home

eDSLoader.exe

eDataSecurity

HiTRUST Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘eDataSecurity Loader’. This is installed with Acer eDataSecurity Management.
Publisher:
HiTRUST  (signed by HiTRUST Inc.)

Product:
eDataSecurity

Description:
eDataSecurity System Loader( Load and prepare enviroment )

Version:
2, 5, 244, 0

MD5:
deb5abde595df0edb00cd94f4738eb0c

SHA-1:
6359a61de99c42f666007b9dd3b2e4866446d37c

SHA-256:
92c5a4c7b99dd4437fc568d222f9ddb310cab5f81527626bd0f5479e8187571d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 7:31:55 PM UTC  (today)

File size:
490.8 KB (502,568 bytes)

Product version:
2, 5, 244, 0

Copyright:
(c) HiTRUST. All rights reserved.

Original file name:
eDSLoader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
HiTRUST Inc.

Authority:
VeriSign, Inc.

Valid from:
12/10/2006 6:00:00 PM

Valid to:
12/11/2007 5:59:59 PM

Subject:
CN=HiTRUST Inc., OU=CA Product Technical Department, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=HiTRUST Inc., L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1F74658637087A87A3D24A20319D9E37

File PE Metadata
Compilation timestamp:
3/30/2007 6:17:58 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:i2KYLqj7U0/OKiiSCV5HeUyqrjq7OeoIzMrjUEXZ+w5UqQRu50S5zgE2i:iDYLK/OKiiSCV1eUyq9UEX15Uqeu50S7

Entry address:
0x5DA1

Entry point:
E8, BE, 03, 00, 00, E9, 36, FD, FF, FF, 3B, 0D, 28, D0, 40, 00, 75, 02, F3, C3, E9, 3E, 04, 00, 00, 53, 8A, 5C, 24, 08, F6, C3, 02, 56, 8B, F1, 74, 24, 57, 68, 2C, 63, 40, 00, 8D, 7E, FC, FF, 37, 6A, 0C, 56, E8, 38, 01, 00, 00, F6, C3, 01, 74, 07, 57, E8, 7B, F9, FF, FF, 59, 8B, C7, 5F, EB, 13, E8, 3C, 05, 00, 00, F6, C3, 01, 74, 07, 56, E8, 65, F9, FF, FF, 59, 8B, C6, 5E, 5B, C2, 04, 00, 6A, 14, 68, D8, A5, 40, 00, E8, AD, 02, 00, 00, FF, 35, A8, D7, 40, 00, 8B, 35, FC, 73, 40, 00, FF, D6, 59, 89, 45, E4...
 
[+]

Entropy:
4.0935

Code size:
24 KB (24,576 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
eDataSecurity Loader

Command:
C:\acer\empowering technology\edatasecurity\edsloader.exe


The file eDSLoader.exe has been discovered within the following program.

Acer eDataSecurity Management  by HiTRUST Inc.
Publisher's description - “Using advanced cryptographic technologies, Acer eDataSecurity Managementoffers you greater personal data security and encryption for files and datatransmitted via instant messaging or email.”
www.hiegis.com/acer.jsp
About 1% of users remove it
 
Powered by Should I Remove It?

Scan eDSLoader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.