www.bitberryupdates.com

BITBERRY SOFTWARE APS

Domain Information

The domain www.bitberryupdates.com registered by BITBERRY SOFTWARE APS was initially registered in June of 2010 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Manassas, Virginia within the United States which resides on the Leaseweb USA, Inc. network.
Remove Malware from www.bitberryupdates.com - Powered by Reason Core Security
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Friday, June 18, 2010

Expires date:
Saturday, June 18, 2016

Updated date:
Friday, October 18, 2013

ASN:
AS30633 LEASEWEB-US - Leaseweb USA, Inc.,US

Google Safe Browsing:
unwanted

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InstallX.J, PUP.Optional.Installer.FF, PUP.Installer.BitberrySoftware.FF, PUP.Optional.Installer.T, PUP.Optional.Installer.V
88.89%

Sophos
InstallQ, Install Core, Install Core Click run software
77.78%

Dr.Web
Adware.W3i.32, Adware.InstallCore.133, Trojan.MulDrop5.10078, Adware.Searcher.2650
77.78%

ESET NOD32
Win32/InstallIQ (variant), Win32/InstallCore.CU (variant), Win32/InstallCore.MC, Win32/FileTypeAssistant (variant)
77.78%

VIPRE Antivirus
InstallIQ Installer, InstallCore.b, Adware.Win32.InstallCore.ba
66.67%

McAfee
Artemis!A34F9AC02DB1, Artemis!370EA922FC3E, Artemis!F72A5777498B, Artemis!01D43CE950BA, Artemis!B6EBAB9EE42C
55.56%

Malwarebytes
PUP.PlayPickle, PUP.Optional.InstallCore, PUP.Optional.InstallIQ
55.56%

Trend Micro House Call
TROJ_GEN.F47V0815, TROJ_GEN.F47V1122, TROJ_GEN.F47V0917, TROJ_GEN.F47V0727, TROJ_GEN.F47V0706
55.56%

McAfee Web Gateway
Artemis!A34F9AC02DB1, Artemis!370EA922FC3E, Artemis!F72A5777498B, Artemis!01D43CE950BA, Artemis!B6EBAB9EE42C
55.56%

K7 Gateway Antivirus
Riskware, Unwanted-Program
55.56%

K7 AntiVirus
Riskware, Unwanted-Program
55.56%

Comodo Security
Application.Win32.InstallIQ.B, Application.Win32.InstallCore.BWAN
44.44%

Rising Antivirus
PE:PUF.InstallIQ!1.9E4F, PE:Malware.XPACK-LNR/Heur!1.5594
44.44%

IKARUS anti.virus
AdWare.InstallIQ
33.33%

AVG
Skodna.Generic_r
33.33%

The domain www.bitberryupdates.com has been seen to resolve to the following 2 IP addresses.

hosted-by.leaseweb.com
September 2, 2014

bitberryupdates.com
February 6, 2014

File downloads found at URLs served by www.bitberryupdates.com.

22 / 68    (Adware)

22 / 68    (Adware)

3 / 68      (PUP)
http://www.bitberryupdates.com/ffv_redir.html?r=ffvdl  (icreinstall_freefileviewersetup.exe)

4 / 68      (PUP)

15 / 68    (PUP)
http://www.bitberryupdates.com/ffv_redir.html?r=ffvdl  (icreinstall_freefileviewersetup.exe)

6 / 68      (PUP)

2 / 68      (PUP)

14 / 68    (Adware)
http://www.bitberryupdates.com/fmp_redir.html?r=fmpdl  (icreinstall_finalmediaplayersetup.exe)

30 / 68    (Adware)

The following file have been seen to comunicate with www.bitberryupdates.com in live environments.

URL:
http://www.bitberryupdates.com/

Web server:
Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (PHP/5.4.30)

Compete.com:
US visitors:  10,537

Statistics are for the previous month.

Remove Malware from www.bitberryupdates.com - Powered by Reason Core Security