I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
PROCESSCMD.DLL – Trojan Agent removal
| File | MD5 | Virus Alias |
|---|---|---|
| PROCESSCMD.DLL | 1702648b4bf4c1bf88a1a45d5b3cc794 | Trojan Agent |
| PROCESSCMD.DLL | 1702648b4bf4c1bf88a1a45d5b3cc794 | Trojan SuspiciousFile |
PROCESSCMD.DLL size: 155776 bytes
PROCESSCMD.DLL hash: 1702648B4BF4C1BF88A1A45D5B3CC794
Created files:
%Program Files%\NPAVAdminClient\FileSndr.dll
%Program Files%\NPAVAdminClient\GenSender.dll
%Program Files%\NPAVAdminClient\LstnCmd.dll
%Program Files%\NPAVAdminClient\NpClInst.exe
%Program Files%\NPAVAdminClient\NpClSrv.exe
%Program Files%\NPAVAdminClient\ProcessCmd.dll
%Program Files%\NPAVAdminClient\RegMgmt.dll
%Program Files%\NPAVAdminClient\RegSilen.exe
%Program Files%\NPAVAdminClient\RptParse.dll
%TEMP%\AgentInstaller\AgentInstaller\NpClInst.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\NPClSrv\Type: 10010000
HKLM\System\CurrentControlSet\Services\NPClSrv\Start: 02000000
HKLM\System\CurrentControlSet\Services\NPClSrv\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NPClSrv\DisplayName: NPAV Agent Service
HKLM\System\CurrentControlSet\Services\NPClSrv\ImagePath: %Program Files%\NPAVAdminClient\NpClSrv.exe
Detected by UnHackMe:
PROCESSCMD.DLL
Default location: %PROGRAM FILES%\NPAVADMINCLIENT\PROCESSCMD.DLL
Dropper information:
MD5: 5c292575b2ac12d2ac6c5fa3a4e47621
File size: 495616 bytes