How to remove KMSAuto Net.exe

» File
File Details
Overview
Analysis

KMSAuto Net.exe

The module KMSAuto Net.exe has been detected as Hack.KMS

Remove KMSAuto Net.exe

File Details

Main Info:

Product Name:	KMSAuto Net
Company Name:	MSfree Inc.
MD5:	ae1b66643c50f81136b987d87f8ee89b
Size:	4 MB
First Published:	2017-05-22 11:18:33 (8 years ago)
Latest Published:	2024-10-13 23:01:19 (10 months ago)

Analysis:

Status:	Hack.KMS (on last analysis)
Analysis Date:	2024-10-13 23:01:19 (10 months ago)

Common Places:

%desktop%\activation

%commonappdata%\kmsauto

%commonappdata%\kmsautos

%temp%\oftemp

%temp%\nszc82.tmp

%sysdrive%\docume~1\belgam~1\locals~1\temp\nsh250.tmp

%sysdrive%\docume~1\belgam~1\locals~1\temp\oftemp

%windir%\system usb-flash 10\активатор\kmsautonet

%temp%\nswef0f.tmp

%temp%\nsu47d7.tmp

Geography:

Russia	45.2%
Ukraine	25.5%
Vietnam	3.7%
Romania	3.1%
Turkey	2.8%
Kazakhstan	2.8%
Thailand	2.8%
Belarus	2.2%
Canada	2.2%
Kyrgyzstan	1.2%
United Kingdom	0.9%
Israel	0.9%
Moldova	0.6%
Italy	0.6%
Armenia	0.6%
Egypt	0.6%
Mauritius	0.3%
Saudi Arabia	0.3%
Iran	0.3%
Poland	0.3%
Netherlands	0.3%
Germany	0.3%
Czech Republic	0.3%
Estonia	0.3%
Indonesia	0.3%
United States	0.3%
Latvia	0.3%
India	0.3%
Morocco	0.3%

OS Version:

Windows 7	59.8%
Windows 10	19.3%
Windows 8.1	12.1%
Windows XP	4.7%
Windows 8	3.1%
Windows Server 2012 R2	0.9%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x004d439e

.NET Info:

MVID:	6b4ac013-90fd-4dac-97a7-74652e5cb23c
Typelib ID:	fcad9796-cfc1-41fa-93da-378996c2a356

PE Sections:

Name	Size of data	MD5
.text	5055488	55025b349959f5d508a2db19e28a6c57
.rsrc	48640	6bb401ffa766bf0bb19a2343ebbeffd6
.reloc	512	2ca85343c6f55426dc9339b8348c38f3

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSAuto Net.exe

copyright for information about KMSAuto Net.exe