» AppGuardGUI.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

AppGuardGUI.exe

Tech Fortress

Blue Ridge Networks

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AppGuardGUI’. This is installed with AOL Tech Fortress.

File name:

AppGuardGUI.exe

Publisher:

Blue Ridge Networks (signed and verified)

Product:

Tech Fortress

Description:

Tech Fortress GUI Application

Version:

5.2.9.0

MD5:

5a484adbf69d7bb417b2b463a68832aa

SHA-1:

0a2e50401c41c29dcd7a201b1d974c8598e66d12

SHA-256:

4d66fdc433b520bb8bd7516a037b5ba84be0bef24305ad6ba074eef35fb88062

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/2/2024 4:54:58 PM UTC (today)

File size:

8.4 MB (8,860,016 bytes)

Product version:

5.2.9.0

Trademarks:

AppGuard

Original file name:

AppGuardGUI.exe

File type:

Executable application (Win64 EXE)

Language:

English (United States)

Common path:

C:\Program Files\blue ridge networks\appguard\appguardgui.exe

Digital Signature

Signed by:

Blue Ridge Networks

Authority:

Symantec Corporation

Valid from:

6/2/2015 1:00:00 AM

Valid to:

8/1/2017 12:59:59 AM

Subject:

CN=Blue Ridge Networks, OU=Engineering, O=Blue Ridge Networks, L=Chantilly, S=Virginia, C=US

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

04735848FCF8CE4508959904041124C3

File PE Metadata

Compilation timestamp:

6/21/2016 5:47:12 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

49152:lwwAZOkrkqsB675TsxAvkwTQS585VsRwmXhwpyP7marJul7lg8glUiaD2:G5wqsX2vkwv56VXmxwpyP7mWJulm8

Entry address:

0x3B434

Entry point:

48, 83, EC, 28, E8, D7, 04, 00, 00, 48, 83, C4, 28, E9, 26, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 3B, 0D, B9, BB, 0A, 00, 75, 11, 48, C1, C1, 10, 66, F7, C1, FF, FF, 75, 02, F3, C3, 48, C1, C9, 10, E9, 49, 05, 00, 00, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, 0D, B8, 2E, 0B, 00, FF, 15, EA, 7F, 05, 00, 48, 89, 44, 24, 38, 48, 83, F8, FF, 75, 0B, 48, 8B, CB, FF, 15, 46, 82, 05, 00, EB, 7E, B9, 08, 00, 00, 00, E8, 68, 06... 
[+]

Entropy:

6.0592

Code size:

580.5 KB (594,432 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

AppGuardGUI

Command:

C:\Program Files\blue ridge networks\appguard\appguardgui.exe

The file AppGuardGUI.exe has been discovered within the following program.

AOL Tech Fortress by Blue Ridge Networks

aol.it/AOLTechFortress

About 9% of users remove it

Scan AppGuardGUI.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.