home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Kerish Doctor 2014.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.60

MD5:
bc825129d71c6999b0e1ed3fd4849a1c

SHA-1:
87ba1c1ab6d069c1c851a53d630f85dffbd0e0c7

SHA-256:
67fbcc629f6fd3f339150f4a7441ad58b735eac07294b4c7c4e075ea8274887b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 11:15:42 PM UTC  (a few moments ago)

File size:
2.7 MB (2,852,328 bytes)

Product version:
4.60

Copyright:
Kerish Products 2005-2014. All Rights reserved.

Trademarks:
Kerish Products 2005-2014. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/5/2013 3:00:00 AM

Valid to:
9/5/2014 2:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronegh, S="Voroneghskaya oblast ", C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1F3C11346254E097A2EA8B7C9A505E85

File PE Metadata
Compilation timestamp:
8/26/2014 4:34:36 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:VBTSDnB20LgzIMRDYRB87mu6N8ETyPsUBtSCIDFVei406Rw+6EwI:nT8B2IMqRUm3dTyPsUrSNO06Rw+6U

Entry address:
0x1A42F

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 09, 96, A8, 00, F2, 44, E7, 58, B5, 53, AE, 61, 00, 5A, 7A, 29, F7, 70, 96, 02, E6, 97, 2A, 2E, E0, 03, E2, 13, 6A, 4E, 91, 11, D5, 04, 58, C9, 46, EA, C2, 23, 92, E2, 0C, E1, 91, 56, E2, 21, 69, 6B, 6F, DF, 9C, 81, EB, 52, 44, 97, F3, E6, 36, AB, E5, AD, 0D, C1, 78, BF, 33, 4E, F7, 0C, A0, BA, 9A, 48, 7F, 57, CA, 46, C9, 74, DE, EB, A0, 93, E9, B9, 04, 10, DB, 3C, CE, 06, B7, 24, 8B, 73, D6, B2, 16, CF, 9E, 17...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.3 MB (6,578,176 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2014  by Kerish Products
www.kerish.org
About 6% of users remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.