home

RACSessionService.exe

PCNetSoftware

Monika Novotna

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RAC User Help Service’.
Publisher:
Monika Novotna  (signed and verified)

Product:
PCNetSoftware

Description:
Remote Administrator Control User Help Service

Version:
1, 0, 0, 1

MD5:
926da591a31ae7ceb0177994c1e1a022

SHA-1:
67f9aadb82b74879802b63d7727eb68836b0f541

SHA-256:
fab98e41ab21d33d489991eeaaa9a6fcddb0e6577bdb10634307d8597e06402f

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 1:57:05 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
TrojWare.Win32.Kryptik.AAMM
20192

File size:
165.8 KB (169,808 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2000 - 2011 Monika Novotna

Original file name:
RACSessionService.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\pcnetsoftware\rac server\racsessionservice.exe

Digital Signature
Signed by:
Monika Novotna

Authority:
VeriSign, Inc.

Valid from:
12/22/2011 1:00:00 AM

Valid to:
12/22/2012 12:59:59 AM

Subject:
CN=Monika Novotna, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Monika Novotna, L=Chrudim IV., S=Pardubicky kraj, C=CZ

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5B27D79341922F1F7C419EF2239150D4

File PE Metadata
Compilation timestamp:
10/17/2011 9:37:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:B6Xiarzr4821nQh93fKz84P7opPK/JwzIv:BAAJ1Cl4P3/JL

Entry address:
0x95A0

Entry point:
55, 8B, EC, 6A, FF, 68, D0, C1, 41, 00, 68, CC, DA, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, E4, A0, 41, 00, 33, D2, 8A, D4, 89, 15, 04, 70, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 00, 70, 42, 00, C1, E1, 08, 03, CA, 89, 0D, FC, 6F, 42, 00, C1, E8, 10, A3, F8, 6F, 42, 00, 6A, 01, E8, 54, 32, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 4C, 1A, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
100 KB (102,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RAC User Help Service

Command:
"C:\Program Files\pcnetsoftware\rac server\racsessionservice.exe" -servicer


Scan RACSessionService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.