www.vuupc.com

ClickMeIn Limited  (via a Proxy Registrant)

Domain Information

The domain www.vuupc.com is registered by proxy through DOMAIN.COM, LLC and was originally registered in February of 2013. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Salt Lake City, Utah within the United States which resides on the Hosting Services, Inc. network. The domain is associated with the publisher ClickMeIn Limited who is located in Nicosia, CY.
Remove Malware from www.vuupc.com - Powered by Reason Core Security
Registrar:
DOMAIN.COM, LLC

Server location:
Utah, United States (US)

Create date:
Wednesday, February 20, 2013

Expires date:
Monday, February 20, 2017

Updated date:
Friday, February 05, 2016

ASN:
AS29854 WESTHOST - WestHost, Inc.

Root domain:

Scanner detections:
Detections  (88% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.ClickMeInLimited.X, PUP.Installer.ClickMeInLimited.R, PUP.Installer.ClickMeInLimited.L, PUP.Installer.ClickMeIn.O, PUP.Optional.Installer.F
95.65%

Dr.Web
Win32.Sector.21, Adware.InstallCore.110, Trojan.Packed.24814, Trojan.Packed.24524, Adware.Downware.2258, Adware.Downware.1411
69.57%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), VIRUS_UNKNOWN, Win32.Troj.Undef.(kcloud)
56.52%

Trend Micro House Call
TROJ_GEN.F47V0827, TROJ_GEN.F47V0124, TROJ_GEN.R0CBH06L713, TROJ_GEN.F47V0318, TROJ_GEN.F47V0412, TROJ_GE.B56E9991, TROJ_GEN.F47V0122, TROJ_GEN.F47V0107, TROJ_GEN.F47V0113
47.83%

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594, PE:Malware.InstallCore!6.4, NS:PUF.SilenceInstaller!1.9DDF
47.83%

Malwarebytes
PUP.Optional.Installcore, PUP.Optional.InstallCore.A
21.74%

ESET NOD32
Win32/InstallCore.CA.gen (variant), Win32/InstallCore.EC, Win32/InstallCore.FS, Win32/InstallCore.BL, Win32/VuuPc
21.74%

Qihoo 360 Security
HEUR/Malware.QVM20.Gen, HEUR/Malware.QVM06.Gen
21.74%

F-Prot
W32/Sality.gen2, W32/InstallCore.R.gen
13.04%

Vba32 AntiVirus
Downware.InstallCore, suspected of Trojan.Downloader.gen.h
13.04%

McAfee
Artemis!75C4F607F177, Artemis!150574442EDB, Artemis!161D08470F5C
13.04%

McAfee Web Gateway
Artemis!75C4F607F177, Artemis!150574442EDB, Artemis!161D08470F5C
13.04%

Avira AntiVirus
W32/Sality.AT, Adware/InstallCore.htw.4
8.70%

Microsoft Security Essentials
Threat.Undefined, SoftwareBundler:Win32/DealPly
8.70%

K7 AntiVirus
Trojan , Unwanted-Program
8.70%

The domain www.vuupc.com has been seen to resolve to the following 6 IP addresses.

dl2.clickmein.com
January 14, 2014

dl6.clickmein.com
January 14, 2014

dl4.clickmein.com
January 14, 2014

dl3.clickmein.com
January 14, 2014

dl1.clickmein.com
January 14, 2014

dl5.clickmein.com
January 14, 2014

File downloads found at URLs served by www.vuupc.com.

15 / 68    (Adware)

0 / 68
http://www.vuupc.com/lps/.../Setup.exe  (c35b36505c82ecaf05e38c67d1b660a1)

7 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (8c3b43f5c06064f59f2694890658d8e8)

5 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (082df210b705e5e4a8a63069b27af652)

5 / 68      (Adware)

0 / 68

5 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (3f8866da6842c0d21b75aefea97b57b4)

5 / 68      (Adware)

5 / 68      (Adware)

5 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (032c4d6ffa9cf95a2d9af2311d2cdf73)

5 / 68      (Adware)

4 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (4f88d171466186bb48ff3d9ca7d6c912.exe)

3 / 68      (Adware)

5 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (54a2e0425122c952b631fe812a3cb8ae)

3 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (1b9a09430bb9aa249eb41a4775c27bb6)

3 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (09a2dde6802209b02f45246627e73b72)

4 / 68      (Adware)
http://www.vuupc.com/ver/.../VuuPCBaseSetup.exe  (0952b7c3744a3fb0bdaa0c119e714b13)

2 / 68      (PUP)

2 / 68      (PUP)

5 / 68      (false positives)

4 / 68      (Adware)
http://www.vuupc.com/download_exe.php  (4f88d171466186bb48ff3d9ca7d6c912.exe)

15 / 68    (Adware)

7 / 68      (Adware)
http://www.vuupc.com/lps/.../Setup.exe  (icreinstall_setup.exe)

12 / 68    (Adware)

8 / 68      (Adware)
http://www.vuupc.com/.../download.php?r=3_vu  (icreinstall_vuupc_setup.exe)

 
Latest 30 of 30 download URLs

The following 7 files have been seen to comunicate with www.vuupc.com in live environments.

URL:
http://www.vuupc.com/

Google Analytics:
UA-42018641

Title:
“Remote Desktop & Remote Access to your PC from Anywhere | ClickMeIn - Home Page”

Description:
“Remote Access to your PC from anywhere. Remote Desktop, Remote Access, Broadcast, Access all your files easily from any browser & from iPhone/ iPad. Make your work schedule more flexible using your home PC to login to your office remotely.”

Web server:
nginx

Facebook:
Likes:  2
Shares:  11

Statistics are for the previous month.

Remove Malware from www.vuupc.com - Powered by Reason Core Security