home

PrivilegeGuardService.exe

Avecto Privilege Guard

Avecto

It runs as a separate (within the context of its own process) windows Service named “Avecto Privilege Guard Service”.
Publisher:
Avecto Ltd.  (signed by Avecto)

Product:
Avecto Privilege Guard

Description:
Privilege Guard Service

Version:
3.6.223.0

MD5:
53d4b4a3b3854ae155efe4f0b6ad0d78

SHA-1:
30a978f006afff74e9879bfe2592e06d8265ca7a

SHA-256:
19c6a81de0b7fa0eec8d65ff9f4c43b09559c0ce7261f6dd9a7ecf85dbe5dc62

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:33:00 AM UTC  (today)

File size:
1.2 MB (1,264,968 bytes)

Product version:
3.6.223.0

Copyright:
Copyright © 2008-2012 Avecto Ltd. All rights reserved.

Original file name:
PrivilegeGuardService.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\avecto\privilege guard client\privilegeguardservice.exe

Digital Signature
Signed by:
Avecto

Authority:
VeriSign, Inc.

Valid from:
7/4/2012 5:30:00 AM

Valid to:
7/28/2013 5:29:59 AM

Subject:
CN=Avecto, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Avecto, L=Cheadle, S=Cheshire, C=GB

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4C1D8689AB6A2AD61815216D1344FF00

File PE Metadata
Compilation timestamp:
2/26/2013 10:31:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:PdQSH7Nw+CarUO1+rYQkE0xl5GTht6u2Xl1y:Giw+RrpoZkE0xSTht6u2Xl1y

Entry address:
0x29BFC

Entry point:
E8, B8, 6F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 51, 8B, 45, 0C, 57, 8B, 7D, 08, 85, C0, 74, 02, 89, 38, 85, FF, 75, 17, E8, 9A, 28, 00, 00, C7, 00, 16, 00, 00, 00, E8, 3D, 28, 00, 00, 33, C0, E9, 90, 01, 00, 00, 83, 7D, 10, 00, 74, 0C, 83, 7D, 10, 02, 7C, DD, 83, 7D, 10, 24, 7F, D7, 83, 65, FC, 00, 53, 56, 6A, 08, 5B, 0F, B7, 37, 53, 56, 83, C7, 02, E8, 97, 71, 00, 00, 59, 59, 85, C0, 75, ED, 66, 83, FE, 2D, 75, 06, 83, 4D, 14, 02, EB, 06, 66, 83, FE, 2B, 75, 06, 0F, B7, 37, 83, C7, 02, 83...
 
[+]

Entropy:
5.9558

Code size:
731 KB (748,544 bytes)

Service
Display name:
Avecto Privilege Guard Service

Description:
Manages application privileges through policy

Type:
Win32OwnProcess

Depends on:
RpcSs


Scan PrivilegeGuardService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.