remoteengine.exe

ClickMeIn Limited

The application remoteengine.exe, “ClickMeIn Remote Engine Component” by ClickMeIn Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “ClickMeIn RemoteEngine Service”.
Publisher:
ClickMeIn Limited  (signed and verified)

Description:
ClickMeIn Remote Engine Component

Version:
1.0.0.158

MD5:
9c76958a82fef3f5a839bc87c9e2c112

SHA-1:
e039392b1929dbf644a10baa8c02f265a11f21b9

SHA-256:
c19e466aa50077d6ffed992d6f93832d29261480184b7587ba3f35054d95d958

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 5:07:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.1.13.5

File size:
2.7 MB (2,866,312 bytes)

Product version:
1.0.0.158

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\clickmein\remoteengine.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/2/2011 9:00:00 PM

Valid to:
3/2/2012 8:59:59 PM

Subject:
CN=ClickMeIn Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ClickMeIn Limited, L=Nicosia, S=Cyprus, C=CY

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
14E458E6106122ED8D122BDA9265B6A2

File PE Metadata
Compilation timestamp:
11/2/2011 8:17:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x24C534

Entry point:
55, 8B, EC, 83, C4, E0, 53, 56, 57, 33, C0, 89, 45, E4, 89, 45, E0, 89, 45, EC, 89, 45, E8, B8, 68, 9E, 63, 00, E8, 93, EF, DB, FF, 33, C0, 55, 68, 92, C7, 64, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, B8, 01, 00, 00, 00, E8, C4, 83, DB, FF, 8B, 45, E8, 8D, 55, EC, E8, F5, 78, DC, FF, 8B, 45, EC, BA, B0, C7, 64, 00, E8, 28, B9, DB, FF, 0F, 85, 34, 01, 00, 00, 33, D2, B8, D8, C7, 64, 00, E8, CA, CE, FE, FF, 84, C0, 0F, 84, D5, 01, 00, 00, A1, 3C, F1, 65, 00, 8B, 00, E8, E2, 8E, DB, FF, A1, 3C, F1, 65, 00, 33...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.3 MB (2,406,400 bytes)

Service
Display name:
ClickMeIn RemoteEngine Service

Service name:
RemoteEngineService

Type:
Win32OwnProcess


Remove remoteengine.exe - Powered by Reason Core Security