home

asp.exe

Advanced System Protector

Systweak Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Advanced System Protector’.
Publisher:
Systweak Inc  (signed and verified)

Product:
Advanced System Protector

Version:
2.0.323.1836

MD5:
dc84d6a68604fee5829b7abd8d21c0fd

SHA-1:
62fd7ee790412021a582380ec3b229effe8dbd1c

SHA-256:
f733aaa7adc6644eda6d4b69d0faed798c4bf1e03e48a35bacecfb3da821ca9a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:48:55 PM UTC  (today)

File size:
14.9 MB (15,593,704 bytes)

Product version:
2.0.323.1836

Copyright:
Copyright (C) 2008 Systweak Inc. All rights reserved.

Trademarks:
Systweak

Original file name:
asp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\systweak\advanced system protector\asp.exe

Digital Signature
Signed by:
Systweak Inc

Authority:
The USERTRUST Network

Valid from:
11/17/2008 6:00:00 PM

Valid to:
11/18/2011 5:59:59 PM

Subject:
CN=Systweak Inc, O=Systweak Inc, STREET=E-73 Chitranjan Marg, STREET=C-Scheme, L=Jaipur, S=Rajasthan, PostalCode=302001, C=IN

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00B8F0B580E48FBDE638037286775B6015

File PE Metadata
Compilation timestamp:
3/5/2009 6:37:29 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:pTTTz+X1uypnzJVENhrSXRKIsNS5NgXXL:B+X/bsw5CXXL

Entry address:
0x9F63B

Entry point:
E8, C4, 40, 01, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 58, 59, 87, 04, 24, FF, E0, 58, 59, 87, 04, 24, FF, E0, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, B3, F6, 49, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, 91, D6, 02, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0...
 
[+]

Entropy:
6.6860

Code size:
2.9 MB (3,072,000 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Advanced System Protector

Command:
"C:\Program Files\systweak\advanced system protector\asp.exe" \autorun


Scan asp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.