home

RegSrvc.EXE

Intel PROSet/Wireless

Intel Corporation

The executable RegSrvc.EXE, “Intel(R) PROSet/Wireless Registry Service” has been detected as malware by 8 anti-virus scanners.
Publisher:
Intel(R) Corporation  (signed by Intel Corporation)

Product:
Intel(R) PROSet/Wireless

Description:
Intel(R) PROSet/Wireless Registry Service

Version:
14, 0, 1, 0

MD5:
e88a89cd508cd23b08d7810fc1e1e8ba

SHA-1:
a0bc95a4f1943ede47837dff63f383b999c0ce82

SHA-256:
f0739883107a2a5d00df57b0c0790ccb85ae79914cb0ef185fc9fc2e4ba8a50f

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
4/25/2024 7:28:06 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Patched-HO [Trj]
160518-2

AVG
Win32/Slugin.A
2015.0.4568

Dr.Web
Trojan.MulDrop3.48024
9.0.1.05190

Emsisoft Anti-Malware
Win32.SlugIn.A.Dam
11.5.0.6191

F-Prot
W32/Slugin.A.gen!Eldorado (generic, damaged, not disinfectable)
4.6.5.141

F-Secure
Win32.SlugIn.A.Dam
5.15.96

Microsoft Security Essentials
Threat.Undefined
1.223.1180.0

Norman
Win32.SlugIn.A.Dam
28.05.2016 15:32:18

File size:
909.7 KB (931,571 bytes)

Product version:
14, 0, 1, 0

Copyright:
Copyright (c) Intel Corporation 1999-2010

Original file name:
RegSrvc.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\common files\intel\wirelesscommon\regsrvc.exe

Digital Signature
Signed by:
Intel Corporation

Authority:
Intel Corporation

Valid from:
8/7/2009 5:47:25 PM

Valid to:
1/24/2012 5:47:25 PM

Subject:
CN=Intel Corporation - Mobile Wireless Group, OU=Mobile Wireless Group, O=Intel Corporation, L=Hillsboro, S=OR, C=US

Issuer:
CN=Intel External Basic Issuing CA 3A, O=Intel Corporation, C=US

Serial number:
1D2CDBF500000000352F

File PE Metadata
Compilation timestamp:
12/18/2010 3:56:20 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:OX7HklfieYL5NwKL3btzw3VfcYORAbYicQ6kp:OX7Hkpq2fb4U

Entry address:
0x4F200

Entry point:
48, 83, EC, 28, E8, 97, 0A, 01, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 48, 89, 54, 24, 10, 4C, 89, 44, 24, 18, 4C, 89, 4C, 24, 20, 48, 83, EC, 68, 48, 85, D2, 75, 2B, E8, F3, 02, 00, 00, 45, 33, C9, 45, 33, C0, 33, D2, 33, C9, 48, C7, 44, 24, 20, 00, 00, 00, 00, C7, 00, 16, 00, 00, 00, E8, 45, 4B, 00, 00, 83, C8, FF, 48, 83, C4, 68, C3, 48, 85, C9, 74, D0, 48, 89, 4C, 24, 40, 48, 89, 4C, 24, 30, 4C, 8D, 8C, 24, 80, 00, 00, 00, 48, 8D, 4C, 24, 30, 45...
 
[+]

Entropy:
6.3640

Code size:
590 KB (604,160 bytes)

Remove RegSrvc.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.