home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler. This is installed with Kerish Doctor 2014.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.60

MD5:
cf8a79251bb3a61963a876247a1b464f

SHA-1:
c3c051d26b77405ebbfe8fb697ba0120daae043b

SHA-256:
eb73ff6f6efdbaf01701df3821d02ae3d4c64730588cf4393ba6279a6b45563a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 8:42:37 AM UTC  (today)

File size:
2.7 MB (2,782,696 bytes)

Product version:
4.60

Copyright:
Kerish Products 2005-2014. All Rights reserved.

Trademarks:
Kerish Products 2005-2014. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/5/2013 4:00:00 AM

Valid to:
9/5/2014 3:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronegh, S="Voroneghskaya oblast ", C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1F3C11346254E097A2EA8B7C9A505E85

File PE Metadata
Compilation timestamp:
8/1/2014 1:19:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:fVgnEIpPM/5Wzf2Iv5e6gDKaxTyPsUJVb+WvQ//Wm6lS7Ie9yBB:foRMwze+5aDKwTyPsU3bTv6/Wlu79yP

Entry address:
0x170A5

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, AB, F1, A5, 00, FA, C0, 8E, 87, 7D, 51, 1B, 82, 6F, BB, D1, 7B, 59, 7F, B9, 27, BB, 83, 05, 21, AD, B9, 8D, C9, 17, 94, F3, 90, F6, D4, D5, 60, BF, 8F, 16, 9D, 96, 2D, C7, B7, 77, 44, F5, 02, 7E, 67, A5, 40, 5A, 74, A5, 94, BB, E8, 28, 78, 84, 7B, 99, 05, C8, 6C, 7E, 83, FB, 09, 9A, 02, CB, 2B, 7C, AE, D1, 6C, 33, 30, 37, 74, D1, EE, 58, 42, 11, 2F, 09, C8, 18, B3, A6, FC, F8, 4A, 5D, 94, 52, FE, 36, 01, DD, 3A...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.1 MB (6,418,432 bytes)

Scheduled Task
Task name:
{0C7D777F-F263-4DEB-8D3B-5371A2C026A3}

Trigger:
Registration (Runs on registration)


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2014  by Kerish Products
www.kerish.org
About 6% of users remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.