home

RACSessionService.exe

PCNetSoftware

Monika Novotna

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RAC User Help Service’.
Publisher:
Monika Novotna  (signed and verified)

Product:
PCNetSoftware

Description:
Remote Administrator Control User Help Service

Version:
1, 0, 0, 1

MD5:
6c46de966630b750c5ef7907b1fa8db4

SHA-1:
48e9f76505c9fc6f93d1be7abef9d7e97fedc933

SHA-256:
c14e5db23dd612968e6f7747bd7aee984e690f3478db18668957a5b32fe70cdf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 5:17:33 PM UTC  (today)

File size:
159.1 KB (162,888 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2000 - 2011 Monika Novotna

Original file name:
RACSessionService.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\pcnetsoftware\rac server\racsessionservice.exe

Digital Signature
Signed by:
Monika Novotna

Authority:
COMODO CA Limited

Valid from:
6/13/2013 3:00:00 AM

Valid to:
6/14/2014 2:59:59 AM

Subject:
CN=Monika Novotna, O=Monika Novotna, STREET=Na Sancich 1180, L=Chrudim IV., S=Pardubicky kraj, PostalCode=537 05, C=CZ

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C5B5DECEEBA6CDEA257189AE11037F59

File PE Metadata
Compilation timestamp:
12/20/2012 10:53:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:v70A39nR/ZQhTa7+2Wi3QosEkopPKxkzIh:vf39nRhQUJWKQo2xp

Entry address:
0x71C7

Entry point:
55, 8B, EC, 6A, FF, 68, 20, A2, 41, 00, 68, EC, B6, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E4, 80, 41, 00, 33, D2, 8A, D4, 89, 15, 04, 50, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 00, 50, 42, 00, C1, E1, 08, 03, CA, 89, 0D, FC, 4F, 42, 00, C1, E8, 10, A3, F8, 4F, 42, 00, 6A, 01, E8, 4D, 32, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 45, 1A, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
5.8122

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
92 KB (94,208 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RAC User Help Service

Command:
"C:\Program Files\pcnetsoftware\rac server\racsessionservice.exe" -service


Scan RACSessionService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.