home

DksInfo.exe

PC-Wächter

Dr. Kaiser Systemhaus GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘DksInfo’.
Publisher:
Dr. Kaiser Systemhaus GmbH  (signed and verified)

Product:
PC-Wächter ®

Description:
Dks Info

Version:
6, 2, 11, 0

MD5:
6a663036151d3e3082e92aee600eeae0

SHA-1:
6b0f716e75b1d45026b58a0e732696bb90f70a6d

SHA-256:
91de7fed4a8026c4f38046ecb8e18b72f6a7cd6bc74ca1a598adaccfefd4bcf5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 6:08:38 AM UTC  (today)

File size:
633 KB (648,176 bytes)

Product version:
6, 2, 0, 0

Copyright:
© 2010-11 Dr. Kaiser Systemhaus GmbH

Original file name:
DksInfo.exe

File type:
Executable application (Win64 EXE)

Language:
German (Germany)

Common path:
C:\windows\dksinfo.exe

Digital Signature
Signed by:
Dr. Kaiser Systemhaus GmbH

Authority:
GlobalSign nv-sa

Valid from:
7/4/2011 6:33:31 PM

Valid to:
7/4/2014 6:33:31 PM

Subject:
E=info@dr-kaiser.de, CN=Dr. Kaiser Systemhaus GmbH, O=Dr. Kaiser Systemhaus GmbH, C=DE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217D93FFCFBBC5050AD0B0A8AC4C8AD3F1

File PE Metadata
Compilation timestamp:
2/9/2012 2:30:38 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1536:s8a4Ffl+7/TjSb4jHorDri5JGx0HtWCnih9w8j+ELaCbkr5rBHdXWD+ni8uWBj:s8NFU7/qb4jsiCxMTi3+nCbI5rBZD5L

Entry address:
0x44BC

Entry point:
48, 83, EC, 28, E8, 07, 3B, 00, 00, 48, 83, C4, 28, E9, 1A, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, C6, 41, 18, 00, 48, 85, D2, 0F, 85, 82, 00, 00, 00, E8, 01, 39, 00, 00, 48, 89, 43, 10, 48, 8B, 90, C0, 00, 00, 00, 48, 89, 13, 48, 8B, 88, B8, 00, 00, 00, 48, 89, 4B, 08, 48, 8B, 0D, D5, 25, 01, 00, 48, 3B, D1, 74, 16, 8B, 80, C8, 00, 00, 00, 85, 05, 4C, 24, 01, 00, 75, 08, E8, CD, 46, 00, 00, 48, 89, 03, 48, 8B, 05, 33, 23, 01, 00, 48, 39, 43, 08, 74, 1B, 48, 8B, 43, 10, 8B, 88, C8, 00, 00...
 
[+]

Code size:
54.5 KB (55,808 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
DksInfo

Command:
C:\windows\dksinfo.exe


Scan DksInfo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.