» cpm_setup_2.0.0.3_xp_vista_server2003_win7.exe
Overview
Analysis
File Details
Programs (1)
Downloads (2)

cpm_setup_2.0.0.3_xp_vista_server2003_win7.exe

COMODO Programs Manager

Comodo Security Solutions, Inc.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program COMODO Programs Manager. The file has been seen being downloaded from downloads.comodo.com and multiple other hosts.

File name:

Publisher:

COMODO (signed by Comodo Security Solutions, Inc.)

Product:

COMODO Programs Manager

Description:

COMODO Programs Manager setup

Version:

2.0.0.1

MD5:

8608a8cfe096f81300f02e05dfe2ee71

SHA-1:

b5acc2446b868efd4831adc706a2ed3f6ba388c2

SHA-256:

8641a268669c66d8c03ff7679de4c9abf2c01830f27fac2ed763f0d3c9a00d7f

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

4/27/2024 2:22:26 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GE.E695C14B

7.2.112

File size:

11 MB (11,574,696 bytes)

Product version:

2.0.0.1

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\cpm_setup_2.0.0.3_xp_vista_server2003_win7.exe

Digital Signature

Signed by:

Comodo Security Solutions, Inc.

Authority:

The USERTRUST Network

Valid from:

4/8/2009 2:00:00 AM

Valid to:

4/8/2012 1:59:59 AM

Subject:

CN="Comodo Security Solutions, Inc.", O="Comodo Security Solutions, Inc.", STREET=525 Washington Blvd, L=Jersey City, S=New Jersey, PostalCode=07310, C=US

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00A59F518424A191FC34E8B637F7FB20C3

File PE Metadata

Compilation timestamp:

4/10/2010 2:19:31 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:xOR9Urc499DHuZg+2sH5sj9D4TImJHbemFCd5555Y9xTUnMTfYsw5KclxF7f/RGC:xOR9xONHn+228WImlbemF0555a/24w5l

Entry address:

0x354B

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

25 KB (25,600 bytes)

The file cpm_setup_2.0.0.3_xp_vista_server2003_win7.exe has been discovered within the following program.

COMODO Programs Manager by COMODO

Publisher's description - “Comodo Programs Manager clears from your computer broken installation or failed uninstall remains and returns your computer back in shape, without the clogging that remains on hard-disk and registry.”

programs-manager.comodo.com

22% remove it

The file cpm_setup_2.0.0.3_xp_vista_server2003_win7.exe has been seen being distributed by the following 2 URLs.

http://downloads.comodo.com/cpm/download/.../CPM_SETUP_2.0.0.3_xp_vista_server2003_win7.exe

http://winupdate.ru/download-file/.../

Scan cpm_setup_2.0.0.3_xp_vista_server2003_win7.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.