home

rchelper.exe

Registry Clean Expert

CleanMyPC Technology Limited

The application rchelper.exe, “RegClean Expert Scheduler” by CleanMyPC Technology Limited has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
iExpert Software  (signed by CleanMyPC Technology Limited)

Product:
Registry Clean Expert

Description:
RegClean Expert Scheduler

Version:
4, 8, 9, 0

MD5:
1b6922b415081d9b43765182b876f544

SHA-1:
c2b0372f6a3c4f3ac8d39a7c04982f54bdffea2a

SHA-256:
8fa1964e06e6cbc1f01856a0faf8b2f32945ecd243efc7d3715c93b4019a92ec

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 1:05:40 AM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
11.15.12.00

Reason Heuristics
Win32.Generic.CleanMyPCTechnology.Meta
15.11.29.15

File size:
592.8 KB (607,000 bytes)

Product version:
4, 8, 9, 0

Copyright:
Copyright (C) 2001-2012

Original file name:
RCScheduler.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\registry clean expert\rchelper.exe

Digital Signature
Signed by:
CleanMyPC Technology Limited

Authority:
COMODO CA Limited

Valid from:
3/29/2012 2:00:00 AM

Valid to:
3/30/2017 1:59:59 AM

Subject:
CN=CleanMyPC Technology Limited, O=CleanMyPC Technology Limited, STREET="ROOM C1D 6/F, WING HING INDUSTRIAL BUILDING", STREET=14 HING YIP STREET, STREET="KWUN TONG, KOWLOON", L=HONG KONG, S=NA, PostalCode=NA, C=HK

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B22D5ED33A336918E76BE3A5C6CB25F1

File PE Metadata
Compilation timestamp:
6/27/2012 10:08:27 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:oD+xY+w3OjFByT+3PgjZ2SP6b7MP+Dd2ru6:oax4OjFoS3PgVu7MP+h2i6

Entry address:
0x1000

Entry point:
68, 01, 70, 49, 00, E8, 01, 00, 00, 00, C3, C3, 6F, B3, 23, 11, 89, 1B, 6E, 65, E3, 28, F9, 13, 9B, BC, FC, CC, EF, F4, DF, 3A, 53, A9, 96, FA, 79, 71, 5D, 18, D2, 00, CB, 80, A0, 4C, E4, C9, DD, 69, FC, 9B, 2A, 45, 08, 3E, D5, AF, EE, 40, DF, FE, AA, A0, 42, F9, B5, 42, 41, 34, 53, 76, 97, 49, 15, 06, 35, DC, 69, C0, 2A, B9, 7E, 52, BE, F1, C8, D1, 45, 1D, 46, 00, 94, F0, 52, E0, 3B, 8D, 8F, 48, 5C, 82, 7C, 18, 64, 74, 31, 3E, 11, 36, 3C, 4C, C3, 3E, FF, ED, 2D, FC, B8, 3B, DF, 8C, EE, 35, E8, 9F, 08, 86...
 
[+]

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
172 KB (176,128 bytes)

Remove rchelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.