VersionsVersions

10.6.0.33 0.62%
10.5.0.19 0.62%
10.5.0.19 3.73%
10.5.0.7 19.25%
10.5.0.7 0.62%
10.5.0.7 0.62%
10.0.0.105 8.07%
10.0.0.105 9.32%
10.0.0.102 42.86%
10.0.0.102 0.62%
10.0.0.102 0.62%
10.0.0.100 4.35%
10.0.0.100 7.45%
9.0.0.22 0.62%
9.0.0.22 0.62%

Relationships

rnupgagent.exe

RealNetworks Installer (32-bit) by RealNetworks (Signed)

Remove rnupgagent.exe
Warning 4 antivirus scanners has detected malware in various versions of rnupgagent.exe.

Overview

rnupgagent.exe has 15 known versions, the most recent one is 10.6.0.33. rnupgagent.exe is run as a standard windows process with the logged in user's account privileges. The process utilizes the Windows Task Scheduler to automatically launch the file as a process when a user logs into Windows. The average file size is about 431.21 KB. It is an authenticode code-signed executable issued to RealNetworks by the certification authority Thawte. During the process's lifecycle, the typical CPU resource utilization is less than 0.01% with the maximum memory reaching around 11.43 MB.

What is rnupgagent.exe?

RealNetworks Installer is part of RealPlayer, by RealNetworks, a cross-platform software product primarily used for the playing of recorded media. The media player is compatible with numerous formats within the multimedia realm, including MP3, MPEG-4, QuickTime, Windows Media, and multiple proprietary versions of RealAudio and RealVideo formats.

DetailsDetails
File name:rnupgagent.exe
Publisher:RealNetworks, Inc.
Product name:RealNetworks Installer (32-bit)
Description:RealNetworks Installer
Typical file path:C:\users\user\appdata\roaming\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe
Original name:rnsetup.EXE
Certificate
Issued to:RealNetworks
Authority (CA):Thawte
Effective date:Tuesday, March 8, 2011

BehaviorsBehaviors

(Note, the behaviors below are for all versions of rnupgagent.exe, select a unique version for details.)
Scheduled tasks
  • The task 'ReclaimerUpdateFiles_harlyson' runs daily in the path '\ReclaimerUpdateFiles_harlyson'
  • The task 'RNUpgradeHelperResumePrompt_Pluto' in the path '\RNUpgradeHelperResumePrompt_Pluto'
  • The task 'RNUpgradeHelperResumePrompt_WIZARD' in the path '\RNUpgradeHelperResumePrompt_WIZARD'
  • The job 'RNUpgradeHelperLogonPrompt_WIZARD' runs on logon in the path '\RNUpgradeHelperLogonPrompt_WIZARD'
  • The task 'ReclaimerUpdateXML_WIZARD' runs daily in the path '\ReclaimerUpdateXML_WIZARD'
  • The job 'ReclaimerUpdateFiles_WIZARD' runs daily in the path '\ReclaimerUpdateFiles_WIZARD'
  • The job 'RNUpgradeHelperResumePrompt_Owner' in the path '\RNUpgradeHelperResumePrompt_Owner'
  • The task 'RNUpgradeHelperLogonPrompt_Owner' runs on logon in the path '\RNUpgradeHelperLogonPrompt_Owner'
  • The job 'ReclaimerUpdateFiles_Robert' runs daily in the path '\ReclaimerUpdateFiles_Robert'
  • The job 'ReclaimerUpdateFiles_owner' runs daily in the path '\ReclaimerUpdateFiles_owner'
  • The job 'ReclaimerResumeInstall_stacey jackson' runs in the path 'C:\WINDOWS\Tasks\ReclaimerResumeInstall_stacey jackson.job'
  • The task 'ReclaimerResumeInstall_HP_Administrator' runs in the path 'C:\WINDOWS\Tasks\ReclaimerResumeInstall_HP_Administrator.job'
  • The job 'ReclaimerUpdateXML_Owner' runs daily in the path '\ReclaimerUpdateXML_Owner'
  • The job 'RNUpgradeHelperResumePrompt_THE KING' in the path '\RNUpgradeHelperResumePrompt_THE KING'
  • The task 'RNUpgradeHelperLogonPrompt_THE KING' runs on logon in the path '\RNUpgradeHelperLogonPrompt_THE KING'
  • The job 'ReclaimerUpdateXML_THE KING' runs daily in the path '\ReclaimerUpdateXML_THE KING'
  • The task 'ReclaimerUpdateFiles_THE KING' runs daily in the path '\ReclaimerUpdateFiles_THE KING'
  • The task 'RNUpgradeHelperResumePrompt_Toshiba' in the path '\RNUpgradeHelperResumePrompt_Toshiba'
  • The job 'RNUpgradeHelperLogonPrompt_Toshiba' runs on logon in the path '\RNUpgradeHelperLogonPrompt_Toshiba'
  • The task 'ReclaimerUpdateXML_Toshiba' runs daily in the path '\ReclaimerUpdateXML_Toshiba'
  • The job 'ReclaimerUpdateFiles_Toshiba' runs daily in the path '\ReclaimerUpdateFiles_Toshiba'
  • The task 'ReclaimerUpdateFiles_Central Command' runs daily in the path '\ReclaimerUpdateFiles_Central Command'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\RNUpgradeHelperLogonPrompt_WIZARD'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Owner'
  • Login entry path '\RNUpgradeHelperLogonPrompt_THE KING'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Toshiba'
  • Login entry path '\RNUpgradeHelperLogonPrompt_lakay'
  • Login entry path '\RNUpgradeHelperLogonPrompt_DELL'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Fujitsu'
  • Login entry path '\RNUpgradeHelperLogonPrompt_G'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Terry'
  • Login entry path '\RNUpgradeHelperLogonPrompt_allan'
  • Login entry path 'C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_XXXX.job'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Bev'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Azzoza'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Michael'
  • Login entry path 'C:\WINDOWS\Tasks\ReclaimerResumeInstallLogin_Administrator.job'
  • Login entry path '\RNUpgradeHelperLogonPrompt_j'
  • Login entry path 'C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Owner.job'
  • Login entry path '\RNUpgradeHelperLogonPrompt_ABDULAI'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Dr Ayman Elnemr'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Keonaona'
  • Login entry path '\RNUpgradeHelperLogonPrompt_user'
  • Login entry path '\RNUpgradeHelperLogonPrompt_Ola'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engineEngine versionDetectionFile version
NANO AntiVirus 0.22.6.49175 Trojan.Win32.Siggen.bbvqtf 10.0.0.100
NANO AntiVirus 0.20.4.48163 Trojan.Win32.Agent2.bbwggf 10.0.0.100
The Hacker None Trojan/Agent.bjvu 10.0.0.100
The Hacker None Trojan/Agent.bjvu 10.0.0.100

VersionsAll file variations of rnupgagent.exe

MD5SHA-1File size
f7a7d5308aa091c4d180ae270a46936f af9773687449ea229bc4f61364ed50050c1adbad 491.58 KB
64c799b0b3a289f528f9f795ac34c664 a4fde0e72b9f4132c8ff710b2dd3f7c211ce1b30 458.08 KB
e697af226694fcaa74e94e790e8fa3ee d46dacb56169f23135f09da6d7e10773d3735013 458.08 KB
e08281dcde69dd9e5ebbf9b3f0454d42 1e051293ad21e63dd5b88e116763997d14482b72 457.58 KB
0d484fe62d1ecc533d4f0e51b70bf1ba 77996a3d3a429ae9bf1acea351354e017bf0fce6 457.58 KB
4d81202b9c3eb732d27e98a352fec3c1 db04dba73313c2331bb61125d656826305f2a2ba 457.58 KB
c3d90887181f94a0f469af60c06cbaa5 9767b7ef77003e35bf663a2b65ac7ee4ccd4d82a 438.08 KB
a5b966d8d84b77fbef1f3c988a970611 e988fed876c4b10a43e268eb16409c2cf61d306d 438.08 KB
a2b34af33854036d88441eb965d83d3d 6a25f7f4a301f86c995a58534aaede3ab88b9fae 438.65 KB
ec3281b4e3e5c7555a0beb0d25953248 9e4e22811914eb84b5132932bc35344772f2158e 439.65 KB
4c7974efa3acae82f93c9ed2b83c8ea6 8414864deb33d49e29cd4f05627796202b6ef501 439.65 KB
6a05110733966830f85bc2fe957c79eb ba8113ef98f537f7b0c2c56c87968625cba49f9b 438.65 KB
a86da841450e7a86f36fb7db25899595 28b86814b805d8bfaa9c3549e37ed219bb1b789f 438.65 KB
66577b07e22df31684e7bc9fa2bb1f6c aa9c9330c3c2d5d266e5c3ffca47f9d06c9dd198 308.12 KB
f585bf3f34ccf2aaaa1cb9a4b4e58148 8095c7d745d1a6d62797fde68775e741b73f6ed0 308.12 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 26.71%
Windows 7 Home Premium 25.47%
Windows Vista Home Premium 14.29%
Microsoft Windows XP 13.04%
Windows 7 Professional 9.94%
Windows 8 Single Language 3.11%
Windows 7 Home Basic 3.11%
Windows 8 Pro with Media Center 3.11%
Windows 8 Pro 0.62%
Windows 7 Starter 0.62%

Distribution by countryDistribution by country

United States installs about 39.75% of RealNetworks Installer (32-bit) .

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 33.60%
Dell 27.20%
Hewlett-Packard 21.60%
Acer 8.80%
GIGABYTE 4.00%
Sony 3.20%
ASUS 1.60%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE