home

regdefrag.dll

RegDefra Dynamic Link Library

Ideakee Inc

The module regdefrag.dll by Ideakee Inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Ideakee Inc  (signed and verified)

Product:
RegDefra Dynamic Link Library

Version:
1, 0, 0, 6

MD5:
93b3d147eee9d6c15ffa2fb1e2f7e494

SHA-1:
ea339c34a8bd21f342bfd56c046c40383671ff64

SHA-256:
1d360df336f3d4fe274607dfe1e480e01e5e3294e42ff2bdc805081983710069

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 4:56:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Ideakee (M)
16.7.8.6

File size:
1 MB (1,052,296 bytes)

Product version:
1, 0, 0, 6

Copyright:
Copyright (C) 2011-2012

Original file name:
RegDefra.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\advanced fix 2013\regdefrag.dll

Digital Signature
Signed by:
Ideakee Inc

Authority:
COMODO CA Limited

Valid from:
9/19/2012 2:00:00 AM

Valid to:
9/20/2013 1:59:59 AM

Subject:
CN=Ideakee Inc, O=Ideakee Inc, STREET="1104# Asphodel Pavilion,Hengxiang Garden 18 LIjiangRoad", L=Guilin, S=Guangxi, PostalCode=541004, C=CN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00BCB072086DF6A3229C9893EE4873CDFA

File PE Metadata
Compilation timestamp:
8/17/2012 11:17:40 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:p1SbxmoYNmn7uU7mQxqdaaCQTzONd7KcOl6yEt55C5tsxgbCi:pMtLYNmnKJQxCcdmuyE8bCi

Entry address:
0x67E88

Entry point:
E9, A3, 53, 06, 00, E9, 8E, B7, 05, 00, E9, 79, 9B, 05, 00, E9, 34, 39, 02, 00, E9, 7F, D8, 06, 00, E9, CA, C7, 0B, 00, E9, 45, 65, 05, 00, E9, 50, D6, 04, 00, E9, 1B, 0F, 04, 00, E9, 26, 47, 05, 00, E9, C1, A2, 07, 00, E9, BC, 75, 0A, 00, E9, 67, 96, 06, 00, E9, C2, 83, 01, 00, E9, 1D, 13, 01, 00, E9, D8, 21, 06, 00, E9, 09, 66, 08, 00, E9, 2E, 6A, 08, 00, E9, A9, 50, 06, 00, E9, 84, CD, 05, 00, E9, 7F, 8A, 0B, 00, E9, 72, 9A, 05, 00, E9, 15, 3C, 03, 00, E9, CA, 9B, 05, 00, E9, 7B, 88, 04, 00, E9, 86, 3B...
 
[+]

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
851 KB (871,424 bytes)

Remove regdefrag.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.