home

ravcpl64.exe

Realtek HD Audio Manager

Realtek Semiconductor Corp.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RtHDVCpl’.
Publisher:
Realtek Semiconductor  (signed by Realtek Semiconductor Corp.)

Product:
Realtek HD Audio Manager

Version:
1, 0, 0, 1056

MD5:
8ef47f1a320a9f369403e0804ee6a6c1

SHA-1:
53e84d385709cf7ffc4f51f17fafb4f4fa94e881

SHA-256:
98bfa15115e577363adf2a30f94f49fba97402a8bf7c5bbb15579c8e5f274dd8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 5:27:57 PM UTC  (today)

File size:
16 MB (16,781,824 bytes)

Product version:
1, 0, 0, 1056

Copyright:
2016 (c) Realtek Semiconductor. All rights reserved.

Original file name:
RtHDVCpl.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\realtek\audio\hda\ravcpl64.exe

Digital Signature
Signed by:
Realtek Semiconductor Corp.

Authority:
DigiCert Inc

Valid from:
6/13/2016 6:00:00 AM

Valid to:
1/24/2019 6:00:00 PM

Subject:
CN=Realtek Semiconductor Corp., O=Realtek Semiconductor Corp., L=Hsinchu, S=Taiwan, C=TW, PostalCode=300, STREET="No. 2, Innovation Road II, Hsinchu Science Park", SERIALNUMBER=22671299, OID.1.3.6.1.4.1.311.60.2.1.3=TW, OID.2.5.4.15=Private Organization

Issuer:
CN=DigiCert EV Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0320BE3EB866526927F999B97B04346E

File PE Metadata
Compilation timestamp:
12/27/2016 11:49:41 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x237F80

Entry point:
48, 83, EC, 28, E8, 57, 74, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 5C, 24, 08, 57, 48, 83, EC, 20, 48, 8D, 05, FF, 31, 04, 00, 8B, DA, 48, 8B, F9, 48, 89, 01, E8, E2, 74, 00, 00, F6, C3, 01, 74, 08, 48, 8B, CF, E8, 99, 4A, FC, FF, 48, 8B, C7, 48, 8B, 5C, 24, 30, 48, 83, C4, 20, 5F, C3, CC, CC, CC, CC, CC, CC, CC, 4C, 8D, 41, 11, 48, 83, C2, 11, 4C, 2B, C2, 66, 90, 66, 66, 90, 0F, B6, 0A, 42, 0F, B6, 04, 02, 2B, C8, 75, 08, 48, 83, C2, 01...
 
[+]

Entropy:
7.1437

Code size:
2.4 MB (2,547,712 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RtHDVCpl

Command:
C:\Program Files\realtek\audio\hda\ravcpl64.exe -s


Scan ravcpl64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.