How to remove AAct.dll
AAct.dll
The module AAct.dll has been detected as Trojan.Agent
File Details
| Product Name: | KMS emulator by Ratiborus |
| Company Name: | MSFree Inc. |
| MD5: | add80e5d9fad482705c3807bacfe1993 |
| Size: | 34 KB |
| First Published: | 2017-05-21 17:06:58 (7 years ago) |
| Latest Published: | 2025-03-01 23:01:57 (2 weeks ago) |
| Status: | Trojan.Agent (on last analysis) | |
| Analysis Date: | 2025-03-01 23:01:57 (2 weeks ago) |
Overview
| Signed By: | WZTeam |
| Status: | Valid |
Common Places:
| %commonappdata%\kmsautos\bin |
| %commonappdata%\kmsauto\bin |
| %appdata%\zhp\quarantine |
| %temp%\rar$exa0.542\kms server service v2.0.3 |
| %temp%\rar$exa0.540\kms server service v2.0.3 |
| %sysdrive%\windows |
| %sysdrive%\windows.old\programdata\kmsauto\bin |
| %windir%\kmsautos\bin |
| %windir%\kms\bin |
| %profile%\downloads\june2017_sanet.cd\june2017\kms server service v2.0.3 |
File Names:
| KMSSS.exe |
| AAct.dll |
| kmsss.exe |
| KMSS.exe |
| KMSSS (2017_08_10 13_53_02 UTC).exe |
| A0004979.dll |
| Quarantine |
| KMSSS (2018_02_16 05_43_06 UTC).exe |
| kmss.exe |
| KMSSS.exe.q_Quarantine_E128AB0_q |
| dwh1ece.exe |
| vKMSSS.exe |
| KMSSS.exe.VIR |
Geography:
| 20.4% | ||
| 16.4% | ||
| 7.2% | ||
| 6.2% | ||
| 3.4% | ||
| 2.4% | ||
| 2.2% | ||
| 2.2% | ||
| 2.1% | ||
| 1.8% | ||
| 1.6% | ||
| 1.6% | ||
| 1.5% | ||
| 1.4% | ||
| 1.4% | ||
| 1.3% | ||
| 1.3% | ||
| 1.1% | ||
| 1.1% | ||
| 1.0% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% |
OS Version:
| Windows 10 | 80.2% | |
| Windows 7 | 12.1% | |
| Windows 8.1 | 6.3% | |
| Windows 8 | 0.6% | |
| Windows Server 2008 R2 | 0.2% | |
| Windows Server 2012 R2 | 0.2% | |
| Windows Embedded 8.1 | 0.1% | |
| Windows Vista | 0.1% | |
| Windows Server 2016 | 0.1% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00002829 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 11264 | ccb77bca326cc49da84471e625a5bda7 |
| .rdata | 10752 | 32ff4dfd72412c92fb97285df9639b46 |
| .data | 4608 | 4591af2721e19e22b419f42b4997d15a |
| .rsrc | 2048 | e744600530460dc286c55427ac731fa9 |
| .reloc | 2048 | d60a476eb3ca1054020cf176ec5b3bf6 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for AAct.dll
