dw.cbsi.com

CBS Interactive Inc.

Domain Information

The domain dw.cbsi.com registered by CBS Interactive Inc. was initially registered in July of 1993 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the CBS Interactive Inc. network.
Registrar:
MARKMONITOR INC.

Server location:
New York, United States (US)

Create date:
Tuesday, July 20, 1993

Expires date:
Sunday, July 19, 2015

Updated date:
Monday, October 10, 2011

ASN:
AS6623 CBSI-1 - CBS Interactive Inc.

Root domain:

Scanner detections:
Detections  (96% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.WebInstall.P, PUP.Installer.l, Bundler.PPI.CBSInteractive.p, PUP.Installer.i, PUP.Installer.WebInstall.Y, PUP.Installer.WebInstall.O, PUP.Installer.WebInstall.K, PUP.Installer.WebInstall.CC, PUP.Installer.WebInstall.EE, PUP.Installer.WebInstall.W, PUP.Installer.WebInstall.a, PUP.Installer.WebInstall.R, PUP.Installer.WebInstall.V, PUP.Installer.WebInstall.T, PUP.Installer.WebInstall.U, PUP.Installer.WebInstall.N, PUP.Installer.WebInstall.M, PUP.Installer.WebInstall.FF, PUP.Installer.WebInstall.S
97.78%

avast!
Win32:Adware-BGE [PUP], Win32:Oncer, PUP-gen [PUP], Malware-gen
80.00%

Dr.Web
Adware.Downware.398, Adware.Downware.1159, Adware.Downware.1417, Win32.Runonce.6652
80.00%

VIPRE Antivirus
WebInstall, Threat.4782786, Threat.219451, Threat.4866784
80.00%

NANO AntiVirus
Trojan.Win32.Downware.crgjbr, Riskware.Win32.Downware.crgjbr, Riskware.Win32.Bundled.dacits, Virus.Win32.Runouce.bxafx
77.78%

ESET NOD32
Win32/DownloadAdmin.G potentially unwanted application, Win32/Chir.B virus, Win32/InstallMonetizer.AZ potentially unwanted application
51.11%

Clam AntiVirus
Win.Adware.Agent-6650, WIN.Worm.Brontok, Win.Trojan.Wpbrutebot-2
37.78%

ESET NOD32
Win32/DownloadAdmin, Win32/CNETInstaller (variant), Win32/Bundled.Toolbar.Ask (variant)
33.33%

herdProtect (fuzzy)
a variant of b10e32984b6b9e1d8faa5b6caa071b20fe8db04b, a variant of 98f23bba87cabbe268aa237a10e628b23afe0f0a, a variant of 77087be9d8533795d4db4e1215729cfc65ef012c
22.22%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1, NS:Malware.Install!1.9F21, PE:Worm.ChineseHacker-2!23772, NS:PUF.SilenceInstaller!1.9DDF
15.56%

Malwarebytes
PUP.Optional.InstallBrain.A, PUP.Optional.Spigot.A, Virus.Chir
13.33%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Type.b.6637
13.33%

CMC Antivirus
Packed.Win32.Toggaf.7!O, Trojan.Win32.Generic!O, Virus.Worm.Win32.Runouce.1!O
6.67%

Trend Micro House Call
TROJ_GEN.F47V0408, Suspicious_GEN.F47V0619, PE_Chir.B
6.67%

AVG
Generic, Win32/Chir.B@mm
4.44%

The domain dw.cbsi.com has been seen to resolve to the following 2 IP addresses.

phx1-dw-cbsi-xw-lb.cnet.com
February 2, 2014

phx2-dw-cbsi-xw-lb.cnet.com
December 18, 2013

File downloads found at URLs served by dw.cbsi.com.

 
Latest 30 of 54 download URLs

The following 13 files have been seen to comunicate with dw.cbsi.com in live environments.

URL:
http://dw.cbsi.com/

SSL certificate subject:
CN=*.cbsi.com, OU=Admin, O=CBS Interactive Inc., L=San Francisco, S=California, C=US

SSL certificate issuer:
CN=DigiCert High Assurance CA-3, OU=www.digicert.com, O=DigiCert Inc, C=US

Web server:
Apache/2.4.3

Facebook:
Shares:  2

Statistics are for the previous month.

Detection Incidence by Country