» rfares.dll
Overview
Analysis
File Details
Programs (1)

rfares.dll

Registry First Aid

Rose City Software

File name:

rfares.dll

Publisher:

KsL Software (signed by Rose City Software)

Product:

Registry First Aid

Description:

Registry First Aid, the easy powerful registry cleanup program

Version:

7.0.0.1648

MD5:

de23421285d10de941815c55885e0d32

SHA-1:

4f7bfc9b238e4ed7f34adede347ddef0ddd69b33

SHA-256:

896480da663ed0d4e134ab004e0556e0f61828efd5a5d12356ba3a0b4b883d1d

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/26/2024 7:59:46 AM UTC (today)

Scan engine

Detection

Engine version

ViRobot

Trojan.Win32.PSWBarrio.19456

2009.4.10.1688

File size:

2.3 MB (2,389,304 bytes)

Product version:

7.0.0.1648

Original file name:

reg1aid.exe

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Common path:

C:\Program Files\rfa\rfares.dll

Digital Signature

Signed by:

Rose City Software

Authority:

GeoTrust Inc.

Valid from:

2/12/2008 4:34:58 PM

Valid to:

2/25/2009 4:34:58 PM

Subject:

E=jburke@infinisource.com, CN=Rose City Software, OU=Email and phone validated only., OU=Phone Validation - 1(503) 699-0463, OU=See Public S/MIME CPS www.geotrust.com/resources/CPS., OU=CPS terms incorporated by reference liability limited.

Issuer:

CN=GeoTrust True Credentials CA 2, O=GeoTrust Inc., C=US

Serial number:

108979

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:hy8GIjSzWLhwP17PZo7lGkzVXJEP0eqwmHAITX3iCDL5NE6O:hy8GIjSzWyP1dclGktJW0eSHAITX3iCi

Entry address:

0x3838

Entry point:

55, 8B, EC, 83, C4, B4, B8, 18, 38, 40, 00, E8, 38, FF, FF, FF, E8, 8F, F3, FF, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.2020

Developed / compiled with:

Microsoft Visual C++

Code size:

10.5 KB (10,752 bytes)

The file rfares.dll has been discovered within the following program.

Registry First Aid by RoseCitySoftware

Registry First Aid from RoseCitySoftware is registry fixer utility whose purported purpose is to remove redundant items from the Windows registry.

www.registry-repair-software.com

47% remove it

Scan rfares.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.