EgisTSR.exe

ProShield

EGIS TECHNOLOGY INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ProShieldTSR’. This is installed with ProShield.
Publisher:
Egis Technology Inc.   (signed by EGIS TECHNOLOGY INC.)

Product:
ProShield

Description:
Security solution

Version:
1, 0, 6, 0

MD5:
077ff03328d9fac6810d3c5a75094591

SHA-1:
4174f8c1a91b0946c8f22d7c5abbef75cc1e1d41

SHA-256:
554d1eaeae60070b237223330d3b06498801b7188176a8f942eb2590be374872

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
8/21/2017 11:21:12 AM UTC  (today)

File size:
161.9 KB (165,744 bytes)

Product version:
1.0.30.0

Copyright:
Copyright ©2010 Egis Technology Inc. All rights reserved.

Original file name:
EgisTSR.exe

File type:
Executable application (Win64 EXE)

Language:
Chinese (Traditional, Taiwan)

Common path:
C:\Program Files\acer proshield\egistsr.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/31/2009 2:00:00 AM

Valid to:
1/2/2011 1:59:59 AM

Subject:
CN=EGIS TECHNOLOGY INC., OU=Product Development Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=EGIS TECHNOLOGY INC., L=Taipei, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7B339A9FE567E12E7BA8C26AB5F15650

File PE Metadata
Compilation timestamp:
12/16/2010 6:37:53 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:rk50kVxse3yW2J81p4dJ7DWcoLJDBQ0OiYe/LS+r5cNdXagVO57bzb9WJA0nYUbR:SOJ7DWcEhvOM/T5cXHO59WAkzR

Entry address:
0xFC34

Entry point:
48, 83, EC, 28, E8, 37, 03, 00, 00, 48, 83, C4, 28, E9, F6, FC, FF, FF, FF, 25, 74, 48, 00, 00, FF, 25, 66, 48, 00, 00, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 09, DB, 00, 00, FF, 15, 23, 45, 00, 00, 4C, 8B, 1D, F4, DB, 00, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, AF, 03, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24...
 
[+]

Entropy:
6.2251

Code size:
74.5 KB (76,288 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ProShieldTSR

Command:
"C:\Program Files\acer proshield\egistsr.exe" \run


The file EgisTSR.exe has been discovered within the following program.

ProShield  by Egis Technology Inc.
Publisher's description - “By utilizing advanced encryption technologies you can protect your files anywhere. Encrypt your files and files in a folder with the click of a button. The AES technology is the same encryption technology used by the FBI, NASA, and the Department of Defense to protect their data.”
www.egistec.com
26% remove it
 
Powered by Should I Remove It?

Scan EgisTSR.exe - Powered by Reason Core Security