Also known as: PUP.Optional.DotSetupIo, PUA.MSIL.Dotsetupio, Adware/DotSetupIo
Category: Malware
Type: potentially unwanted program (PUP), adware, browser hijacker, keylogger
Platform: Windows
Variants: PUP.DotSetupIO/Variant, PUP.Optional.DotSetupIo, PUP.Optional.DotSetupIo.BundleInstaller
Damage potential: A threat to your privacy and security. It may track your online behavior, steal your personal data, and trick you into installing more dangerous programs.
Overview
DotSetupIo is a potentially unwanted program (PUP) that shows you advertisements that do not originate from the websites you’re visiting. It can hijack your browser, change its settings, and redirect you to a malicious website. DotSetuplo tracks your browsing behavior, collects your personal information, and sells it to third parties.
Possible symptoms
- You see intrusive and annoying pop-ups and other advertisements.
- Unfamiliar processes in the Task Manager.
- Your browser redirects you to malicious or fraudulent websites, for example, fake tech support sites, unsafe dating websites, websites with fake virus warnings, fake giveaway or survey websites, and drive-by-download malware sites.
- Network crashes, browser crashes, slow internet speeds, problems with internet connection, blocked access to certain websites.
- The default search engine you use or the home page of that search engine changed.
- New browser extensions you've not installed.
Sources of the infection
DotSetuplo often comes with software bundles. When you’re installing a software package, DotSetuplo may hide under “recommended” or “default” installation settings. Known cases were Flash and KMplayer installation files, which were corrupted beforehand and usually shared via pirate websites.
This adware may also spread via the usual malware-distribution methods. Your device may be infected when you’re visiting malicious websites or opening malicious emails and downloading their attachments. Cybercriminals may use software vulnerabilities to inject DotSetuplo and other malware into your system.
Protection
- Keep your operating system and software — especially your browser — updated.
- Carefully pay attention to every step during the installation process. Be wary of pre-checked boxes and UI buttons that trick you into clicking “agree” or “proceed.”
- Don’t download software (bundles) from unofficial sources.
- Be cautious when opening emails. Don’t click on links or open attachments from unknown sources.
- Use multi-factor authentication to protect your accounts from DotSetuplo because it extracts or captures passwords saved in your browser. Better yet — use a password manager instead of keeping your credentials in the browser.
- Use NordVPN’s Threat Protection Pro to stop malware before it downloads to your device. Threat Protection Pro also alerts you if you’re about to enter a malicious website.
Removal
Use reliable antivirus software to detect, quarantine, and eliminate a DotSetuplo infection.
