www.freefileviewer.com

BITBERRY SOFTWARE APS

Domain Information

The domain www.freefileviewer.com registered by BITBERRY SOFTWARE APS was initially registered in May of 2010 through ENOM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Pittsburgh, Pennsylvania within the United States which resides on the pair Networks network.
Registrar:
ENOM, INC.

Server location:
Pennsylvania, United States (US)

Create date:
Thursday, May 20, 2010

Expires date:
Friday, May 20, 2016

Updated date:
Friday, October 18, 2013

ASN:
AS7859 PAIR-NETWORKS - pair Networks

Root domain:

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.BitberrySoftware.N, PUP.Installer.BitberrySoftware.FF, PUP.Optional.Installer.FF, PUP.Optional.BitberrySoftware.L, PUP.Optional.Installer.I, PUP.Bitberry.BitberrySoftware.Installer (M)
100.00%

ESET NOD32
Win32/InstallCore.CU (variant), Win32/InstallCore.MC, Win32/FileTypeAssistant (variant), Win32/InstallCore.PO (variant)
82.76%

Sophos
Install Core, Install Core Click run software
79.31%

K7 AntiVirus
Unwanted-Program , Trojan
68.97%

K7 Gateway Antivirus
Unwanted-Program , Trojan
68.97%

McAfee Web Gateway
Artemis!370EA922FC3E, Artemis!E88AA19D5C33, Artemis!Trojan, BehavesLike.Win32.CryptInno.bc, BehavesLike.Win32.CryptInno.cc
55.17%

Avira AntiVirus
Adware/InstallCore.A.1448, ADWARE/InstallCore.Gen9, Adware/InstallCore.798424, Adware/InstallCore.782544
44.83%

Trend Micro House Call
TROJ_GEN.F47V1122, TROJ_GEN.F47V0319, Suspicious_GEN.F47V0719, Suspicious_GEN.F47V1126, Suspicious_GEN.F47V1210, Suspicious_GEN.F47V1215
41.38%

McAfee
Artemis!370EA922FC3E, Artemis!E88AA19D5C33, Artemis!60B2B7B3015D, Artemis!D0F598D12D0E, Artemis!DDF6AAB64EC6, Artemis!B3E421EA8C8C, Artemis!BE8866CB0C92, Artemis!EF4FF5A22452, Artemis!84D518D3185D, Artemis!F3429B6E7242
37.93%

Dr.Web
Adware.InstallCore.133, Trojan.MulDrop5.10078, Trojan.MulDrop5.34526, Trojan.MulDrop5.39787, Trojan.MulDrop5.40210, Trojan.MulDrop5.41648, Trojan.MulDrop5.48289
37.93%

Baidu Antivirus
Adware.Win32.InstallCore
31.03%

Fortinet FortiGate
Riskware/InstallCore
20.69%

Malwarebytes
PUP.Optional.InstallCore, PUP.Optional.Bitberry, PUP.Optional.InstallCore.A
13.79%

VIPRE Antivirus
InstallCore.b, Adware.Win32.InstallCore.ba, Trojan.Win32.Generic
13.79%

herdProtect (fuzzy)
a variant of f33d35f4ee4f8b5584931a1ebca1febd783d31d2, a variant of 46c3debaecb9850e9b53f91ec912f411239d4123, a variant of e4e7d9fac55a2f9fcea54e23eacbb412fc29dade
13.79%

The domain www.freefileviewer.com has been seen to resolve to the following IP address.

freefileviewer.com
August 5, 2013

File downloads found at URLs served by www.freefileviewer.com.

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
http://www.freefileviewer.com/downloads/.../FFVSetup.exe  (ade3c280cc570f959b5680cde685b3f8)

6 / 68      (PUP)

10 / 68    (PUP)

2 / 68      (PUP)

1 / 68      (PUP)
http://www.freefileviewer.com/downloads/.../FFVSetup.exe  (5fa5313874d832ad9a2254913b34cd02)

3 / 68      (PUP)

The following 2 files have been seen to comunicate with www.freefileviewer.com in live environments.

URL:
http://www.freefileviewer.com/

Google Analytics:
UA-18826994

Title:
“PDF, DOC, DOCX, DAT, BIN, PHP Viewer - FreeFileViewer”

Description:
“Free viewer for PDF, DOC, DOCX, PHP, CFG, DAT etc. files”

SSL certificate subject:
CN=www.freefileviewer.com, OU=PositiveSSL, OU=Domain Control Validated

SSL certificate issuer:
CN=K Software Certificate Authority (DV), O=K Software, L=Ashland, S=KY, C=US

Web server:
Apache/2.2.31

Facebook:
Likes:  59
Shares:  359
Comments:  91

Compete.com:
US visitors:  26,969

Statistics are for the previous month.