ffvcheckforupdates.exe

Update Checker

Bitberry Software

The application ffvcheckforupdates.exe by Bitberry Software has been detected as a potentially unwanted program by 3 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named FreeFileViewerUpdateChecker triggered to execute each time a user logs in. Additionally, the file is typically installed by a number of programs including FinalTorrent 2015 by Bitberry Software and Final Media Player 2014 by Bitberry Software. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Bitberry Software  (signed and verified)

Product:
Update Checker

Version:
2013.3.25.0

MD5:
45d04f1309c5d1dc172f139a89d90e66

SHA-1:
33cd6c6814dad3062596dca364d5e7f656ab4036

SHA-256:
cf91298342bfee7ca9a441908f80961ab218613b8202f54e1242590bdf3108ff

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/15/2024 10:47:06 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Task.BitberrySoftware.S
188163

Reason Heuristics
PUP.Bitberry
15.4.21.13

Vba32 AntiVirus
Signed-Adware.InstallCore
3.12.24.3

File size:
1.6 MB (1,635,512 bytes)

Product version:
2013.3.25.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\freefileviewer\ffvcheckforupdates.exe

Digital Signature
Authority:
The USERTRUST Network

Valid from:
10/31/2010 5:00:00 PM

Valid to:
10/31/2013 4:59:59 PM

Subject:
CN=Bitberry Software, O=Bitberry Software, STREET=Blomsterhaven 42, L=Holbaek, S=n/a, PostalCode=4300, C=DK

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00BFCE655DC312403F105230416ACDF5B3

File PE Metadata
Compilation timestamp:
3/25/2013 9:24:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:3E1pK+hMtnhdmcpfxFq2gd0dXjb9TbO/YnU:gpFSScpfxw5AzU

Entry address:
0x1678

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 8C, E0, 51, 00, A1, 7F, E0, 51, 00, C1, E0, 02, A3, 83, E0, 51, 00, 52, 6A, 00, E8, C1, B4, 11, 00, 8B, D0, E8, 26, 8F, 0F, 00, 5A, E8, 48, 8E, 0F, 00, E8, 5B, 8F, 0F, 00, 6A, 00, E8, 30, A0, 0F, 00, 59, 68, 28, E0, 51, 00, 6A, 00, E8, 9B, B4, 11, 00, A3, 87, E0, 51, 00, 6A, 00, E9, 17, 2C, 10, 00, E9, 62, A0, 0F, 00, 33, C0, A0, 71, E0, 51, 00, C3, A1, 87, E0, 51, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, E4, 00, 00, 00, 0B, C9...
 
[+]

Entropy:
6.6982

Code size:
1.1 MB (1,167,360 bytes)

2 Scheduled Tasks
Task name:
FreeFileViewerUpdateChecker

Trigger:
Logon (Runs on logon)

Task name:
Final Media Player Update Checker

Trigger:
Logon (Runs on logon)


The file ffvcheckforupdates.exe has been discovered within the following programs.

Final Media Player 2012  by Bitberry Software
Final Media Player will modify system settings upon installation, making Final Media Player the default viewer application for supported file types that do not already have a default viewer application associated.
www.bitberry.com
72% remove it
Final Media Player 2014  by Bitberry Software
52% remove it
FinalTorrent 2012  by Bitberry Software
This software will install various bundled potentially unwanted programs via the InstallIQ distribution system. It will also modify system settings.
www.FinalTorrent.com
50% remove it
FinalTorrent 2015  by Bitberry Software
About 8% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to hosted-by.leaseweb.com  (162.210.196.7:80)

Remove ffvcheckforupdates.exe - Powered by Reason Core Security