » 167.114.156.214:80
loader.exe (Updater by SOFTWARE AGILITY LIMITED)

TCP » 69.162.80.55:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 167.114.156.214:80
win.exe (SendStat Module)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 69.162.80.61:80
browser.exe (speed browser by Fast Applications)

TCP » 167.114.156.214:80
ProxyFinder.EXE (Proxy Finder Enterprise Edition Application)

TCP » 167.114.156.214:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 167.114.156.214:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 78.41.204.29:80
msn.exe

TCP » 167.114.156.214:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

TCP » 167.114.156.214:80
deamon.exe

TCP » 69.162.80.59:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 69.162.80.59:80
citrio.exe (Citrio by CatalinaGroup)

TCP » 167.114.156.214:80
run_css.exe

TCP » 167.114.156.214:1177
pirater facebook v1.0.exe

TCP » 69.162.80.59:80
UCBrowser.exe (UC Browser by UCWeb)

 
Latest 20 of 63 files

URL:
http://downloads.updatesoftnow.com/

Google Analytics:
UA-19309218

Title:
“updatesoftnow.com&nbsp;-&nbsp;This website is for sale!&nbsp;-&nbsp;updatesoftnow Resources and Information.”

Title (2/24/2014):
“Air Installer &#8482;”

Title (8/27/2015):
“Updatesoftnow.com”

Description:
“This website is for sale! updatesoftnow.com is your first and best source for information about updatesoftnow . Here you will also find topics relating to issues of general interest. We hope you find what you are looking for!”

Web server:
Apache (PHP/5.3.3-7+squeeze28)

1-vinstaller.com

123mplayer.com

7s9nzohf.com

ad131m.com

amateurporntubed.com

applicationcube.com

check-live.com

checkupdatenow.com

cloudbox03.com

cloudbox06.com

cloudbox40.com

coolsoftwaredownloads.com

datacardbar.info

datingsweater.com

dbtalk.net

deliciousgoldfish.com

differentdownload.com

downloadcobol.com

downloadcobra.com

downloadcocci.com

downloadd.org

downloadinator.com

ex-soft.net

extremetrucker.com

fastupdate24.com

fetch-files.com

flashupdatenow.com

freeapplocationdownloads.com

freedownloadbrushes.com

generaldownload.com

30 of 93 related domains

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.