» components3
Overview
Analysis
File Details

components3

Pro PC Cleaner

Rainmaker Software Group LLC

The file components3, “This installer database contains the logic and data required to install Pro PC Cleaner.” by Rainmaker Software Group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

components3

Publisher:

Rainmaker Software Group LLC. (signed by Rainmaker Software Group LLC)

Product:

Pro PC Cleaner

Description:

This installer database contains the logic and data required to install Pro PC Cleaner.

Version:

2.5.6

MD5:

9a41098beff6b969f44b89f0a936f16f

SHA-1:

e69477abe0e3cc9f9b379b3ad78280dac1e08976

SHA-256:

945a2695df8de1f26951cd892571cdab0c2f4add50fc36a3c6983ece3f2a3cd3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/24/2024 12:05:56 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Rainmaker.Installer.Meta (L)

16.6.13.20

File size:

6.3 MB (6,604,792 bytes)

Product version:

2.5.6

Original file name:

ProPCCleanerSetup.exe

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\components3

Digital Signature

Signed by:

Rainmaker Software Group LLC

Authority:

Symantec Corporation

Valid from:

11/11/2014 5:00:00 PM

Valid to:

11/12/2015 4:59:59 PM

Subject:

CN=Rainmaker Software Group LLC, O=Rainmaker Software Group LLC, L=Wilmington, S=Delaware, C=US, SERIALNUMBER=5411289, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

71B3EF9E363C3440B74AB0B78DC2553E

File PE Metadata

Compilation timestamp:

10/7/2014 9:05:58 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:9uQ65qmGmeXA9IH2Y33sthlzx5maIif+kV:E5qm0Q9m38Px5mPiJ

Entry address:

0xC87EC

Entry point:

E8, 4A, CC, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 5D, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C5, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 39, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A1, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 0A, 4D, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77... 
[+]

Entropy:

7.7851 (probably packed)

Code size:

1021.5 KB (1,046,016 bytes)

Remove components3 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.