home

asp.exe

Advanced System Protector

Systweak Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Advanced System Protector’.
Publisher:
Systweak Inc  (signed and verified)

Product:
Advanced System Protector

Version:
2.0.323.1842

MD5:
d77f71b561cb03ffb523c1d4de7b7ccf

SHA-1:
6a3d679d6691a634c39a94f3cec05653868cf4fd

SHA-256:
594d7c5e1a38fda171c03fe36769b34cbbf39d86653e6e9621e5352fa83d02dc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 4:50:55 AM UTC  (today)

File size:
14.5 MB (15,184,104 bytes)

Product version:
2.0.323.1842

Copyright:
Copyright (C) 2008 Systweak Inc. All rights reserved.

Trademarks:
Systweak

Original file name:
asp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\systweak\advanced system protector\asp.exe

Digital Signature
Signed by:
Systweak Inc

Authority:
The USERTRUST Network

Valid from:
11/18/2008 2:00:00 AM

Valid to:
11/19/2011 1:59:59 AM

Subject:
CN=Systweak Inc, O=Systweak Inc, STREET=E-73 Chitranjan Marg, STREET=C-Scheme, L=Jaipur, S=Rajasthan, PostalCode=302001, C=IN

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00B8F0B580E48FBDE638037286775B6015

File PE Metadata
Compilation timestamp:
3/9/2009 2:36:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:z3jwv4E4CZ2Dt7p1meiDUQJMOPmrx7CC+Vz+DTVTSgk1GxGuB3Yp+QUIsNwTbqVp:zRE4CetTmJDbJMo4x7CpVaYgudsNwXwp

Entry address:
0x9F63B

Entry point:
E8, C4, 40, 01, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 51, 53, 8B, 45, 0C, 83, C0, 0C, 89, 45, FC, 64, 8B, 1D, 00, 00, 00, 00, 8B, 03, 64, A3, 00, 00, 00, 00, 8B, 45, 08, 8B, 5D, 0C, 8B, 6D, FC, 8B, 63, FC, FF, E0, 5B, C9, C2, 08, 00, 58, 59, 87, 04, 24, FF, E0, 58, 59, 87, 04, 24, FF, E0, 58, 59, 87, 04, 24, FF, E0, 55, 8B, EC, 51, 51, 53, 56, 57, 64, 8B, 35, 00, 00, 00, 00, 89, 75, FC, C7, 45, F8, B3, F6, 49, 00, 6A, 00, FF, 75, 0C, FF, 75, F8, FF, 75, 08, E8, 91, D6, 02, 00, 8B, 45, 0C, 8B, 40, 04, 83, E0...
 
[+]

Entropy:
6.7105

Code size:
2.9 MB (3,072,000 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Advanced System Protector

Command:
"C:\Program Files\systweak\advanced system protector\asp.exe" \autorun


Scan asp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.