home

rchelper.exe

Registry Clean Expert

CleanMyPC Technology Limited

The application rchelper.exe, “RegClean Expert Scheduler” by CleanMyPC Technology Limited has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
iExpert Software  (signed by CleanMyPC Technology Limited)

Product:
Registry Clean Expert

Description:
RegClean Expert Scheduler

Version:
4, 8, 6, 0

MD5:
43c9f2449e09047cb704a5bd89e6f1b3

SHA-1:
62d1bf56371259a39fcd1bb445a314cf17f9515c

SHA-256:
aace44b89016b6a0eb6729cd7e2ed59d9adf5c4abd50aac0ca7d671839b18f1c

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 7:33:59 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
Virus.Win32.Suspic
14.0.0.1436

Reason Heuristics
Win32.Generic.CleanMyPCTechnology.Meta
15.9.12.19

File size:
590.9 KB (605,056 bytes)

Product version:
4, 8, 6, 0

Copyright:
Copyright (C) 2001-2012

Original file name:
RCScheduler.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\registry clean expert\rchelper.exe

Digital Signature
Signed by:
CleanMyPC Technology Limited

Authority:
The USERTRUST Network

Valid from:
3/21/2010 7:00:00 PM

Valid to:
3/21/2012 6:59:59 PM

Subject:
CN=CleanMyPC Technology Limited, O=CleanMyPC Technology Limited, STREET="ROOM C1D 6/F, WING HING INDUSTRIAL BUILDING", STREET=14 HING YIP STREET, STREET="KWUN TONG, KOWLOON, HONG KONG", L=HONG KONG, S=NA, PostalCode=NA, C=HK

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
253A6CD8243978CADEED6FF2D0C2F4E1

File PE Metadata
Compilation timestamp:
1/15/2012 6:43:47 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:vpGx8HLv9wPOjF1yT+3PgjZ2S+6b7MP+Dd2+P:vpTrqOjFkS3PgV37MP+h2+P

Entry address:
0x1000

Entry point:
68, 01, 70, 49, 00, E8, 01, 00, 00, 00, C3, C3, 8F, 68, 33, AC, 42, 6B, 01, 7E, 5D, F1, 6F, 27, 24, 15, 82, 4F, C6, E4, 0F, 39, 02, 23, 92, 09, 46, 9D, E3, B3, 5E, B6, 4F, 0F, B4, 43, 2D, 1A, 06, 82, AB, 17, D2, 49, 88, 2E, 0A, 88, 56, 91, B4, 33, 11, 43, 01, AD, 55, 1C, 82, D9, 87, 57, DC, 1B, 74, 07, 85, CF, 25, E1, 09, 3B, 4D, B5, C0, B6, 57, 0E, 36, 59, BE, 3E, 43, C8, 49, 44, 1B, A7, B2, 43, C2, 8C, 58, 3F, EC, 26, BF, 01, A2, 1E, 98, 08, 81, 8A, D8, C7, EB, 76, 13, 4E, 3F, 3B, 33, E8, 82, 20, 93, D0...
 
[+]

Entropy:
7.6247

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
172 KB (176,128 bytes)

Remove rchelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.