home

RSHP.exe

RSHP IePlugin control

Thinknice Co. Limited

The application RSHP.exe by Thinknice Co. Limited has been detected as adware by 30 anti-malware scanners.
Publisher:
Skytech Co., Ltd.  (signed by Thinknice Co. Limited)

Product:
RSHP IePlugin control

Description:
IePlugin Service

Version:
2.0.3.157

MD5:
0793ba08ae8e1cdc8b4391a6ab13fcb0

SHA-1:
6f726223c08297c1fc235ccb60bb69e5089678a8

SHA-256:
fd846600be5c960380bba73e54f53666621da3ebdf792077217fd05c7bbdf619

Scanner detections:
30 / 68

Status:
Adware

Analysis date:
4/19/2024 4:52:12 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.OEZ
388

Agnitum Outpost
PUA.Agent
7.1.1

Avira AntiVirus
ADWARE/Agent.oez.1
8.3.1.6

avast!
Win32:SupTab-C [Adw]
2014.9-160113

Baidu Antivirus
Adware.Win32.Agent
4.0.3.16113

Bitdefender
Adware.Agent.OEZ
1.0.20.65

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.SupTab
0.98/21511

Dr.Web
Trojan.Click3.8659
9.0.1.013

Emsisoft Anti-Malware
Adware.Agent.OEZ
8.16.01.13.03

ESET NOD32
Win32/ELEX.AR potentially unwanted
10.11755

Fortinet FortiGate
Adware/Agent
1/13/2016

F-Secure
Adware.Agent.OEZ
11.2016-13-01_4

G Data
Win32.Application.SubTab
16.1.24

K7 AntiVirus
Adware
13.204.16176

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.824

Malwarebytes
PUP.Optional.IEPluginService.A
v2016.01.13.03

McAfee
Artemis!17DCAD451794
5600.6522

MicroWorld eScan
Adware.Agent.OEZ
17.0.0.39

NANO AntiVirus
Trojan.Win32.Click3.donfcd
0.30.24.1636

nProtect
Adware.Agent.OEZ
15.06.08.01

Panda Antivirus
Trj/Chgt.A
16.01.13.03

Qihoo 360 Security
Malware.Radar03.Gen
1.0.0.1015

Quick Heal
AdWare.Agent.r5 (Not a Virus)
1.16.14.00

Reason Heuristics
PUP.Thinknice.ThinkniceCo (M)
16.1.13.3

Sophos
Elex
4.98

Trend Micro House Call
TROJ_GEN.R047C0EDN15
7.2.13

Trend Micro
TROJ_GEN.R047C0EDN15
10.465.13

Vba32 AntiVirus
BScope.Trojan-Dropper.Injector
3.12.26.3

Zillya! Antivirus
Adware.Agent.Win32.10344
2.0.0.2214

File size:
422.6 KB (432,752 bytes)

Product version:
2.0.3.157

Copyright:
Copyright (C) 2014

Original file name:
RSHP.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese

Common path:
C:\Program Files\suptab\rshp.exe

Digital Signature
Signed by:
Thinknice Co. Limited

Authority:
GlobalSign nv-sa

Valid from:
11/26/2013 4:34:13 AM

Valid to:
11/27/2014 4:34:13 AM

Subject:
CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218A5EF69A65044FE28125681D829B5EFE

File PE Metadata
Compilation timestamp:
3/26/2014 8:38:06 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:2PZK21lZoqo8JMJnMB90lkgvHe2bWlD7FR:2s21lZDo8W1MB9FQ+blD7FR

Entry address:
0x1477D

Entry point:
E8, F5, 94, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 60, 93, 45, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 20, 69, 45, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 60, 93, 45, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8...
 
[+]

Code size:
275 KB (281,600 bytes)

Remove RSHP.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.