www.bitberryupdates.com

BITBERRY SOFTWARE APS

Domain Information

The domain www.bitberryupdates.com registered by BITBERRY SOFTWARE APS was initially registered in June of 2010 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Manassas, Virginia within the United States which resides on the Leaseweb USA, Inc. network.
Registrar:
ENOM, INC.

Server location:
Virginia, United States (US)

Create date:
Friday, June 18, 2010

Expires date:
Saturday, June 18, 2016

Updated date:
Friday, October 18, 2013

ASN:
AS30633 LEASEWEB-US - Leaseweb USA, Inc.,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.InstallX.J, PUP.Optional.BitberrySoftware.N, PUP.Optional.Installer.FF, PUP.Installer.BitberrySoftware.FF, PUP.InstallX.Installer (M), PUP.NewMedia.NMH.Bundler (M)
92.86%

Sophos
InstallQ, Install Core, Install Core Click run software
57.14%

Dr.Web
Adware.W3i.32, Adware.InstallCore.133, Trojan.MulDrop5.10078, Adware.W3i.30, Adware.Searcher.2650
57.14%

ESET NOD32
Win32/InstallIQ (variant), Win32/InstallCore.CU (variant), Win32/InstallCore.MC, Win32/FileTypeAssistant (variant)
57.14%

VIPRE Antivirus
InstallIQ Installer, InstallCore.b, Adware.Win32.InstallCore.ba
50.00%

McAfee
Artemis!A34F9AC02DB1, Artemis!370EA922FC3E, Artemis!F72A5777498B, Artemis!01D43CE950BA, Artemis!B6EBAB9EE42C
42.86%

Malwarebytes
PUP.PlayPickle, PUP.Optional.InstallCore, PUP.Optional.InstallIQ
42.86%

Trend Micro House Call
TROJ_GEN.F47V0815, TROJ_GEN.F47V1122, TROJ_GEN.F47V0917, TROJ_GEN.F47V0727, TROJ_GEN.F47V0706, TROJ_GEN.F47V0502
42.86%

McAfee Web Gateway
Artemis!A34F9AC02DB1, Artemis!370EA922FC3E, Artemis!F72A5777498B, Artemis!01D43CE950BA, Artemis!B6EBAB9EE42C
42.86%

K7 Gateway Antivirus
Riskware, Unwanted-Program
42.86%

K7 AntiVirus
Riskware, Unwanted-Program
42.86%

Comodo Security
Application.Win32.InstallIQ.B, Application.Win32.InstallCore.BWAN
35.71%

IKARUS anti.virus
AdWare.InstallIQ
28.57%

AVG
Skodna.Generic_r
28.57%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
28.57%

The domain www.bitberryupdates.com has been seen to resolve to the following 2 IP addresses.

hosted-by.leaseweb.com
September 2, 2014

bitberryupdates.com
February 6, 2014

File downloads found at URLs served by www.bitberryupdates.com.

1 / 68      (Adware)
http://www.bitberryupdates.com/fmp_redir.html?r=fmpdl  (finalmediaplayer2014u1setup.exe)

1 / 68      (Adware)

23 / 68    (Adware)

1 / 68      (Adware)

2 / 68      (PUP)

22 / 68    (Adware)

22 / 68    (Adware)

3 / 68      (PUP)
http://www.bitberryupdates.com/ffv_redir.html?r=ffvdl  (icreinstall_freefileviewersetup.exe)

4 / 68      (PUP)

15 / 68    (PUP)
http://www.bitberryupdates.com/ffv_redir.html?r=ffvdl  (icreinstall_freefileviewersetup.exe)

6 / 68      (PUP)

2 / 68      (PUP)

14 / 68    (Adware)
http://www.bitberryupdates.com/fmp_redir.html?r=fmpdl  (icreinstall_finalmediaplayersetup.exe)

30 / 68    (Adware)

The following 16 files have been seen to comunicate with www.bitberryupdates.com in live environments.

URL:
http://www.bitberryupdates.com/

Web server:
Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 (PHP/5.4.30)

Compete.com:
US visitors:  10,537

Statistics are for the previous month.