home

pca.dll

PC Management - Advanced

DRPU Software Private Limited

The library pca.dll has been detected as malware by 17 anti-virus scanners.
Publisher:
DRPU Software Pvt. Ltd.  (signed by DRPU Software Private Limited)

Product:
PC Management - Advanced

Version:
5.1.4.1

MD5:
7f0828bb826584a8b0f21234a8cd350b

SHA-1:
c6ffc4531091c1a486adea53632b787289490ebc

SHA-256:
7112b0f22afece6814a14e48b8a05e5bd3d77b31ce3a3ff287c83df35171055c

Scanner detections:
17 / 68

Status:
Malware

Explanation:
The software cotains keystroke monitoring/logging capablities which may or may not be installed without the user's knowledge.

Analysis date:
4/24/2024 2:06:06 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Keylogger.AP
7.11.45.158

Bitdefender
Application.Keylogger.PCDataManager.A
1.0.20.45

Comodo Security
UnclassifiedMalware
13810

Emsisoft Anti-Malware
Application.Keylogger!IK
8.16.01.09.12

ESET NOD32
Win32/DRPUPCDataManager
10.7565

Fortinet FortiGate
Riskware/PcDataManager
1/9/2016

F-Prot
W32/PCDataMgr.A
v6.4.6.5.141

F-Secure
Application.Keylogger.PCDataManager
11.2016-09-01_7

G Data
Application.Keylogger.PCDataManager
16.1.22

IKARUS anti.virus
Application.Keylogger
t3scan.1.1.122.0

K7 AntiVirus
Spyware
13.153.7772

McAfee
Spyware-PcDataManager
5600.6526

MicroWorld eScan
Application.Keylogger.PCDataManager.A
17.0.0.27

Quick Heal
Spyware.Keylogger (Not a Virus)
1.16.12.00

Sophos
DRPU PCManagement KeyLog App
4.81

Trend Micro House Call
TROJ_GEN.RCEH1GA
7.2.9

VIPRE Antivirus
Spyware.Keylogger
13452

File size:
25.9 KB (26,568 bytes)

Product version:
5.1.4.1

Copyright:
Copyright © 2000-2011

Trademarks:
DRPU Software Pvt. Ltd.

Original file name:
pca.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Vaikimisi

Common path:
C:\Program Files\pc management - advanced\pca.dll

Digital Signature
Signed by:
DRPU Software Private Limited

Authority:
VeriSign, Inc.

Valid from:
9/4/2010 7:00:00 AM

Valid to:
9/4/2012 6:59:59 AM

Subject:
CN=DRPU Software Private Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DRPU Software Private Limited, L=Ghaziabad, S=Uttar Pradesh, C=IN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0995AE705D33CD49B11071A518E9FF0E

File PE Metadata
Compilation timestamp:
5/6/2011 2:12:07 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:nVMnmgfuo6bLaNBnykMFqp0uw3TD797LW0bCm:VMnffuo6bLaPFIqWt7awCm

Entry address:
0x5F3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
16 KB (16,384 bytes)

Remove pca.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.