AdvancedSystemProtector.exe
Advanced System Protector by Systweak Software (Signed)
Warning 11 antivirus scanners has detected malware in various versions of AdvancedSystemProtector.exe.
Overview
advancedsystemprotector.exe has 10 known versions, the most recent one is 2.1.1000.13491. advancedsystemprotector.exe is run as a standard windows process with the logged in user's account privileges. It also provides a graphical interface (GUI) for the user to interact with it and contains an icon in the Windows notifictaion system tray (near the clock). During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. In order execute the program with adminsitrator rights and prevent a UAC prompt, the program will add a job to the Windows Task Scheduler that will automtaiclaly start it when a user logs on. The average file size is about 6.17 MB. It is an authenticode code-signed executable issued to Systweak Software by the certification authority VeriSign. Some variations of the file have been seen to be installed with the program Advanced System Protector from Systweak Inc. This is a .NET Common Language Runtime (CLR) assembly. During the process's lifecycle, the typical CPU resource utilization is about 0.0011% including both foreground and background operations, the average private memory consumption is about 69.63 MB with the maximum memory reaching around 110.05 MB. Addionally, typically read and write I/O disk operations is about 135.05 KB per minute for reads and 85.15 KB per minute for writes.
Details |
File name: | advancedsystemprotector.exe |
Publisher: | Systweak |
Product name: | Advanced System Protector |
Typical file path: | C:\Program Files\advanced system protector\advancedsystemprotector.exe |
Certificate |
Issued to: | Systweak Software |
Authority (CA): | VeriSign |
Effective date: | Monday, December 10, 2012 |
Programs installed in
(Note, the programs listed below are for all versions of Advanced System Protector.)
“Advanced System Protector is a solution to detect and remove the malicious programs intruding your computer. It offers protection against deceptive applications that affect start-up programs, cookies,...”
Behaviors
(Note, the behaviors below are for all versions of advancedsystemprotector.exe, select a unique version for details.)
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path '\Advanced System Protector_startup'
Scheduled tasks
- The job 'Advanced System Protector_startup' runs on logon in the path '\Advanced System Protector_startup'
- Entry path '\Advanced System Protector_startup'
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'Advanced System Protector_startup' → "C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe" autolaunch
Malware detections
Based on 40+ industry antivirus scanners, 11 of them detected the following malware.
Antivirus engine | Engine version | Detection | File version |
Comodo Internet Security |
15850 |
ApplicUnwnt |
2.1.1000.10225 |
Comodo Internet Security |
16106 |
ApplicUnwnt |
2.1.1000.10493 |
Comodo Internet Security |
15970 |
ApplicUnwnt |
2.1.1000.10229 |
Comodo Internet Security |
16504 |
ApplicUnwnt |
2.1.1000.10568 |
ESET NOD32 |
7.8202 |
a variant of MSIL/Adware.AdvancedSystemProtector.A |
2.1.1000.10225 |
ESET NOD32 |
7.8279 |
a variant of MSIL/Adware.AdvancedSystemProtector.A |
2.1.1000.10493 |
ESET NOD32 |
7.8108 |
a variant of MSIL/Adware.AdvancedSystemProtector.A |
2.1.1000.10348 |
ESET NOD32 |
7.8239 |
a variant of MSIL/Adware.AdvancedSystemProtector.A |
2.1.1000.10229 |
ESET NOD32 |
7.8498 |
MSIL/AdvancedSystemProtector |
2.1.1000.10568 |
ESET NOD32 |
7.8852 |
a variant of MSIL/AdvancedSystemProtector.B |
2.1.1000.10905 |
Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
2.1.1000.10568 |
All file variations of advancedsystemprotector.exe
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
32.47% |
|
Windows 7 Ultimate |
24.68% |
|
Windows Vista Home Premium |
11.69% |
|
Windows 7 Starter |
7.79% |
|
Windows 8 Pro |
7.79% |
|
Windows 7 Professional |
5.19% |
|
Microsoft Windows XP |
2.60% |
|
Windows 8 Release Preview |
2.60% |
|
Windows Vista Ultimate |
2.60% |
|
Windows 8 |
1.30% |
|
Windows Vista Home Basic |
1.30% |
|
Distribution by country
United States installs about 39.47% of Advanced System Protector.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Acer |
34.33% |
|
Hewlett-Packard |
16.42% |
|
ASUS |
14.93% |
|
Sony |
8.96% |
|
Toshiba |
5.97% |
|
Intel |
5.97% |
|
Dell |
5.97% |
|
GIGABYTE |
2.99% |
|
Compaq |
2.99% |
|
Alienware |
1.49% |
|