home

wgengine.exe

WinGuard Pro 2016

Christopher Homer

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘winguard’.
Publisher:
WinGuard Pro Ltd  (signed by Christopher Homer)

Product:
WinGuard Pro 2016

Version:
10.0.0.4

MD5:
686283591174867cc6e3e912ba2cf5a7

SHA-1:
43d5700a42f4c6746ec12037eea74a9fb8c2c988

SHA-256:
4ba01b24504704fa8c60400ae27cd5b5cc93ddb7c8f8920dc481f3092357ff2e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 10:34:20 AM UTC  (today)

File size:
47.5 KB (48,648 bytes)

Product version:
10.0.0.4

Copyright:
Copyright © 2015

Trademarks:
Copyright © 2015

Original file name:
wgengine.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\winguard\winguard10\wgengine.exe

Digital Signature
Signed by:
Christopher Homer

Authority:
Unizeto Technologies S.A.

Valid from:
8/26/2015 6:15:28 AM

Valid to:
8/25/2016 6:15:28 AM

Subject:
E=tech@winguardpro.com, CN=Christopher Homer, O=Christopher Homer, C=GB

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
548368225951C31B83C0D0360D05DA7A

File PE Metadata
Compilation timestamp:
9/1/2015 11:50:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
80.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:FQ0GQg+KHVsN6qdKPcriJL3veuwHtYcFKSx6KkVKT2czzu:FQ0nRuWN60KPJL39wfKSxl4

Entry address:
0x952E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0034

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
29.5 KB (30,208 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
winguard

Command:
C:\Program Files\winguard\winguard10\wgengine.exe


Scan wgengine.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.