home

regi.sys

InterVideo regi.sys

Corel Inc

It runs as a Windows kernel mode device driver named “regi”.
Publisher:
InterVideo  (signed by Corel Inc)

Product:
InterVideo regi.sys

Description:
regi driver

Version:
1.0.0.2

MD5:
c1e596e42e77f94d5c1c18fd9b2b3274

SHA-1:
134793e23e05ff54bc71f2a6ec253af36e950da8

SHA-256:
5dc8cfe9e6bb23fda03716214255776e009b5ceed9a34485572a37aaa017fd08

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:11:22 PM UTC  (today)

File size:
10.4 KB (10,680 bytes)

Product version:
1.0.0.2

Copyright:
Copyright (C) InterVideo Corp. 1997-2006

Original file name:
regi.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\regi.sys

Digital Signature
Signed by:
Corel Inc

Authority:
Corel-PE-CA

Valid from:
7/5/2010 4:47:22 PM

Valid to:
7/5/2011 4:57:22 PM

Subject:
CN=Corel Inc

Issuer:
CN=Corel-PE-CA

Serial number:
6105ADBC00020000000A

File PE Metadata
Compilation timestamp:
4/17/2007 12:19:05 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
7.10

CTPH (ssdeep):
192:7LMUB3XEOQP410kvnpyowJL/hf45pElpBEhwliz:/MQHlrpYJL7DEhw

Entry address:
0xCC6

Entry point:
55, 8B, EC, 83, EC, 14, 53, 56, 57, 8B, 3D, 0C, 05, 01, 00, 68, 80, 0C, 01, 00, 8D, 45, F4, 33, DB, 50, 89, 5D, FC, FF, D7, 8B, 75, 08, 8D, 45, FC, 50, 53, 68, 00, 01, 00, 00, 6A, 22, 8D, 45, F4, 50, 53, 56, FF, 15, 4C, 05, 01, 00, 3B, C3, 7C, 7A, B8, 80, 06, 01, 00, 89, 46, 38, 89, 46, 40, 68, 9C, 0C, 01, 00, 8D, 45, EC, 50, C7, 46, 70, 80, 07, 01, 00, C7, 46, 78, 4E, 07, 01, 00, 89, 5E, 34, FF, D7, 8D, 45, F4, 50, 8D, 45, EC, 50, FF, 15, 48, 05, 01, 00, 8B, F8, 3B, FB, 8B, 1D, 04, 05, 01, 00, 7D, 05, FF...
 
[+]

Entropy:
6.4174

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 KB (2,560 bytes)

Driver
Display name:
regi

Type:
Kernel device driver (KernelDriver)


Scan regi.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.