We received the file VOPACKAGE.EXE and detected that VOPACKAGE.EXE is not good.
VOPACKAGE.EXE is Adware. You should remove the file VOPACKAGE.EXE.
Kill the process VOPACKAGE.EXE and remove VOPACKAGE.EXE from Windows.
Malware Analysis of VOPACKAGE.EXE
Full path on a computer: %Appdata%\VOPackage\VOPackage.exe
Detected by UnHackMe:
VOPACKAGE.EXE
Default location: %Appdata%\VOPackage\VOPackage.exe
Removal Results: Success
Number of reboot: 1
VOPACKAGE.EXE is known as:
Adware.PUP.VOPackage
VOPACKAGE.EXE hash:
- MD5: 1c7162a646986c12b879d8a46a8dc003
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect VOPACKAGE.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\sdp\shell\open\command\: “”%Local Appdata%\FilesFrog Update Checker\update_checker.exe” /protocol %1″
- HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{d82e4a1b-8ba4-4c85-895c-05e6d3e49e2e}\DisplayName: “Search Protect Search”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1place.org Games_is1\DisplayName: “1place.org Games version 1.4″
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1place.org Games_is1\UninstallString: “”%Local Appdata%\1place.org Games\unins000.exe”"
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BaseFlash\DisplayName: “BaseFlash”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BaseFlash\UninstallString: “%Appdata%\BaseFlash\uninstallkit.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker\DisplayName: “FilesFrog Update Checker”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker\UninstallString: “%Local Appdata%\FilesFrog Update Checker\uninstall.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer\DisplayName: “SpeedUpMyComputer”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer\UninstallString: “%Program Files%\SmartTweak\SpeedUpMyComputer\uninst.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage\DisplayName: “VO Package”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage\UninstallString: “”%Appdata%\VOPackage\uninstall.exe”"
- HKLM\System\CurrentControlSet\Services\GamesRS\ImagePath: “%Program Files%\GamesRS\GUpdater.exe”
- HKLM\System\CurrentControlSet\Services\GamesRS\DisplayName: “GamesRS”
- HKLM\System\CurrentControlSet\Services\srvProtectExtension\ImagePath: “%Appdata%\BaseFlash\protect\ProtectExtension.exe”
- HKLM\System\CurrentControlSet\Services\srvProtectExtension\DisplayName: “Protect your browser’s extensions and plugins”
- HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d82e4a1b-8ba4-4c85-895c-05e6d3e49e2e}\DisplayName: “Search Protect Search”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SDP: “%Local Appdata%\FilesFrog Update Checker\update_checker.exe /auto ”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SpeedUpMyComputer: “%Program Files%\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as”
Folders:- %Appdata%\BaseFlash
- %Appdata%\BaseFlash\protect
- %Appdata%\pdfforge
- %Appdata%\pdfforge\Images2PDF
- %Appdata%\pdfforge\PDFArchitect
- %Appdata%\VOPackage
- %Local Appdata%\Google\Chrome\User Data\Default\Pepper Data
- %Local Appdata%\1place.org Games
- %Local Appdata%\FilesFrog Update Checker
- %Programs%\FilesFrog Update Checker
- %Programs%\SmartTweak Software
- %Programs%\SmartTweak Software\SpeedUpMyComputer
- %Programs%\VOPackage
- %Common Appdata%\Microsoft\Dr Watson
- %Common Startmenu%\Programs\PDFCreator
- %Common Startmenu%\Programs\PDFCreator\Images2PDF
- %Common Startmenu%\Programs\PDFCreator\Licenses
- %Program Files%\GamesRS
- %Program Files%\SmartTweak
- %Program Files%\SmartTweak\SpeedUpMyComputer
- %SysDir%\spool\drivers\WIN40
Files:- %Appdata%\Mozilla\Firefox\Profiles\gi17c3pt.default\extensions\playgame@zugaramedia.com.xpi
- %Appdata%\BaseFlash\protect\config.xml
- %Appdata%\BaseFlash\protect\Interop.Shell32.dll
- %Appdata%\BaseFlash\protect\Newtonsoft.Json.dll
- %Appdata%\BaseFlash\protect\ProtectExtension.exe
- %Appdata%\BaseFlash\protect\sqlite3.exe
- %Appdata%\BaseFlash\protect\utilsDll.dll
- %Appdata%\BaseFlash\uninstallkit.exe
- %Appdata%\pdfforge\Images2PDF\Images2PDF.settings
- %Appdata%\pdfforge\PDFArchitect\PDFArchitect.settings
- %Appdata%\VOPackage\Uninstall.exe
- %Appdata%\VOPackage\VOPackage.exe
- %Desktop%\SpeedUpMyComputer.lnk
- %Local Appdata%\1place.org Games\unins000.dat
- %Local Appdata%\1place.org Games\unins000.exe
- %Local Appdata%\FilesFrog Update Checker\TempWmicBatchFile.bat
- %Local Appdata%\FilesFrog Update Checker\uninstall.exe
- %Local Appdata%\FilesFrog Update Checker\update_checker.exe
- %Temp%\1PlaceOrgGames_Somoto.exe
- %Temp%\4.tmp
- %Temp%\bhfiles\7z.dll
- %Temp%\bhfiles\BrowserHelper.exe
- %Temp%\bhfiles\BrowserHelper.exe.config
- %Temp%\bhfiles\browserhelper.log
- %Temp%\bhfiles\ff_conduit_check.json
- %Temp%\bhfiles\IEOpenServiceHelper.exe
- %Temp%\bhfiles\Newtonsoft.Json.dll
- %Temp%\bhfiles\SevenZipSharp.dll
- %Temp%\bhfiles\STch.json
- %Temp%\bhfiles\STch.json.old
- %Temp%\bhfiles\STff.json
- %Temp%\bhfiles\STff.json.old
- %Temp%\bhfiles\STie.json
- %Temp%\bhfiles\STie.json.old
- %Temp%\bhfiles\sweettunes_search.xml
- %Temp%\bhfiles\sweettunes_search.xml.old
- %Temp%\bhfiles\System.Data.SQLite.dll
- %Temp%\bhfiles\trusted_search.xml
- %Temp%\bhfiles\x86\SQLite.Interop.dll
- %Temp%\biclient.exe
- %Temp%\DI\InstallerLibrary.dll
- %Temp%\DI\ValidationScriptLibrary.dll
- %Temp%\heu39T.nss
- %Temp%\InstallerLibrary.dll
- %Temp%\jdaaAVBC_132
- %Temp%\ms.exe
- %Temp%\nsa24.tmp
- %Temp%\nsg37.tmp\Registry.dll
- %Temp%\nsk41.tmp
- %Temp%\nslF.tmp\registry.dll
- %Temp%\nsq1E.tmp\InstallerLibrary.dll
- %Temp%\nsq1E.tmp\ValidationScriptLibrary.dll
- %Temp%\nsw19.tmp
- %Temp%\Number of results
- %Temp%\PDFCreator-1_3_2_setup.exe
- %Temp%\qms.exe
- %Temp%\setup_132.exe
- %Temp%\SpeedUpMyComputer.exe
- %Temp%\UpdateCheckerSetup.exe
- %Temp%\ValidationScriptLibrary.dll
- %Programs%\FilesFrog Update Checker\Check for Updates.lnk
- %Programs%\FilesFrog Update Checker\Uninstall.lnk
- %Programs%\SmartTweak Software\SpeedUpMyComputer\SpeedUpMyComputer.lnk
- %Programs%\SmartTweak Software\SpeedUpMyComputer\Uninstall.lnk
- %Programs%\SmartTweak Software\SpeedUpMyComputer\Website.lnk
- %Programs%\VOPackage\Configure.lnk
- %Common Appdata%\Microsoft\Dr Watson\drwtsn32.log
- %Common Desktopdirectory%\1place.org Games.url
- %Common Desktopdirectory%\PDFArchitect.lnk
- %Common Desktopdirectory%\PDFCreator.lnk
- %Common Startmenu%\Programs\PDFCreator\Donate PDFCreator.lnk
- %Common Startmenu%\Programs\PDFCreator\History.lnk
- %Common Startmenu%\Programs\PDFCreator\Images2PDF\Images2PDF Console Application.lnk
- %Common Startmenu%\Programs\PDFCreator\Images2PDF\Images2PDF.lnk
- %Common Startmenu%\Programs\PDFCreator\Licenses\AFPL License.lnk
- %Common Startmenu%\Programs\PDFCreator\Licenses\FairPlay License.lnk
- %Common Startmenu%\Programs\PDFCreator\Licenses\GPL License.lnk
- %Common Startmenu%\Programs\PDFCreator\PDFArchitect.lnk
- %Common Startmenu%\Programs\PDFCreator\PDFCreator Help.lnk
- %Common Startmenu%\Programs\PDFCreator\PDFCreator on the Web.lnk
- %Common Startmenu%\Programs\PDFCreator\PDFCreator.lnk
- %Common Startmenu%\Programs\PDFCreator\Translation Tool.lnk
- %Program Files%\Mozilla Firefox\browser\searchplugins\sweettunes_search.xml
- %Program Files%\GamesRS\GUpdater.exe
- %Program Files%\GamesRS\msvcp100.dll
- %Program Files%\GamesRS\msvcr100.dll
- %Program Files%\GamesRS\QtCore4.dll
- %Program Files%\GamesRS\QtNetwork4.dll
- %Program Files%\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe
- %Program Files%\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.url
- %Program Files%\SmartTweak\SpeedUpMyComputer\uninst.exe
- %SysDir%\spool\drivers\w32x86\3\PDFCREAT.BPD
- %SysDir%\spool\drivers\w32x86\3\PDFCREAT.PPD
- %SysDir%\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %SysDir%\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %SysDir%\MSMAPI32.OCX
- %SysDir%\MSMPIDE.DLL
- %SysDir%\pdfcmon.dll