» ApcMain.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

ApcMain.exe

Ascentive Performance Center

Ascentive LLC

The application ApcMain.exe by Ascentive has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program Performance Center by Ascentive which is a potentially unwanted software program.

File name:

ApcMain.exe

Publisher:

Ascentive (signed by Ascentive LLC)

Product:

Ascentive Performance Center

Version:

2.42

MD5:

b5b08a99c502c3b1b14274c10a5c279f

SHA-1:

b092250aaebb29c9e241fc30440ff4aaf9a41f08

SHA-256:

3e7e9575873e8d8f379bfd114302405487dc70b078ba286c20ef1a7b8d150fee

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 10:08:18 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.11.6.11

File size:

643.1 KB (658,496 bytes)

Product version:

2.42

Original file name:

ApcMain.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\ascentive\performance center\apcmain.exe

Digital Signature

Signed by:

Ascentive LLC

Authority:

COMODO CA Limited

Valid from:

11/26/2013 4:00:00 PM

Valid to:

11/27/2014 3:59:59 PM

Subject:

CN=Ascentive LLC, O=Ascentive LLC, STREET=201 Spring Garden St, STREET=Suite 400, L=Philadelphia, S=PA, PostalCode=19123, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

387389B99D075D7F1C97769EC0402BF0

File PE Metadata

Compilation timestamp:

7/23/2014 4:41:30 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:63B013imZIsgx3CQ4gwjHPoNvYkneb6imWCLo1sh:63Bq3imZRLgwjHwNneO7Lo1w

Entry address:

0x4860C

Entry point:

E8, 31, 73, 00, 00, E9, 17, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, 49, 25, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 9B, 74, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 92, 10, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, 31, 0B, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8, FA, 24, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, AD, 6A, 16... 
[+]

Entropy:

6.5214

Code size:

412 KB (421,888 bytes)

Scheduled Task

Task name:

Performance Center@Logon

Trigger:

Logon (Runs on logon)

The file ApcMain.exe has been discovered within the following program.

Performance Center by Ascentive

The Ascentive Performance Center is bundled with other Ascentive software by default and will not automatically uninstall when removing the bundle program. It is also difficult to remove in many cases.

www.ascentive.com

76% remove it

Remove ApcMain.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.