ow.ly

Domain Information

Remove Malware from ow.ly - Powered by Reason Core Security
Server location:
British Columbia, Canada (CA)

Scanner detections:
Detections  (72% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OutBrowse.R, PUP.SomotoIsrael.m, PUP.BetterInstaller.Somoto.FF, PUP.SomotoIsrael.u, PUP.SomotoIsrael.b, PUP.BetterInstaller.Somoto.l, PUP.SomotoIsrael.a, PUP.CyberservicesBV.Y, PUP.Installer.FileMonarch.T, PUP.Installer.FileMonarch.Y, PUP.Installer.FileMonarch.X, PUP.Installer.ClickAccept.DD, PUP.Installer.ClickAccept.Y, PUP.Installer.WARPINSTALL.V, PUP.Installer.Fileprotected.Y, PUP.Installer.Adknowledge, PUP.Adknowledge, PUP.Adknowledge.Seekinstall.Installer (M), PUP.Somoto.SomotoIsrael.Bundler (M)
96.77%

Dr.Web
Adware.Downware.1664, Trojan.MulDrop4.11744, Adware.Somoto.17, Adware.Downware.5119, Trojan.DownLoader11.25714, Trojan.DownLoader11.32333
87.10%

VIPRE Antivirus
OutBrowse, Trojan.Win32.Generic, BetterInstaller, Threat.4890059, Optimum Installer, Threat.4778314, Threat.4798837
80.65%

Malwarebytes
PUP.Optional.Smart, PUP.Optional.Somoto, PUP.Optional.Somoto.A, PUP.Optional.IBryte, PUP.Optional.OptimunInstaller, PUP.Optional.OptimumInstaller.A
70.97%

AVG
MalSign.OutBrowse, AdInstaller.Somoto, Downloader, Adware Generic_r, Adware AdPlugin, Adware AdPlugin.AHP, Adware AdPlugin.ARA
64.52%

F-Prot
W32/Sefnit.C, W32/SomotoBetterInstaller.A, W32/A-6814c67e, W32/A-34fffba4, W32/DomaIQ.G.gen, W32/A-a1a6e5b1, W32/A-8041faaf
64.52%

avast!
Win32:PUP-gen [PUP], Win32:Somoto-O [PUP], Win32:IBryte-EF [PUP], Win32:Rootkit-gen [Rtk], Win32:Adware-gen [Adw], Win32:IBryte-CV [PUP]
64.52%

Comodo Security
Application.Win32.OutBrowse.~A, Application.Win32.Somoto.A, Application.Win32.Somoto.DE, Application.Win32.AgentCV.HWYE
61.29%

Avira AntiVirus
APPL/Somoto.Gen2, APPL/DownloadGuide.Gen2, Adware/iBryte.bxnf, Adware/iBryte.bxng, ADWARE/iBryte.Gen7, SPR/Dldr.Agent.bkfx.1
61.29%

McAfee Web Gateway
Artemis!43B9D29921FE, Artemis!21E0D1F61139, Artemis!2463FF528E1E, Artemis!28E050C5E4E1, Artemis!86D0BBDC1EED, Artemis!9A8A1408FBD9
58.06%

ESET NOD32
Win32/OutBrowse (variant), Win32/Somoto, Win32/AdWare.iBryte.BI (variant), Win32/AdWare.iBryte.BF (variant), Win32/AdWare.iBryte (variant)
58.06%

McAfee
Artemis!43B9D29921FE, Artemis!21E0D1F61139, Artemis!2463FF528E1E, Artemis!28E050C5E4E1, Artemis!86D0BBDC1EED, Artemis!9A8A1408FBD9, Artemis!DBC4C559C5F2, Artemis!632FA299F3F8, Artemis!B4F5CC64706D, Artemis!BE68D4E70CEE
54.84%

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse, not-a-virus:Downloader.NSIS.Agent, Trojan.Win32.Buzus, not-a-virus:Downloader.Win32.Agent
54.84%

Panda Antivirus
Adware/MultiToolbar, PUP/MultiToolbar.A, Trj/OCJ.D, Trj/Genetic.gen
54.84%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Adware
51.61%

The domain ow.ly has been seen to resolve to the following 20 IP addresses.

ec2-54-67-57-56.us-west-1.compute.amazonaws.com
May 3, 2015

ec2-54-183-132-164.us-west-1.compute.amazonaws.com
May 3, 2015

ec2-54-67-120-65.us-west-1.compute.amazonaws.com
May 3, 2015

ec2-54-183-130-144.us-west-1.compute.amazonaws.com
May 3, 2015

ec2-54-67-62-204.us-west-1.compute.amazonaws.com
May 3, 2015

ec2-54-183-131-91.us-west-1.compute.amazonaws.com
May 3, 2015

ec2-54-241-254-20.us-west-1.compute.amazonaws.com
September 5, 2014

ec2-54-241-23-26.us-west-1.compute.amazonaws.com
September 5, 2014

ec2-50-18-90-39.us-west-1.compute.amazonaws.com
March 27, 2014

ec2-184-169-240-140.us-west-1.compute.amazonaws.com
March 27, 2014

ec2-54-219-63-182.us-west-1.compute.amazonaws.com
March 27, 2014

ec2-50-18-133-129.us-west-1.compute.amazonaws.com
March 27, 2014

ec2-184-72-15-144.us-west-1.compute.amazonaws.com
March 27, 2014

ec2-54-193-164-69.us-west-1.compute.amazonaws.com
March 27, 2014

ec2-54-241-242-79.us-west-1.compute.amazonaws.com
February 6, 2014

ec2-54-241-242-72.us-west-1.compute.amazonaws.com
February 6, 2014

ec2-54-241-242-82.us-west-1.compute.amazonaws.com
February 6, 2014

ip-204-15-172-215.sjc.hootops.com
December 27, 2013

ip-204-15-172-228.sjc.hootops.com
December 27, 2013

ip-204-15-172-246.sjc.hootops.com
December 27, 2013

File downloads found at URLs served by ow.ly.

0 / 68
http://ow.ly/NDuhR  (twitchbotsetup.exe.rar)

1 / 68      (Adware)
http://ow.ly/uZFxc  (hdplayer_downloader-9g3vglgt.exe)

0 / 68
http://ow.ly/KwWW3  (ng_2015.exe)

0 / 68
http://ow.ly/zcaSg  (mpsetup.exe)

5 / 68      (PUP)
http://ow.ly/MQHY6  (dyinglightinstaller.exe.ace)

0 / 68
http://ow.ly/QRKnN  (potplayersetup64_44.exe)

1 / 68      (Adware)
http://ow.ly/uKTbV  (winrar_password_remover.exe)

0 / 68
http://ow.ly/AN0PC  (adaware_installer.exe)

0 / 68
http://ow.ly/r2mn9  (49b5.msi)

0 / 68
http://ow.ly/r2mlW  (3bfb.msi)

35 / 68    (Adware)
http://ow.ly/zv4qA  (simpson_tapped_out_hack_tool.exe)

35 / 68    (Adware)
http://ow.ly/zzwcp  (clash_of_clans_hack_tool.exe)

0 / 68
http://ow.ly/Fgrqq  (pc_faster_setup_mini_e99_6906495116.exe)

20 / 68    (Adware)
http://ow.ly/C8OrI  (brave_frontier_hack_tool.exe)

34 / 68    (Adware)
http://ow.ly/uKT3H  (dragon_city_hack_tool.exe)

12 / 68    (PUP)
http://ow.ly/yojsn  (pangu_v10_downloader_by_pangu_v10.exe)

0 / 68
http://ow.ly/p9h0U  (drop_shadow.exe)

10 / 68    (Adware)
http://ow.ly/AMUsm  (simpsons_tapped_out_hack_tool.exe)

28 / 68    (Adware)
http://ow.ly/rS3bJ  (wifi hacking tool.exe)

16 / 68    (Adware)
http://ow.ly/peLx4  (bluestacks-splitinstaller_native_downloader-8qp2swl3.exe)

12 / 68    (Adware)
http://ow.ly/xeasF  (Wifi_Password_Hack_Tool.exe)

12 / 68    (Adware)
http://ow.ly/xeaEV  (Clash_Of_Clans_Hack_Tool.exe)

29 / 68    (Adware)
http://ow.ly/uKTtu  (Brave_Frontier_Hack.exe)

13 / 68    (Adware)
http://ow.ly/yDSta  (clash_of_clans_hack_tool.exe)

33 / 68    (Adware)
http://ow.ly/tskxt  (evasi0n7win105_downloader_by_evasi0n7win105.exe)

28 / 68    (Adware)
http://ow.ly/qNnL4  (wifi hacking tool.exe)

25 / 68    (Adware)
http://ow.ly/tsyOK  (Evasi0n7v105forios7ios705exe_downloader_by_Evasi0n7v105forios7ios705exe.exe)

0 / 68
http://ow.ly/ukYac  (httrack.exe)

24 / 68    (Adware)
http://ow.ly/uaGqP  (b4f5cc64706db0c37e88fd6e04bdd3c1.exe)

23 / 68    (Adware)
http://ow.ly/sawRh  (632fa299f3f8eec855d811a224805d92.exe)

 
Latest 30 of 47 download URLs

Remove Malware from ow.ly - Powered by Reason Core Security