home

guardxkickoff_x64.exe

GuardX

IKARUS Security Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘IKARUS-GuardX’.
Publisher:
IKARUS Security Software GmbH  (signed and verified)

Product:
GuardX

Description:
GuardX KickOff Trayicon

Version:
2.5.31

MD5:
2ff94b7b1b60008f456062adc0f15c45

SHA-1:
5dcc7e1657bcff0ef6f9d536bc2ec42af9558c43

SHA-256:
d1c4c3e344240843306ee6ec3325b8d22c8e8f8b09d0dc4072f9c6da25bf0dbd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:30:49 AM UTC  (today)

File size:
3.2 MB (3,368,224 bytes)

Product version:
2.5.31

Copyright:
Copyright © IKARUS Security Software GmbH 2013

Original file name:
guardxkickoff.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\medico\antivirus\bin\guardxkickoff_x64.exe

Digital Signature
Signed by:
IKARUS Security Software GmbH

Authority:
StartCom Ltd.

Valid from:
8/13/2012 12:06:12 PM

Valid to:
8/15/2014 1:25:56 PM

Subject:
E=support@ikarus.at, CN=IKARUS Security Software GmbH, O=IKARUS Security Software GmbH, L=Wien, S=Wien, C=AT, Description=QgrbF2jp00Tp0hOn

Issuer:
CN=StartCom Class 3 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
06F1

File PE Metadata
Compilation timestamp:
4/9/2014 6:09:24 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:P3mEz9oLrvp4a/QFlex7A3oYO1fd0z+JkQK3jw/q+gZz2q2C+f8Gd:Pkvp4aH7A3oYm+Tnz2Pd

Entry address:
0x1A6390

Entry point:
48, 83, EC, 28, E8, 83, E8, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 48, 8B, C4, 48, 89, 48, 08, 48, 89, 50, 10, 4C, 89, 40, 18, 4C, 89, 48, 20, 53, 57, 48, 83, EC, 28, 33, C0, 48, 85, C9, 0F, 95, C0, 85, C0, 75, 15, E8, D2, 1B, 00, 00, C7, 00, 16, 00, 00, 00, E8, 0F, 58, 00, 00, 83, C8, FF, EB, 6A, 48, 8D, 7C, 24, 48, E8, E8, E8, 00, 00, 48, 8D, 50, 30, B9, 01, 00, 00, 00, E8, 4E, EA, 00, 00, 90, E8, D4, E8, 00, 00, 48, 8D, 48, 30, E8, DF, EA, 00, 00, 8B, D8, E8, C4, E8, 00, 00, 4C, 8B, CF, 45...
 
[+]

Code size:
1.8 MB (1,914,368 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
IKARUS-GuardX

Command:
C:\Program Files\medico\antivirus\bin\guardxkickoff_x64.exe


Scan guardxkickoff_x64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.