home

RAInfo.sys

RemotelyAnywhere

3am Labs, Inc.

It runs as a Windows kernel mode device driver named “LogMeIn Kernel Information Provider”.
Publisher:
3am Labs Ltd.  (signed by 3am Labs, Inc.)

Product:
RemotelyAnywhere

Description:
RemotelyAnywhere Kernel Information Provider

Version:
5.32.430

MD5:
54e25c8b514a4bbb7abbd503fed295e5

SHA-1:
98afe129cfcee771a8a0b4d80fec92160c5348ee

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 9:29:29 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6379

File size:
10.9 KB (11,112 bytes)

Product version:
5.32.430

Copyright:
Copyright © 1998-2004 3am Labs Ltd. All rights reserved.

Original file name:
RAInfo.sys

File type:
Driver (Win32 SYS)

Language:
English (United States)

Common path:
C:\Program Files\logmein\rainfo.sys

Digital Signature
Signed by:
3am Labs, Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
10/7/2004 9:36:28 PM

Valid to:
10/7/2005 9:36:28 PM

Subject:
CN="3am Labs, Inc.", OU=Secure Application Development, O="3am Labs, Inc.", L=Woburn, S=Massachusetts, C=US

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
3EAC5F

File PE Metadata
Compilation timestamp:
4/12/2004 12:39:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.0

Entry address:
0xC3C

Entry point:
55, 8B, EC, 83, EC, 58, 8B, 45, 0C, 53, 56, 57, 89, 45, B0, 8D, 45, A8, 50, 33, DB, 68, 19, 00, 02, 00, 8D, 45, 0C, 50, C7, 45, A8, 18, 00, 00, 00, 89, 5D, AC, C7, 45, B4, 40, 00, 00, 00, 89, 5D, B8, 89, 5D, BC, FF, 15, D4, 0E, 01, 00, 85, C0, 0F, 8C, EC, 00, 00, 00, BE, 2E, 0C, 01, 00, 8D, 7D, D0, A5, A5, 8D, 45, D0, A5, 50, 8D, 45, F0, 50, 66, A5, FF, 15, E4, 0E, 01, 00, 8B, 35, D0, 0E, 01, 00, 8D, 45, FC, 50, 6A, 10, 8D, 45, C0, 50, 6A, 02, 8D, 45, F0, 50, FF, 75, 0C, FF, D6, 3B, C3, 7D, 0B, 3D, 05, 00...
 
[+]

Entropy:
6.5720

Developed / compiled with:
Microsoft Visual C++

Code size:
3.6 KB (3,712 bytes)

Driver
Display name:
LogMeIn Kernel Information Provider

Service name:
LMIInfo

Type:
Kernel device driver (KernelDriver)


Scan RAInfo.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.