home

ACDaemon.exe

ArcSoft Connect

ArcSoft, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ArcSoft Connection Service’.
Publisher:
ArcSoft Inc.  (signed by ArcSoft, Inc.)

Product:
ArcSoft Connect

Description:
ArcSoft Connect Daemon

Version:
1.1.0.43

MD5:
4783aa58223dfd3862a1f0eb8dc3eb0c

SHA-1:
ba4d59cc2b6b98260a9eba3f3e834ecf56ca5f47

SHA-256:
2e8996f2023bad1f128e727841fc0fc2235d18b1bf3018dbb90b3a71c5b7df87

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/27/2024 5:17:11 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

File size:
266.9 KB (273,351 bytes)

Product version:
1.1.0.43

Copyright:
Copyright (C) ArcSoft 2007

Original file name:
ACDaemon.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\common files\arcsoft\connection service\bin\acdaemon.exe

Digital Signature
Signed by:
ArcSoft, Inc.

Authority:
VeriSign, Inc.

Valid from:
7/24/2007 1:00:00 AM

Valid to:
8/15/2010 12:59:59 AM

Subject:
CN="ArcSoft, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="ArcSoft, Inc.", L=Fremont, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
38B5A40BC3E8552B45588D0EB9B5F330

File PE Metadata
Compilation timestamp:
7/6/2009 3:48:23 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x19987

Entry point:
E9, 13, F5, FF, FF, 68, B8, 45, 42, 00, 68, 64, E0, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, AC, 41, 42, 00, 33, D2, 8A, D4, 89, 15, AC, D8, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, A8, D8, 42, 00, C1, E1, 08, 03, CA, 89, 0D, A4, D8, 42, 00, C1, E8, 10, A3, A0, D8, 42, 00, 6A, 01, E8, 05, 34, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C2, 00, 00, 00, 59, E8, 95, 30, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B1, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.8295

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
140 KB (143,360 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ArcSoft Connection Service

Command:
C:\Program Files\common files\arcsoft\connection service\bin\acdaemon.exe


Scan ACDaemon.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.