home

pagent.exe

Print Job Agent

CZ Solution Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PrintAgent’.
Publisher:
CZ Solution Co., Ltd.   (signed and verified)

Product:
Print Job Agent

Version:
2.00

MD5:
d320ece48abb23245863d5ad5fa1f109

SHA-1:
102cd129d50bd0914d56f21f1d7f0fc6757e1cac

SHA-256:
91b64e0ab7c7dbd20ca6206b937e523ab5da5aff26c799047bd0e2b71eea085e

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 2:33:00 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Gen:Trojan.Heur.VP.8y1aamqS1Zoi
11.5.0.6191

Norman
Gen:Trojan.Heur.VP.8y1aamqS1Zoi
19.05.2016 05:17:13

File size:
974.3 KB (997,680 bytes)

Product version:
2.00

Original file name:
pagent.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\print job agent\print job agent\pagent.exe

Digital Signature
Signed by:
CZ Solution Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/3/2012 1:00:00 AM

Valid to:
2/2/2015 12:59:59 AM

Subject:
CN="CZ Solution Co., Ltd. ", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="CZ Solution Co., Ltd. ", L=Xiamen, S=Fujian, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6E7B6395AC5B5C8A2AECC4528D9E6510

File PE Metadata
Compilation timestamp:
4/9/2013 2:22:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:TEvgdQl46dg2yGu0zAEZUbE29gt8Q9Xuv/:oTnO275EQog79ev/

Entry address:
0x2EFD3

Entry point:
52, BA, 64, 00, 00, 00, EB, 1B, B9, 00, 10, 00, 00, EB, 05, 03, C1, 03, C3, 49, 0B, C9, 75, F7, 52, 54, 54, FF, 15, 3C, 90, 51, 00, 5A, 4A, 0B, D2, 75, E1, 5A, E9, 00, F0, 27, 00, 00, 00, 00, 00, 59, 5F, 63, 51, 75, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 60, 00, 00, 80, 06, 00, 00, 00, C0, 00, 00, 80, 0E, 00, 00, 00, 48, 00, 00, 80, 10, 00, 00, 00, 30, 00, 00, 80, 00, 00, 00, 00, 59, 5F, 63, 51, 75, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, E0, 00, 00, 80, 00, 00, 00, 00, 59, 5F, 63, 51, 75, 00, 00...
 
[+]

Code size:
992 KB (1,015,808 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PrintAgent

Command:
"C:\Program Files\print job agent\print job agent\pagent.exe"


Scan pagent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.