home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This is installed with Kerish Doctor 2015.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.60

MD5:
3dadc6777a5bc93f63068b0d69774aa3

SHA-1:
88ad3203f985135ef53391ebdcb7f7ddbabf3691

SHA-256:
daebc0ba834cff0a5764d7125d6e25943834eec3650fb9803a4e8d07624de061

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 1:39:29 AM UTC  (today)

File size:
3.7 MB (3,872,432 bytes)

Product version:
4.60

Copyright:
Kerish Products 2005-2015. All rights reserved.

Trademarks:
Kerish Products 2005-2015. All rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
8/27/2014 3:00:00 AM

Valid to:
9/27/2015 2:59:59 AM

Subject:
CN=OOO AMA, OU=IT, O=OOO AMA, L=Voronezh, S=Voronezh region, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
10113097A9F7A4FC6296AF8DC613AB0D

File PE Metadata
Compilation timestamp:
3/21/2015 2:19:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:qrkOKc2BjZEuTyPsU0mwIT3S9S4lmNYsz5Y:qIY2guTnrmT3S9Z4NYw5Y

Entry address:
0x15C01

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, 37, A8, F7, 00, C6, EA, 9F, 7C, DD, 82, 8D, 7D, A0, DA, AC, 7F, 0E, E2, 4F, C0, 8B, BF, 14, 76, 01, B6, 51, F4, 66, A3, B3, 8B, E4, A1, 22, C8, 7E, 83, FB, A3, 9B, 7F, 97, E7, 0B, 70, 5D, 49, 8E, 83, 60, E4, 85, 9F, AC, C2, 8C, 2D, 44, C4, FA, F4, 76, 2E, B8, B5, BE, 43, 2E, 36, F2, 02, 78, C9, 7B, 5A, 7B, 97, BC, 39, 84, CB, 2E, DF, FB, 88, C5, DA, E0, 3A, 63, 17, 75, 85, 27, FF, C2, 21, 2D, 50, 8C, 17, 1F, E1...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
6.4 MB (6,742,016 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)

Description:
Kerish Doctor Startup


The file KerishDoctor.exe has been discovered within the following program.

Kerish Doctor 2015  by Kerish Products
www.kerish.org
About 3% of users remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.