home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Kerish Doctor 2013.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.50

MD5:
fab3a9ee9141b9d4c6816bcfc0b412b1

SHA-1:
e101e89a363d32bdb56967c3303de6e59aed281b

SHA-256:
81e307b6118e23942f4d33044c7a42d0e35eedf861c11c2ddffbced7c1f393ee

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 11:33:41 AM UTC  (today)

File size:
2.3 MB (2,409,960 bytes)

Product version:
4.50

Copyright:
Kerish Products 2005-2013. All Rights reserved.

Trademarks:
Kerish Products 2005-2013. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
7/31/2012 4:00:00 AM

Valid to:
8/1/2013 3:59:59 AM

Subject:
CN=OOO AMA, OU=it, O=OOO AMA, L=Voronegh, S=Voroneghskaya oblast, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5FC6B3B8D216CFEF94FEFBDBC8BE144D

File PE Metadata
Compilation timestamp:
6/17/2013 4:40:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:Ly6ZqwQ9DWTa82qFajQTyP2Gwa4FikOou81eSL1H1yR0rCzh:W3wQ9DWTNtYkTyP2Gwa4FikU81eShHYZ

Entry address:
0x75650

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 04, 40, 7F, 00, 12, E7, 0A, 3B, E4, 7F, 56, 2A, 3C, A3, ED, CB, 06, FC, 41, 39, 99, 76, FC, FB, 6C, DB, A1, AF, B1, 56, 1F, 29, B8, E8, 22, DF, E8, A1, F3, 84, D8, 91, D4, BD, 2F, D5, 82, F8, 13, E3, CC, FC, 10, EE, 09, F2, 14, 84, 55, 42, 32, 6A, 88, 7E, 65, B3, EE, 87, 65, 1B, 95, E0, 68, F2, 9D, 73, 18, C2, 4C, 71, 3A, 8A, 44, DA, 85, 09, 32, 53, 6B, 05, AE, AC, 35, 39, 04, 7A, C8, 07, 59, 9B, 4E, AF, DE, 54...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
4 MB (4,157,440 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2013  by Kerish Products
Publisher's description - “Kerish Doctor 2013 is the Windows Maintenance Center which features the latest technology developments. Kerish Doctor 2013 unique system prevents Windows crashes and repairs registry errors in real-time.”
www.kerish.org/en/product.php
25% remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.