files.downloadwizard.com

Download Manager  (via a Proxy Registrant)

Domain Information

The domain files.downloadwizard.com is registered by proxy through ENOM, INC. and was originally registered in April of 2000. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the Digital Ocean, Inc. network. The domain is associated with the publisher Download Manager who is located in Vancouver, British Columbia in Canada.
Remove Malware from files.downloadwizard.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
New York, United States (US)

Create date:
Wednesday, April 12, 2000

Expires date:
Tuesday, April 12, 2016

Updated date:
Friday, March 13, 2015

ASN:
AS14061 DIGITALOCEAN-ASN - Digital Ocean, Inc.

Root domain:

Scanner detections:
Detections  (95% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.DownloadManager.T, PUP.Installer.DownloadManager.F, PUP.Installer.DownloadManager.N, PUP.Installer.DownloadManager.a, PUP.Installer.InstallManager.T, PUP.Installer.InstallManager.L, PUP.Installer.DownloadManager.O, PUP.Installer.Air Software, PUP.Air Software.DownloadManager.Bundler (M)
97.50%

Avira AntiVirus
W32/Sality.AT, ADWARE/Adware.Gen
95.00%

Dr.Web
Win32.Sector.21, Trojan.SMSSend.4860, Trojan.SMSSend.4902, Trojan.SMSSend.4766, Trojan.SMSSend.4733, Trojan.SMSSend.4790
95.00%

Malwarebytes
PUP.Optional.AirAdInstaller, PUP.Optional.AirInstaller, PUP.Optional.InstallManager
92.50%

VIPRE Antivirus
Iminent, Threat.5061940, Threat.4784938, Threat.4150696
92.50%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
92.50%

AVG
Generic_r, BundleApp_r.D, Adware BundleApp_r.D, Adware BundleApp.DN, Adware Generic_r.JF
92.50%

avast!
Win32:PUP-gen [PUP], Win32:Malware-gen, Win32:Installer-L [PUP], Adware-gen [Adw], Win32:Adware-BZI [PUP], Win32:Adware-gen [Adw]
90.00%

K7 Gateway Antivirus
Unwanted-Program
87.50%

K7 AntiVirus
Unwanted-Program , Adware
87.50%

ESET NOD32
Win32/AirAdInstaller (variant)
72.50%

Vba32 AntiVirus
AdWare.AirAdInstaller, AdWare.AirAdInstaller.ajov, AdWare.AirAdInstaller.aimu
60.00%

NANO AntiVirus
Riskware.Win32.AirAdInstaller.cwbkcs, Riskware.Win32.AirAdInstaller.cxhlvu, Riskware.Win32.Downware.cwaprw, Riskware.Win32.AirAdInstaller.cwbyev
50.00%

IKARUS anti.virus
AdWare.Airinstall, AdWare.AdWare.Gen7, Win32.AdWare, Win32.Malware, AdWare.AirAdInstaller, PUA.AirAdInstaller, not-a-virus:AdWare.AirAdInstaller
50.00%

Sophos
AirInstaller
47.50%

The domain files.downloadwizard.com has been seen to resolve to the following 7 IP addresses.

108.168.218.35-static.reverse.softlayer.com
October 24, 2014

justice.airinstaller.com
September 5, 2014

empire.airinstaller.com
May 30, 2014

uswestmeganode1.airinstaller.com
April 13, 2014

173.192.195.226-static.reverse.softlayer.com
April 13, 2014

chicago.airinstaller.com
April 13, 2014

108.168.218.34-static.reverse.softlayer.com
April 11, 2014

File downloads found at URLs served by files.downloadwizard.com.

 
Latest 30 of 41 download URLs

The following file have been seen to comunicate with files.downloadwizard.com in live environments.

Remove Malware from files.downloadwizard.com - Powered by Reason Core Security