www.downloadwiz.com

Air Software  (via a Proxy Registrant)

Domain Information

The domain www.downloadwiz.com is registered by proxy through ENOM, INC. and was originally registered in September of 2004. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below). The domain is associated with the publisher Air Software who is located in Victoria, British Columbia in Canada.
Remove Malware from www.downloadwiz.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Arizona, United States (US)

Create date:
Monday, September 13, 2004

Expires date:
Tuesday, September 13, 2016

Updated date:
Friday, August 14, 2015

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Root domain:

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
DownloadManager.AirSoftware.F, PUP.Installer.Mindadmedia.F, PUP.Installer.DownloadManager.T, PUP.Air Software.AirSoftware.Bundler (M), PUP.Air Software.DownloadManager.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.AirInstaller, PUP.Optional.OutBrowse, PUP.Optional.AirAdInstaller
88.89%

K7 Gateway Antivirus
Unwanted-Program
88.89%

Dr.Web
Adware.Downware.1138, Trojan.SMSSend.4766, Adware.Downware.1676, Trojan.SMSSend.4871, Adware.Downware.1167, Trojan.SMSSend.4819
88.89%

VIPRE Antivirus
Threat.4782985, Iminent, OutBrowse, Threat.4150696
88.89%

K7 AntiVirus
Adware , Unwanted-Program
77.78%

Sophos
AirInstaller, DomainIQ pay-per install, PUA 'AirInstaller'
77.78%

Avira AntiVirus
Adware/AirInst.1174, ADWARE/Adware.Gen
77.78%

Rising Antivirus
PE:PUF.Airinstall!1.9C4C
77.78%

Agnitum Outpost
PUA.AirAd, Adware.Agent, PUA.OutBrowse
77.78%

AVG
Adware Generic_r, Skodna.Downloader
77.78%

F-Prot
W32/AirInstall.A.gen, W32/AirInstall.A8.gen, W32/A-8c0ea402
66.67%

Comodo Security
Application.Win32.AirAdInstaller.A, Application.Win32.AirAdInstaller.B
66.67%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
66.67%

G Data
Win32.Adware.Airadinstaller
66.67%

The domain www.downloadwiz.com has been seen to resolve to the following 8 IP addresses.

December 15, 2015

December 15, 2015

August 11, 2015

August 11, 2015

February 6, 2014

February 6, 2014

July 25, 2013

July 25, 2013

File downloads found at URLs served by www.downloadwiz.com.

25 / 68    (Adware)

1 / 68      (Adware)

39 / 68    (Adware)

39 / 68    (Adware)

39 / 68    (Adware)

8 / 68      (Adware)

15 / 68    (Adware)

35 / 68    (Adware)

32 / 68    (Adware)

URL:
http://www.downloadwiz.com/

Google Analytics:
UA-63702079

Title:
“DownloadWiz | Download the Latest Free Software”

SSL certificate subject:
CN=sni108462.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Likes:  2,325
Shares:  1
Comments:  24

Statistics are for the previous month.

Remove Malware from www.downloadwiz.com - Powered by Reason Core Security