Home Possibly Unwanted Program PUP.VuuPC

PUP.VuuPC

Posted: February 18, 2014

Threat Metric

Ranking: 10,000
Threat Level: 1/10
Infected PCs: 528,422
First Seen: February 18, 2014
Last Seen: October 15, 2023
OS(es) Affected: Windows


VuuPC is a potentially unwanted program that could cause several unwanted and annoying actions on your computer. The VuuPC application may load through previously installed freeware programs or bundled software applications. When it is loaded, VuuPC may then change your default home page or cause unwanted redirects to questionable sites. Additionally, VuuPC could be associated with various advertisement pop-ups that eventually cause your web browser to perform poorly limiting your ability to surf the internet. The effects of VuuPC may be reversed by removing the VuuPC program and all of its associated files. This includes the removal of plugins or add-on components that may have loaded when VuuPC was installed. Automatically performing removal of VuuPC may take the use of an updated antimalware tool.

Aliases

Adware.Downware.1411 [DrWeb]Artemis!B2F2603C878D [McAfee]Artemis!11D2069CB451 [McAfee]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\Users\<username>\AppData\Local\VuuPCBaseSetup_ztlbr.exe File name: VuuPCBaseSetup_ztlbr.exe
Size: 288.44 KB (288448 bytes)
MD5: 53d05a864a5e0dd052ca8b9f371169c1
Detection count: 3,396
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\VuuPCBaseSetup_ztlbr.exe
Group: Malware file
Last Updated: November 18, 2022
%SYSTEMDRIVE%\Users\<username>\AppData\Local\nsm3556.tmp File name: nsm3556.tmp
Size: 260.87 KB (260876 bytes)
MD5: f6cc5c35eaa19bca876d1ddc4d103cb3
Detection count: 909
File type: Temporary File
Mime Type: unknown/tmp
Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\nsm3556.tmp
Group: Malware file
Last Updated: September 29, 2023
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.72 KB (73728 bytes)
MD5: 44ce06c1e9536353e9f3c90a86c9dd91
Detection count: 178
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 62.97 KB (62976 bytes)
MD5: 55006ec92eec471aeb2622cce2b56ce6
Detection count: 143
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.72 KB (73728 bytes)
MD5: 1a63d4eca963656dde4eddb982c3def0
Detection count: 141
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.72 KB (73728 bytes)
MD5: 9d3dc7a0263af1a206c8a520eb7e20a0
Detection count: 119
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 61.95 KB (61952 bytes)
MD5: 033a5a7b063cdc638b32ef5f609dd871
Detection count: 73
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.21 KB (73216 bytes)
MD5: 4e7e1c61730b97a2538e34c419f97b63
Detection count: 56
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 72.19 KB (72192 bytes)
MD5: e9058c29b221fab169abd995c2af8730
Detection count: 49
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 72.19 KB (72192 bytes)
MD5: 03a7355cff30211cea61d1ba409cf243
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.72 KB (73728 bytes)
MD5: 6a49bc31bf54e1b0b123640a4e2c2061
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 55.8 KB (55808 bytes)
MD5: 3ef9664bd0ba4fcfa6532e06387c970d
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.72 KB (73728 bytes)
MD5: 2a46b0be9cab6584b9d9a2144124f213
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.21 KB (73216 bytes)
MD5: 3aa5749a7fd800c1624e9cd27c5e5f7d
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 62.97 KB (62976 bytes)
MD5: a97f6ab44f7053414c916698f1135a8a
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\IWsrv.exe File name: IWsrv.exe
Size: 73.21 KB (73216 bytes)
MD5: d4d531b0e1da5fcd3221e447cb0953b1
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016
%APPDATA%\InstallW\Full_Setup.exe File name: Full_Setup.exe
Size: 591.06 KB (591060 bytes)
MD5: 1522680f0a81e35d0857d4b839d07944
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\InstallW
Group: Malware file
Last Updated: March 24, 2016

More files

Registry Modifications

The following newly produced Registry Values are:

File name without pathContinue VuuPC Installation.lnkMy VuuPC.lnkRegexp file mask%windir%\System32\Tasks\VuuPC[RANDOM CHARACTERS]HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VuuPCUpdateSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VuuPCUpdateLoginSYSTEM\ControlSet001\services\RemoteEngineServiceSYSTEM\ControlSet001\services\VuuPCConnectivitySYSTEM\ControlSet002\services\RemoteEngineServiceSYSTEM\ControlSet002\services\VuuPCConnectivitySYSTEM\CurrentControlSet\services\RemoteEngineServiceSYSTEM\CurrentControlSet\services\VuuPCConnectivityHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}VuuPC

Additional Information

The following directories were created:
%APPDATA%\InstallW%APPDATA%\Microsoft\Windows\Start Menu\Programs\VuuPC%PROGRAMFILES%\VuuPC%PROGRAMFILES(x86)%\VuuPC
Loading...