home

ntregdfrg32.exe

Ideakee Inc

The application ntregdfrg32.exe by Ideakee Inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Advanced Fix 2012 version 2.0.1.19 by Advanced Fix, Inc..
Publisher:
Ideakee Inc  (signed and verified)

MD5:
d4629e499940643428592e49116ad45b

SHA-1:
8098e420f26f07b5202ab32e32a3f843a99242c5

SHA-256:
72f53fe1ecaebb0a5b1aecd68bad230e466b3bf5fe3ff96b68307fe7a5245c6c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 9:50:16 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Ideakee (M)
16.2.2.9

File size:
12.7 KB (12,960 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\advanced fix 2012\ntregdfrg32.exe

Digital Signature
Signed by:
Ideakee Inc

Authority:
COMODO CA Limited

Valid from:
9/26/2011 7:00:00 PM

Valid to:
9/26/2012 6:59:59 PM

Subject:
CN=Ideakee Inc, O=Ideakee Inc, STREET="1104# Asphodel Pavilion,Hengxiang Garden", STREET="18 LIjiangRoad, Qixing District", L=Guilin, S=Guangxi, PostalCode=541000, C=CN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F236A9C30C8BD77E404E7062DC938D47

File PE Metadata
Compilation timestamp:
2/5/2012 9:56:17 AM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
192:LjTCFeIIJXFICiSbGbagh5MTTbcJZfHix8iyMrj6938LWM1bEn+sg2mgiPSA:LKFKlFICDCak2bcJRCxMMC186+z9SA

Entry address:
0x1BED

Entry point:
8B, FF, 55, 8B, EC, 83, EC, 10, 56, 57, 8D, 45, F0, 33, FF, 50, 89, 7D, FC, 89, 7D, F8, FF, 15, 30, 10, 00, 01, 8D, 45, FC, 50, BE, DC, 15, 00, 01, 56, E8, ED, FB, FF, FF, 39, 7D, FC, 74, 6A, 8D, 45, F8, 50, E8, 19, FD, FF, FF, 85, C0, 75, 0C, 68, 70, 15, 00, 01, E8, 1B, FA, FF, FF, EB, 06, 83, 7D, F8, 01, 74, 4B, 8D, 45, FC, 50, 56, E8, BF, FB, FF, FF, 68, 40, 15, 00, 01, E8, FF, F9, FF, FF, E8, B5, FA, FF, FF, 85, C0, 75, 0A, 68, E0, 14, 00, 01, E8, EC, F9, FF, FF, 81, 45, F0, 80, F0, FA, 02, 8D, 45, F0...
 
[+]

Entropy:
6.5195

Code size:
5 KB (5,120 bytes)

The file ntregdfrg32.exe has been discovered within the following program.

Advanced Fix 2012 version 2.0.1.19  by Advanced Fix, Inc.
www.AdvancedFix.com
About 6% of users remove it
 
Powered by Should I Remove It?

Remove ntregdfrg32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.