How to remove KMS-QADhook.dll.quarantined

» File
File Details
Overview
Analysis

KMS-QADhook.dll.quarantined

The module KMS-QADhook.dll.quarantined has been detected as Trojan.Agent

KMS-QADhook.dll.quarantined

Remove KMS-QADhook.dll.quar

File Details

Main Info:

MD5:	5ea8636b43e5fcc51bebe9a121ecb485
Size:	3 KB
First Published:	2017-05-21 11:05:01 (8 years ago)
Latest Published:	2025-04-23 23:01:11 (2 months ago)

Analysis:

Status:	Trojan.Agent (on last analysis)
Analysis Date:	2025-04-23 23:01:11 (2 months ago)

Common Places:

%sysdrive%\windows

%desktop%\recuper\windows

%sysdrive%\windows.old\windows

%windir%

%sysdrive%\$windows.~bt\newos

%sysdrive%\system volume information\systemrestore\frstaging

%sysdrive%\backup c\c

%desktop%\testdisk-7.1-wip

%sysdrive%\system recovery\repair

%sysdrive%\windows.old.000

File Names:

KMS-QADhook.dll

KMS-QADhook.dll.quarantined

kms-qadhook.dll

KMS-QADHOOK.DLL

f195402544.dll

f213298336.dll

ACBA5A62C5A48FBB9073F151A5F3790D93B32E85.dll

$R72FM0S.dll

Geography:

Brazil	55.6%
Thailand	6.6%
Taiwan	5.2%
Indonesia	4.8%
Turkey	4.4%
Vietnam	4.0%
Italy	3.8%
Portugal	1.6%
Russia	1.0%
Sweden	1.0%
South Korea	0.9%
Spain	0.7%
Mexico	0.6%
Colombia	0.6%
France	0.5%
United States	0.5%
Saudi Arabia	0.5%
Egypt	0.5%
Iran	0.5%
India	0.4%
Jordan	0.4%
Germany	0.4%
Ukraine	0.3%
Australia	0.3%
Japan	0.3%
Algeria	0.3%
Hong Kong	0.3%
Malaysia	0.3%
Israel	0.3%
Argentina	0.3%
Bangladesh	0.3%
Philippines	0.2%
Poland	0.2%
Netherlands	0.2%
United Arab Emirates	0.2%
China	0.2%
Palestine	0.2%
Mozambique	0.2%
Nigeria	0.2%
Angola	0.2%
Ghana	0.2%
Ecuador	0.1%
Tanzania	0.1%
Pakistan	0.1%
Peru	0.1%
Somalia	0.1%
Morocco	0.1%
Libya	0.1%
Georgia	0.1%
Syria	0.1%
Greece	0.1%
Oman	0.1%
Chile	0.1%
Serbia	0.1%
Canada	0.1%
Sri Lanka	0.1%
United Kingdom	0.1%
Czech Republic	0.1%
Togo	0.1%
Panama	0.1%
Cape Verde	0.1%
Hungary	0.1%
Cyprus	0.1%
Uruguay	0.1%
Luxembourg	0.1%
Myanmar	0.1%
Guatemala	0.1%

OS Version:

Windows 10	77.8%
Windows 7	16.8%
Windows 8.1	4.3%
Windows 8	0.5%
Windows Server 2012 R2	0.3%
Windows Vista	0.2%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000180000000
Entry Address:	0x000010c4

PE Sections:

Name	Size of data	MD5
.text	1024	ac9f971d8157513bfaf10bece5d07221
.rdata	1024	35205770f1747923b74fcfde72a774c1
.data	0	00000000000000000000000000000000
.pdata	512	ce59a37ca8971bfc6b6f269527bb7ae8

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMS-QADhook.dll.quarantined

copyright for information about KMS-QADhook.dll.quarantined