home

KerishDoctor.exe

Kerish Doctor

OOO AMA

It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is installed with the program Kerish Doctor 2012.
Publisher:
Kerish Products  (signed by OOO AMA)

Product:
Kerish Doctor

Version:
4.45

MD5:
ef260276b32a1be36b61d8103735a560

SHA-1:
b1e910640c8672ab67e29ecb353519d398b9dc3f

SHA-256:
75d588ce7e33e2a53a49c17407c44e8a0909f5f9c7861cfea3c7e2e74d3d0af6

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/29/2024 7:08:34 PM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0919
7.2.168

File size:
2.2 MB (2,311,808 bytes)

Product version:
4.45

Copyright:
Kerish Products 2005-2013. All Rights reserved.

Trademarks:
Kerish Products 2005-2013. All Rights reserved.

Original file name:
KerishDoctor.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\kerish doctor\kerishdoctor.exe

Digital Signature
Signed by:
OOO AMA

Authority:
Thawte, Inc.

Valid from:
7/31/2012 7:00:00 AM

Valid to:
8/1/2013 6:59:59 AM

Subject:
CN=OOO AMA, OU=it, O=OOO AMA, L=Voronegh, S=Voroneghskaya oblast, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5FC6B3B8D216CFEF94FEFBDBC8BE144D

File PE Metadata
Compilation timestamp:
1/2/2013 3:40:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:eF5RGyWIRhYNPuO8Ns8TTyP2GNEMMqM9RpmUe89fLdJz2RV:eF5UcReNPudzTTyP2GNEMMH97mUe8tLc

Entry address:
0x27E05

Entry point:
55, 8B, EC, 83, C4, F0, B8, 00, 10, 40, 00, E8, 01, 00, 00, 00, 9A, 83, C4, 10, 8B, E5, 5D, E9, CF, B6, 7B, 00, AE, 0C, FE, 61, 29, 2B, 5E, DB, E2, F4, 06, EF, 51, 95, 30, 87, 26, B6, CB, 12, 89, 41, 2F, B2, EC, E2, F1, 0B, 5C, 50, D1, 51, 66, 76, 16, BE, 71, DD, F2, 1F, 80, 79, 8E, 39, E6, 05, A2, 35, 37, 20, 20, A2, B7, 0F, 2A, FE, 02, 9D, 49, 6C, 88, E9, FE, 29, 1C, 45, 6C, F0, 64, 36, BE, EA, 27, 1F, DD, A2, B1, C2, BC, 26, 3B, BD, A6, A8, BF, 11, 73, DC, 55, 1C, DC, 50, 00, AE, A6, D2, 6B, ED, 82, 4E...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
3.5 MB (3,657,728 bytes)

Scheduled Task
Task name:
Kerish Doctor

Trigger:
Logon (Runs on logon)


The file KerishDoctor.exe has been discovered within the following programs.

Kerish Doctor 2012  by Kerish Products
Publisher's description - “Application performs thorough and safe cleanup by removing junk files and outdated cache from your PC, which significantly boosting its performance. Smart Update system regularly updates the software database which is improved by our experts.”
www.kerish.org
22% remove it
Kerish Doctor 2013  by Kerish Products
Publisher's description - “Kerish Doctor 2013 is the Windows Maintenance Center which features the latest technology developments. Kerish Doctor 2013 unique system prevents Windows crashes and repairs registry errors in real-time.”
www.kerish.org/en/product.php
25% remove it
 
Powered by Should I Remove It?

Scan KerishDoctor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.