The domain csdi-dlstatic.clean-navigate.com is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2014. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrant:
Domains By Proxy, LLC
Registrar:
GODADDY.COM, LLC
Server location:
Nord-Pas-De-Calais, France (FR)
Create date:
Tuesday, December 2, 2014
Expires date:
Friday, December 2, 2016
Updated date:
Wednesday, November 25, 2015
ASN:
AS16276 OVH OVH SAS,FR
Scanner detections:
Detections (94% detected)
Scan engine
Details
Detections
Reason Heuristics
(M), PUP.Optional.Installer, PUP.CONCEPTIONSELECTIONDISTRIBUTIONINTERNATIONALE.Installer (M), PUP.Optional.CONCEPTIONSELECTIONDISTRIBUTIONINTERNATIONALE.Installer, PUP.MaxDriver.Installer.Meta (M), PUP.SpaceSoundPro.Installer.Meta (M)
50.00%
ESET NOD32
Detection.Undefined, MSIL/Adware.EoRezo.C application
48.00%
Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
46.00%
avast!
Win32:Malware-gen
36.00%
McAfee
Artemis!238E8F2FF679, Artemis!6989E7829864, Artemis!D51CA23E6760, Artemis!DA8BC7441237, Artemis!28824F443F1B, Artemis!62A03D94EFA0, Artemis!17DC311900F2, Artemis!572198B87818, Program.Adware-Eorezo
22.00%
Baidu Antivirus
Adware.Win32.ConvertAd, Adware.Win32.InstallCore, Adware.Win32.Agent, PUA.Win32.Agent
12.00%
Malwarebytes
Trojan.MSIL.Dropper, PUP.Optional.ConvertAd
10.00%
Qihoo 360 Security
HEUR/QVM42.1.Malware.Gen
8.00%
NANO AntiVirus
Trojan.Win32.GBZG0066.dtleie, Riskware.Win32.Unwanted.dvtsiu
8.00%
VIPRE Antivirus
Threat.4739248, Adware.Agent, Threat.4760062
8.00%
Dr.Web
Program.Unwanted.710, Program.Unwanted.711
8.00%
herdProtect (fuzzy)
a variant of c36b73bf8426020dab55c901fac69898c69723f8, a variant of ca9867ac1303bd0760a5c6df7cea05a6b26c6a0b, a variant of c9c6d336f98a833071e3cbd8beec881b7a2f9fcc
6.00%
Kaspersky
not-a-virus:AdWare.Win32.Agent
6.00%
Trend Micro House Call
Suspicious_GEN.F47V0509, Suspicious_GEN.F47V0512
4.00%
The domain csdi-dlstatic.clean-navigate.com has been seen to resolve to the following 2 IP addresses.
csdi-dl1.clean-navigate.com
February 1, 2016
csdi-dl0.clean-navigate.com
February 1, 2016
File downloads found at URLs served by csdi-dlstatic.clean-navigate.com.
The following 8 files have been seen to comunicate with csdi-dlstatic.clean-navigate.com in live environments.
URL:
http://csdi-dlstatic.clean-navigate.com/
Related Domains