» vosrv.exe
Overview
Analysis
File Details
Programs (1)

vosrv.exe

The application vosrv.exe has been detected as a potentially unwanted program by 14 anti-malware scanners. This file is typically installed with the program Remote Desktop Access (VuuPC) by CMI Limited which is a potentially unwanted software program.

File name:

vosrv.exe

MD5:

f09c3c05cd08651650018537bd92567f

SHA-1:

e8f6f083f669f1fd13cab63b246ff54006969319

SHA-256:

86042e345980a3ace4fbaf2210af832f4a310c9e77d103d1915a6d6747680bae

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 12:04:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Rootkit.14937

876

avast!

Win32:Rootkit-gen [Rtk]

140617-1

Baidu Antivirus

Adware.Win32.VOPackage

4.0.3.14911

Bitdefender

Rootkit.14937

1.0.20.1270

Emsisoft Anti-Malware

Rootkit.14937

8.14.09.11.02

ESET NOD32

Win32/VOPackage (variant)

8.10153

Fortinet FortiGate

Riskware/VOPackage

9/11/2014

F-Secure

Rootkit.14937

11.2014-11-09_5

G Data

Rootkit.14937

14.9.24

MicroWorld eScan

Rootkit.14937

15.0.0.762

Qihoo 360 Security

Win32/RootKit.Rootkit.7e5

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.11.14

Trend Micro House Call

Suspicious_GEN.F47V0726

7.2.254

VIPRE Antivirus

Threat.4150696

31208

File size:

69.5 KB (71,168 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\roaming\vopackage\vosrv.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

1536:1rZbJMsZ6OyZ1pq7pK1sEj0hHoXk9W7lw6He:lZAOyz+p6sEjCW7lw6+

Entry point:

E8, 33, 21, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 05, 0C, 00, 00, 8B, FF, 51, C7, 01, F0, C6, 40, 00, E8, B0, 21, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, CC, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, EE, 21, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 6A, 0C, 68, F0, EA, 40, 00, E8, D7, 1E, 00, 00, 33, C0, 33, F6, 39, 75, 08, 0F, 95, C0, 3B, C6, 75, 15... 
[+]

The file vosrv.exe has been discovered within the following program.

Remote Desktop Access (VuuPC) by CMI Limited

Developed and distributed through bundled installer from Click Me In. The software may be bundled by 3rd-party products using the InstallCore distribution platform.

vuupc.com/terms.html

About 82% of users remove it

Remove vosrv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.