home

FGKey64.exe

Folder Guard Professional Edition

WinAbility Software Corp.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FG_Monitor’.
Publisher:
WinAbility® Software Corporation  (signed by WinAbility Software Corp.)

Product:
Folder Guard Professional Edition

Description:
Folder Guard Utility

Version:
7.91

MD5:
fc42a8dced6cf5540eebe370fe314541

SHA-1:
4b9e4568b5aa52e480069c75f160cf14bede59b1

SHA-256:
f5b9bdf8235ef8c04c476af61b4f1534fbb0968c0ddf6fa87cc8f40ff2df6750

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 5:07:31 PM UTC  (today)

File size:
141.1 KB (144,456 bytes)

Product version:
7.91

Copyright:
Copyright © 2007 WinAbility® Software Corporation. All rights reserved.

Trademarks:
Folder Guard® and WinAbility® are registered trademarks or trademarks of WinAbility Software Corporation and/or its suppliers.

Original file name:
FGKey64.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Digital Signature
Signed by:
WinAbility Software Corp.

Authority:
VeriSign, Inc.

Valid from:
1/3/2007 2:00:00 AM

Valid to:
1/4/2008 1:59:59 AM

Subject:
CN=WinAbility Software Corp., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WinAbility Software Corp., L=Rockville, S=Utah, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1F7ECAC8BA1DA3C5C74A484095405998

File PE Metadata
Compilation timestamp:
4/16/2007 11:24:03 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:RCoYylBC1ZUB2QV1RJP8py0du9c3Vt5dG/B4wBZvf3O550+/c:RCoRjAk1ww0dXzG/BNZk5dE

Entry address:
0x2F40

Entry point:
48, 83, EC, 28, E8, 27, 5B, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 66, 90, 66, 66, 66, 90, 66, 90, 48, 8B, C1, 49, 83, F8, 08, 72, 53, 0F, B6, D2, 49, B9, 01, 01, 01, 01, 01, 01, 01, 01, 49, 0F, AF, D1, 49, 83, F8, 40, 72, 1E, 48, F7, D9, 83, E1, 07, 74, 06, 4C, 2B, C1, 48, 89, 10, 48, 03, C8, 4D, 8B, C8, 49, 83, E0, 3F, 49, C1, E9, 06, 75, 39, 4D, 8B, C8, 49, 83, E0, 07, 49, C1, E9, 03, 74, 11, 66, 66, 66, 90, 90...
 
[+]

Entropy:
6.0997

Code size:
52 KB (53,248 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FG_Monitor

Command:
C:\programs\fguard\fgkey64.exe \start


Scan FGKey64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.