home

DksInfo.exe

PC-Wächter

Dr. Kaiser Systemhaus GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DksInfo’.
Publisher:
Dr. Kaiser Systemhaus GmbH  (signed and verified)

Product:
PC-Wächter ®

Description:
Dks Info

Version:
6, 2, 36, 0

MD5:
a9b73954959201191f27f41fbe5c7a5d

SHA-1:
61f8f994146dd77d8948e85e74bd4694b47473ff

SHA-256:
9488df25158db81752fb35ec57c58c6c3aad5d2f26935ba4df7075efa30dab7f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 5:35:40 PM UTC  (today)

File size:
643.5 KB (658,928 bytes)

Product version:
6, 2, 0, 0

Copyright:
© 2010-12 Dr. Kaiser Systemhaus GmbH

Original file name:
DksInfo.exe

File type:
Executable application (Win64 EXE)

Language:
German (Germany)

Common path:
C:\windows\dksinfo.exe

Digital Signature
Signed by:
Dr. Kaiser Systemhaus GmbH

Authority:
GlobalSign nv-sa

Valid from:
7/4/2011 6:33:31 PM

Valid to:
7/4/2014 6:33:31 PM

Subject:
E=info@dr-kaiser.de, CN=Dr. Kaiser Systemhaus GmbH, O=Dr. Kaiser Systemhaus GmbH, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217D93FFCFBBC5050AD0B0A8AC4C8AD3F1

File PE Metadata
Compilation timestamp:
10/5/2012 12:20:42 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:OmeGtSfdFih2oSm+7UvjFZTyQ4t7xq5CZxgkqo:OGUfra9+7ULF0QCZxWo

Entry address:
0x5DCC

Entry point:
48, 83, EC, 28, E8, 03, 3B, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, BA, 08, 00, 00, 00, 8D, 4A, 18, E8, 05, 3C, 00, 00, 48, 8B, C8, 48, 8B, D8, E8, 7E, 37, 00, 00, 48, 89, 05, 4B, 5A, 01, 00, 48, 89, 05, 3C, 5A, 01, 00, 48, 85, DB, 75, 05, 8D, 43, 18, EB, 06, 48, 83, 23, 00, 33, C0, 48, 83, C4, 20, 5B, C3, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 48, 89, 7C, 24, 18, 41, 54, 41, 55, 41, 56, 48, 83, EC, 20, 4C, 8B, F1, E8, 67, 24, 00, 00, 90, 48, 8B, 0D, 03, 5A, 01...
 
[+]

Code size:
61.5 KB (62,976 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DksInfo

Command:
C:\windows\dksinfo.exe


Scan DksInfo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.