home

guardxkickoff_x64.exe

GuardX

IKARUS Security Software GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Ikarus-GuardX’.
Publisher:
IKARUS Security Software GmbH  (signed and verified)

Product:
GuardX

Description:
GuardX KickOff Trayicon

Version:
1.0.210

MD5:
29d07585e02710164a8170bb8874884b

SHA-1:
a17deba5e94d2ffbe0d07d2b6eb4ea3facdde366

SHA-256:
be2f5959c199f7723252d533c2ba2848289adce243aa6065d1cb8c9bc0604bde

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 12:17:01 AM UTC  (today)

File size:
2 MB (2,082,848 bytes)

Product version:
1.0.210

Copyright:
Copyright © Ikarus Security Software GmbH 2007

Original file name:
guardxkickoff.exe

File type:
Executable application (Win64 EXE)

Language:
Engleski (Sjedinjene Države)

Common path:
C:\Program Files\vipnet\vip internet zastita\bin\guardxkickoff_x64.exe

Digital Signature
Signed by:
IKARUS Security Software GmbH

Authority:
VeriSign, Inc.

Valid from:
3/15/2010 1:00:00 AM

Valid to:
3/15/2013 12:59:59 AM

Subject:
CN=IKARUS Security Software GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=IKARUS Security Software GmbH, L=Wien, S=Austria, C=AT

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
22D393D507371552729E0E46B6969623

File PE Metadata
Compilation timestamp:
3/17/2010 4:41:38 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:mRdvIYdWzElVlW0djVBApPOvIb3wCu4EeV8dU555KHkHkHkHbGnaaaM5553p4:mRdQSWg3uOAb3tRV8NaaaMp4

Entry address:
0x6BE90

Entry point:
48, 83, EC, 28, E8, D7, AE, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 0F, B6, 01, 84, C0, 74, 0F, 3A, C2, 74, 0F, 8A, 41, 01, 48, 83, C1, 01, 84, C0, 75, F1, 38, 11, 75, 04, 48, 8B, C1, C3, 33, C0, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 66, 90, 66, 66, 66, 90, 66, 90, 48, 2B, D1, 49, 83, F8, 08, 72, 22, F6, C1, 07, 74, 14, 66, 90, 8A, 01, 3A, 04, 0A, 75, 2C, 48, FF, C1, 49, FF, C8, F6, C1, 07...
 
[+]

Entropy:
5.1694

Code size:
537.5 KB (550,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Ikarus-GuardX

Command:
C:\Program Files\vipnet\vip internet zastita\bin\guardxkickoff_x64.exe


Scan guardxkickoff_x64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.