home

kernelmode-stop.exe

PC-Doctor for Windows

PC-Doctor, Inc.

Publisher:
PC-Doctor, Inc.  (signed and verified)

Product:
PC-Doctor for Windows

Description:
PC-Doctor Module

Version:
6.0.6852.68

MD5:
910a30db2633d20b94dffaefc54d169f

SHA-1:
e6bcf0826924d1ae70125d6705475c9232863a50

SHA-256:
b2e16bee525168901150b2b0d11205623e947a21e082a045d856209f43811d75

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 7:42:47 PM UTC  (today)

File size:
58.4 KB (59,776 bytes)

Product version:
6.0.6852.68

Copyright:
Copyright © PC-Doctor, Inc. All rights reserved.

Trademarks:
PC-Doctor(TM) is a trademark of PC-Doctor, Inc.

Original file name:
KernelMode-stop

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\kernelmode-stop.exe

Digital Signature
Signed by:
PC-Doctor, Inc.

Authority:
Symantec Corporation

Valid from:
7/18/2016 6:00:00 PM

Valid to:
9/17/2019 5:59:59 PM

Subject:
CN="PC-Doctor, Inc.", O="PC-Doctor, Inc.", L=Reno, S=Nevada, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
46BEE99913AABA5EC589BB8261C9B276

File PE Metadata
Compilation timestamp:
11/8/2016 11:05:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
14.0

Entry address:
0x6513

Entry point:
E8, 05, 04, 00, 00, E9, 7A, FE, FF, FF, E9, 9C, 07, 00, 00, 55, 8B, EC, EB, 1F, FF, 75, 08, E8, 07, 0B, 00, 00, 59, 85, C0, 75, 12, 83, 7D, 08, FF, 75, 07, E8, 71, 08, 00, 00, EB, 05, E8, 4D, 08, 00, 00, FF, 75, 08, E8, 70, 0A, 00, 00, 59, 85, C0, 74, D4, 5D, C3, 55, 8B, EC, 8B, 45, 08, 56, 8B, 48, 3C, 03, C8, 0F, B7, 41, 14, 8D, 51, 18, 03, D0, 0F, B7, 41, 06, 6B, F0, 28, 03, F2, 3B, D6, 74, 19, 8B, 4D, 0C, 3B, 4A, 0C, 72, 0A, 8B, 42, 08, 03, 42, 0C, 3B, C8, 72, 0C, 83, C2, 28, 3B, D6, 75, EA, 33, C0, 5E...
 
[+]

Entropy:
6.5017

Code size:
28 KB (28,672 bytes)

Scan kernelmode-stop.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.