home

npmsvc.mon

svchost 응용 프로그램

The file npmsvc.mon has been detected as malware by 20 anti-virus scanners.
Product:
svchost 응용 프로그램

Description:
svchost 응용 프로그램

Version:
5, 0, 0, 0

MD5:
fd4665e936933e817a98f28e440cdcd9

SHA-1:
74346b2ad5c37e6a045188893d9c05098d6387ed

SHA-256:
fe882a1b2884b244fb10cacc6a32d818b25209ad49dee00211fb7d03a4790316

Scanner detections:
20 / 68

Status:
Malware

Analysis date:
4/1/2025 8:08:42 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Packed
7.1.1

AhnLab V3 Security
Trojan/Win32.Gen
2012.10.18

Avira AntiVirus
TR/Black.Gen2
7.11.46.136

avast!
Win32:Trojan-gen
2014.9-170315

AVG
Generic6_c
2018.0.2438

Bitdefender
Gen:Trojan.Heur.jC0@Xim4BAkG
1.0.20.370

Comodo Security
UnclassifiedMalware
13892

ESET NOD32
Win32/Packed.VMProtect.AAN (variant)
11.7598

Fortinet FortiGate
W32/Generic
3/15/2017

F-Secure
Gen:Trojan.Heur.jC0@Xim4BAkG
11.2017-15-03_4

G Data
Gen:Trojan.Heur.jC0@Xim4BAkG
17.3.22

IKARUS anti.virus
Backdoor.Win32.PcClient
t3scan.1.1.122.0

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-1314

McAfee
Artemis!FD4665E93693
5600.6094

MicroWorld eScan
Gen:Trojan.Heur.jC0@Xim4BAkG
18.0.0.222

Panda Antivirus
Trj/Thed.V
17.03.15.06

Quick Heal
(Suspicious) - DNAScan
3.17.12.00

Sophos
Mal/Behav-035
4.81

Trend Micro House Call
TROJ_GEN.R72CEJG
7.2.74

Trend Micro
TROJ_GEN.R72CEJG
10.465.15

File size:
156 KB (159,744 bytes)

Product version:
5, 0, 0, 0

Copyright:
Copyright (c) - 2012

Original file name:
svchost.exe

Common path:
C:\users\{user}\appdata\local\virtualstore\windows\npmsvc.mon

File PE Metadata
Compilation timestamp:
10/11/2012 9:21:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

Entry address:
0x60066

Entry point:
E8, 7C, 08, 00, 00, 8D, 64, 24, 04, 0F, 83, AC, 23, FF, FF, 60, 9C, 60, 8D, 64, 24, 44, E9, 38, 1B, FF, FF, 8D, 64, 24, 2C, 0F, 85, 9A, 22, FF, FF, 1C, 88, 66, 0F, B6, C3, 9C, F8, 31, D2, 66, 0F, A5, D8, 30, DC, D5, 34, 89, D0, C0, C0, 03, C0, F8, 07, 83, C7, 01, 00, F8, 8A, 07, 9C, 84, C0, 88, 4C, 24, 04, E9, D8, 44, FF, FF, 8D, 64, 24, 0C, 0F, 85, 5F, 23, FF, FF, 11, E6, 89, F9, 66, D3, CE, C1, EE, 0F, 29, D9, 66, 0F, BE, F0, 89, E6, F5, 0F, 8B, 79, FC, FE, FF, 66, 0F, BA, E3, 09, F5, 83, EF, 04, 9C, 8D...
 
[+]

Entropy:
7.6213

Code size:
40 KB (40,960 bytes)

Remove npmsvc.mon - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.