home

RtHDVCpl.exe

HD Audio Control Panel

Realtek Semiconductor Corp

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘RtHDVCpl’.
Publisher:
Realtek Semiconductor  (signed by Realtek Semiconductor Corp)

Product:
HD Audio Control Panel

Version:
1, 0, 0, 297

MD5:
548b879910a8d8031f0966785e66ee23

SHA-1:
665bacb4006b0b867369d5cbb27485de56372067

SHA-256:
0cfc49c3d472bad1e5690f958bfaa9730f06acbbc91a35be856f27c4cdb41a96

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 7:55:55 AM UTC  (today)

File size:
6.4 MB (6,711,840 bytes)

Product version:
1, 0, 0, 297

Copyright:
2008 (c) Realtek Semiconductor. All rights reserved.

Original file name:
RtHDVCpl.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\realtek\audio\hda\rthdvcpl.exe

Digital Signature
Signed by:
Realtek Semiconductor Corp

Authority:
VeriSign, Inc.

Valid from:
3/15/2007 2:00:00 AM

Valid to:
6/12/2010 2:59:59 AM

Subject:
CN=Realtek Semiconductor Corp, OU=RTCN, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Realtek Semiconductor Corp, L=Hsinchu, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5E6DDC87375082845814F442D1D82A25

File PE Metadata
Compilation timestamp:
1/19/2009 10:15:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:1kEXnm/s0e5DQWfueVA8LsKv2nwmIRromtslSAOMqtToNfQRPe:WW0e5FfueFp3imt2TOXtTQh

Entry address:
0x110FD8

Entry point:
E8, DE, 95, 00, 00, E9, 17, FE, FF, FF, FF, 35, 28, B9, 5A, 00, E8, A3, 8F, 00, 00, 85, C0, 59, 74, 02, FF, D0, 6A, 19, E8, DC, 83, 00, 00, 6A, 01, 6A, 00, E8, 10, 37, 00, 00, 83, C4, 0C, E9, 15, 36, 00, 00, 3B, 0D, 60, F9, 59, 00, 75, 02, F3, C3, E9, 98, 97, 00, 00, 51, C7, 01, 2C, AF, 54, 00, E8, 90, 98, 00, 00, 59, C3, 56, 8B, F1, E8, EA, FF, FF, FF, F6, 44, 24, 08, 01, 74, 07, 56, E8, F0, A1, FD, FF, 59, 8B, C6, 5E, C2, 04, 00, 8B, 44, 24, 04, 83, C1, 09, 51, 83, C0, 09, 50, E8, DA, 98, 00, 00, F7, D8...
 
[+]

Entropy:
6.9774

Code size:
1.3 MB (1,327,104 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
RtHDVCpl

Command:
C:\Program Files\realtek\audio\hda\rthdvcpl.exe


Scan RtHDVCpl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.