home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Kerish Doctor 2014.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.55

MD5:
8c2771d548634c4f8190f5882bddaf3f

SHA-1:
396134382cf1a03771f209a1c504e46d3c476242

SHA-256:
9167858c87c7f29a17dc26e7fdd7e1d96f13fef925264fb9083fdb47029fcf5f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 2:12:49 AM UTC  (today)

File size:
2.5 MB (2,569,704 bytes)

Product version:
4.55

Copyright:
Kerish Products 2005-2014. All Rights reserved.

Trademarks:
Kerish Products 2005-2014. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/5/2013 2:00:00 AM

Valid to:
9/5/2014 1:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronegh, S="Voroneghskaya oblast ", C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1F3C11346254E097A2EA8B7C9A505E85

File PE Metadata
Compilation timestamp:
4/13/2014 1:41:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:H9l2f/UkwyszWTeyfEeC6esQeOs8Bh4TyPGb0rCdUq8gZeTblcPI:H9l2UkwLWTTCan8BSTyPc0jyZeTbyw

Entry address:
0x3C7EE

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 22, 41, 8C, 00, 75, D8, BF, 5B, 82, 4B, A7, F9, A7, 65, C1, 77, 76, FC, B2, E2, 3F, 6C, 4A, EB, 7D, DC, CB, 9E, 63, AB, A4, C9, 3F, D4, B0, 56, 52, 93, 07, E6, 54, 79, E6, 45, 56, 70, D9, 9F, 29, 98, 49, 47, BD, F9, 81, AE, 44, 98, 6F, 0C, 84, 52, C3, 72, 3A, D9, 28, 65, 9A, 64, A8, 6F, 56, 53, 4E, 43, DF, 12, BD, 0B, 6C, 4E, 5C, 85, EA, 82, 55, EE, 12, 17, 44, 87, 22, 02, 29, 43, E4, 79, 02, 2D, 3F, 34, 16, 47...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4.8 MB (5,001,216 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2014  by Kerish Products
www.kerish.org
About 6% of users remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.