home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Kerish Doctor 2015.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.60

MD5:
322b6c037effd35faa9ea06655801059

SHA-1:
76d6a6f763db6dea27654e9078fb5f922539cace

SHA-256:
c4260d54d54ecc76bf3c3f118ff82dbc2f4599385bee60cf0f8c8592cc55011f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 1:31:53 AM UTC  (today)

File size:
3.7 MB (3,831,472 bytes)

Product version:
4.60

Copyright:
Kerish Products 2005-2015. All rights reserved.

Trademarks:
Kerish Products 2005-2015. All rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/27/2014 3:00:00 AM

Valid to:
9/27/2015 2:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronezh, S=Voronezh region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
10113097A9F7A4FC6296AF8DC613AB0D

File PE Metadata
Compilation timestamp:
3/21/2015 4:25:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:FD5dO7jkAiGXu9KZKU6TyPsU0gGJ8NJd68xUL+9Ww:FD507wAimETnrRt+p

Entry address:
0xDDB94

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 48, EE, EA, 00, 0A, 03, 38, 2A, B0, 1E, 43, CB, B3, 4A, 6D, 48, 3B, 13, 19, 4A, D6, B8, 8C, CD, 6A, 0A, AB, 18, B8, 64, 74, 80, B5, 98, D0, 5E, 83, 89, 3F, 42, 0F, 5F, 14, 9B, E8, 82, 49, 97, B7, 5A, EE, 9D, 8B, 7F, 3D, E2, DB, 7E, 90, 12, 43, 74, 1C, D5, B8, 11, F8, 5D, 71, 97, FC, BD, 14, FF, D0, 3A, CD, C7, D9, EC, 4E, 64, 54, AA, 6E, 5F, B4, CE, C8, 27, D7, 3F, 9D, A9, B4, 11, 24, F1, 8D, 5F, D2, 0D, 73, 1E...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.4 MB (6,742,016 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2015  by Kerish Products
www.kerish.org
About 3% of users remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.