dw.cbsi.com

CBS Interactive Inc.

Domain Information

The domain dw.cbsi.com registered by CBS Interactive Inc. was initially registered in July of 1993 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in New York City, New York within the United States which resides on the CBS Interactive Inc. network.
Registrar:
MARKMONITOR INC.

Server location:
New York, United States (US)

Create date:
Tuesday, July 20, 1993

Expires date:
Sunday, July 19, 2015

Updated date:
Monday, October 10, 2011

ASN:
AS6623 CBSI-1 - CBS Interactive Inc.

Root domain:

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
Bundler.PPI.CBSInteractive.p, PUP.Optional.Installer.I, Bundler.PPI.CBSInteractive.o, PUP.Installer.WebInstall.N, PUP.Installer.WebInstall.P, PUP.Installer.WebInstall.M, PUP.Installer.WebInstall.W, PUP.Installer.WebInstall.O, PUP.Installer.WebInstall.V, PUP.Installer.WebInstall.U, PUP.Installer.WebInstall.a, PUP.Installer.WebInstall.FF, PUP.Installer.WebInstall.S, PUP.Installer.WebInstall.T, PUP.Installer.WebInstall.Y, PUP.Installer.WebInstall.AA, PUP.Installer.WebInstall.m, PUP.Installer.WebInstall.p, PUP.Installer.WebInstall.EE, PUP.Installer.WebInstall.Q, PUP.Installer.WebInstall.c, PUP.Installer.WebInstall.CC
97.78%

Dr.Web
Adware.Downware.1417, Win32.Runonce.6652, Adware.Downware.1159, Adware.Downware.398
86.67%

VIPRE Antivirus
Threat.219451, WebInstall, Threat.4782786, Threat.4866784
86.67%

avast!
Win32:Oncer, Win32:Adware-BGE [PUP], PUP-gen [PUP], Malware-gen
86.67%

NANO AntiVirus
Riskware.Win32.Bundled.dacits, Virus.Win32.Runouce.bxafx, Riskware.Win32.Downware.crgjbr, Trojan.Win32.Downware.crgjbr
82.22%

ESET NOD32
Win32/Chir.B virus, Win32/DownloadAdmin.G potentially unwanted application, Win32/InstallMonetizer.AZ potentially unwanted application
73.33%

Clam AntiVirus
WIN.Worm.Brontok, Win.Adware.Agent-6650, Win.Trojan.Wpbrutebot-2
28.89%

ESET NOD32
Win32/CNETInstaller (variant), Win32/Bundled.Toolbar.Ask (variant), Win32/DownloadAdmin
17.78%

herdProtect (fuzzy)
a variant of 77087be9d8533795d4db4e1215729cfc65ef012c, a variant of 98f23bba87cabbe268aa237a10e628b23afe0f0a, a variant of 9f37867b932a6ee5027b1095a324182c5b621525
15.56%

Rising Antivirus
NS:Malware.Install!1.9F21, PE:Worm.ChineseHacker-2!23772, PE:Malware.XPACK/RDM!5.1, NS:PUF.SilenceInstaller!1.9DDF
11.11%

Trend Micro House Call
TROJ_GEN.F47V0408, Suspicious_GEN.F47V0619, PE_Chir.B, Suspicious_GEN.F47V0908
8.89%

Malwarebytes
PUP.Optional.Spigot.A, Virus.Chir, PUP.Optional.InstallBrain.A
8.89%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Type.b.6637
8.89%

CMC Antivirus
Packed.Win32.Toggaf.7!O, Trojan.Win32.Generic!O, Virus.Worm.Win32.Runouce.1!O
6.67%

AVG
Generic, Win32/Chir.B@mm
4.44%

The domain dw.cbsi.com has been seen to resolve to the following 2 IP addresses.

phx1-dw-cbsi-xw-lb.cnet.com
February 2, 2014

phx2-dw-cbsi-xw-lb.cnet.com
December 18, 2013

File downloads found at URLs served by dw.cbsi.com.

 
Latest 30 of 75 download URLs

The following 15 files have been seen to comunicate with dw.cbsi.com in live environments.

URL:
http://dw.cbsi.com/

SSL certificate subject:
CN=*.cbsi.com, OU=Admin, O=CBS Interactive Inc., L=San Francisco, S=California, C=US

SSL certificate issuer:
CN=DigiCert High Assurance CA-3, OU=www.digicert.com, O=DigiCert Inc, C=US

Web server:
Apache/2.4.3

Facebook:
Shares:  2

Twitter:
Shares:  1

Statistics are for the previous month.

Detection Incidence by Country