home

LenRCClient.EXE

联想网络控制工具

Xi'an Saming Technology Co., Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘LenRCClient’.
Publisher:
西安三茗科技有限责任公司  (signed by Xi'an Saming Technology Co., Ltd.)

Product:
联想网络控制工具

Description:
联想网络控制工具-被控端

Version:
2, 4, 0, 1

MD5:
0548701323fa64e433b6befbe10d7711

SHA-1:
6fc844435a83a59e26851a5028d641f3cfe650fa

SHA-256:
42cab90f11e3668893fa96811add28fdddd9bbb772420b237b64b0c53c637683

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 4:07:25 PM UTC  (today)

File size:
66.5 KB (68,128 bytes)

Product version:
2, 4, 0, 1

Copyright:
版权所有 (C) 2006-2008

Original file name:
LenRCClient.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\lenovo\remote control tool\client\lenrcclient.exe

Digital Signature
Signed by:
Xi'an Saming Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/7/2007 8:00:00 AM

Valid to:
12/7/2010 7:59:59 AM

Subject:
CN="Xi'an Saming Technology Co., Ltd.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Xi'an Saming Technology Co., Ltd.", L=Xi'an, S=ShanXi, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2D96DFEFFB9054622018ADC22F170388

File PE Metadata
Compilation timestamp:
3/6/2008 11:51:40 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x7C0F

Entry point:
55, 8B, EC, 6A, FF, 68, 30, 9B, 40, 00, 68, 6E, 7D, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, D8, 93, 40, 00, 59, 83, 0D, 00, DF, 40, 00, FF, 83, 0D, 04, DF, 40, 00, FF, FF, 15, DC, 93, 40, 00, 8B, 0D, F4, DE, 40, 00, 89, 08, FF, 15, E0, 93, 40, 00, 8B, 0D, F0, DE, 40, 00, 89, 08, A1, E4, 93, 40, 00, 8B, 00, A3, FC, DE, 40, 00, E8, 1D, 01, 00, 00, 39, 1D, B0, CE, 40, 00, 75, 0C, 68, 98, 7D, 40, 00, FF, 15, E8, 93...
 
[+]

Entropy:
5.6329

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
32 KB (32,768 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
LenRCClient

Command:
C:\Program Files\lenovo\remote control tool\client\lenrcclient.exe


Scan LenRCClient.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.