home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Kerish Doctor 2015.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.60

MD5:
7c06ea61062623d1702f05378b900991

SHA-1:
de19b825fcb14a0e7755797072843dfeac584129

SHA-256:
411c82bc54627f5dbac399bb9acb2782aaac36e4cd86f3bf8c5e8d8e791a0030

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/5/2024 4:11:32 PM UTC  (today)

File size:
3.7 MB (3,872,432 bytes)

Product version:
4.60

Copyright:
Kerish Products 2005-2015. All rights reserved.

Trademarks:
Kerish Products 2005-2015. All rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/27/2014 3:00:00 AM

Valid to:
9/27/2015 2:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronezh, S=Voronezh region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
10113097A9F7A4FC6296AF8DC613AB0D

File PE Metadata
Compilation timestamp:
4/5/2015 9:34:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:wuSGyrfqQhUvsglTyPsU0zrPY3RMIaj6Vvekg/QI:BafqBvHlTnrIhOYvekg4

Entry address:
0x655CD

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 5F, 76, F3, 00, 26, 3F, DB, 08, EC, A7, BA, E5, 51, 6F, DC, A9, C2, 76, B3, F6, 9C, 33, 1B, 86, 0E, E4, 66, 2F, 40, 34, 34, 79, 47, 52, F7, BE, 2A, B9, AB, 2D, 7B, B3, 84, CD, A7, 78, BC, 7B, BD, 7B, DA, E0, 39, 48, 52, 4E, 9B, 0E, 4E, 85, 17, 92, 0F, 7C, 75, F6, 56, 55, F1, 6C, 10, 01, 63, B5, 1A, 9F, BD, F4, 7D, EE, A7, 62, 7A, BF, F7, E1, 71, 63, F2, 82, A0, 93, 57, F9, 82, 64, 46, 98, 25, 26, 46, 78, 12, 74...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.4 MB (6,746,112 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2015  by Kerish Products
www.kerish.org
About 3% of users remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.