home

IDMGrHlp.EXE

Internet Download Manager

Tonec Inc.

This is installed with multiple programs including Internet Download Manager. The file has been seen being downloaded from dl.dropboxusercontent.com and multiple other hosts.
Publisher:
Tonec Inc.  (signed and verified)

Product:
Internet Download Manager

Description:
Internet Download Manager module

Version:
6, 18, 7, 1

MD5:
db07fd2f8ca49028d9fda52a712978c8

SHA-1:
1b14125df1fe28a99a9a84b9f9cb98a9557949f3

SHA-256:
9aa5b49aa37977f52b68241274d695c699403abf1627c0a3cf031d7f3c7d7b1b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:10:44 PM UTC  (today)

File size:
501 KB (513,048 bytes)

Product version:
6, 18, 7, 1

Copyright:
Tonec Inc., Copyright © 1999 - 2013

Trademarks:
Internet Download Manager

Original file name:
IDMGrHlp.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\internet download manager\idmgrhlp.exe

Digital Signature
Signed by:
Tonec Inc.

Authority:
VeriSign, Inc.

Valid from:
5/21/2013 8:00:00 AM

Valid to:
6/20/2016 7:59:59 AM

Subject:
CN=Tonec Inc., OU=Internet Download Manager, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tonec Inc., L=New York, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
034F328F3EFF4FB98F5343811788F78A

File PE Metadata
Compilation timestamp:
11/6/2013 9:32:01 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:cSzh3gSnpEsQiKM7OknS0iYehBacpfPU3jUKRXqOABpay9diik/BC0+eekTdFyDd:cyBl7KM7OkSCX6XU3jUKgeyrmvODPDGy

Entry address:
0x2E17E

Entry point:
E8, B3, 94, 00, 00, E9, 78, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, B4, 58, 45, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, B4, 58, 45, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
6.6306

Code size:
264 KB (270,336 bytes)

The file IDMGrHlp.EXE has been discovered within the following programs.

IDM Patch 6.25 build 03  by SandySeedings Team
www.crackingpatching.com
About 8% of users remove it
Internet Download Manager  by Tonec Inc.
Internet Download Manager (also called IDM) is a shareware download manager. It is only available for the Microsoft Windows operating system.
www.internetdownloadmanager.com
30% remove it
 
Powered by Should I Remove It?

The file IDMGrHlp.EXE has been seen being distributed by the following 3 URLs.

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

https://drive.google.com/uc?id=0B1RsW3CjbiqqUnF0cHYtU3lBNVk&export=download

http://pokharainternet.com.np/downloads/Internet Download Manager [IDM] v6.21 Build 1 Crack - [MUMBAI-TPB]/.../IDMGrHlp.exe

Scan IDMGrHlp.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.