AIPS.exe

AIPS Application

Arcai.com

It runs as a separate (within the context of its own process) windows Service named “Arp Intelligent Protection Service Service”.
Publisher:
Arcai.com

Product:
AIPS Application

Description:
Arp Intelligent Protection Service

Version:
211

MD5:
73af96ca54768950a041f874a2157561

SHA-1:
fccfdc1c697523436b4eef6e24eecca1a79674f0

SHA-256:
bf9e8746473b8c2559c60860f6b295814003da88040a514fb794c1c3f8f2afc9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/26/2024 8:06:39 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
AdWare.Win32.Gabpath
t3scan.1.3.5.0

File size:
240 KB (245,760 bytes)

Product version:
211

Copyright:
Arcai.com Copyright (C) 2011

Original file name:
AIPS.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\netcutdefender\services\aips.exe

File PE Metadata
Compilation timestamp:
6/22/2011 3:53:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
6144:NmePmhtaHhejSvBI20u87GxbjwEZTjBTEP3c:Nmeeh8Hhe7ucEbB5gk

Entry address:
0x187CF

Entry point:
E8, FC, A1, 00, 00, E9, 40, FE, FF, FF, 6A, 00, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, E8, 74, A2, 00, 00, 83, C4, 14, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32...
 
[+]

Code size:
180 KB (184,320 bytes)

Service
Display name:
Arp Intelligent Protection Service Service

Service name:
AIPS

Type:
Win32OwnProcess

Group:
NDIS


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to li682-165.members.linode.com  (23.239.9.165:80)

Scan AIPS.exe - Powered by Reason Core Security