How to remove KMSSS.exe.quarantined

KMSSS.exe.quarantined

The module KMSSS.exe.quarantined has been detected as Hack.KMS

KMSSS.exe.quarantined
Remove KMSSS.exe.quarantine

File Details

Product Name:

KMS emulator by Ratiborus
Company Name:

MSFree Inc.
MD5: 525a481e7a32345dccb665d203615a3f
Size: 34 KB
First Published: 2017-09-07 19:15:05 (7 years ago)
Latest Published: 2024-08-29 23:01:38 (9 months ago)
Status: Hack.KMS (on last analysis)
Analysis Date: 2024-08-29 23:01:38 (9 months ago)

Overview

Signed By: WZT
Status: Valid

Common Places:

%commonappdata%\kmsautos\bin
%commonappdata%\kmsauto\bin
%commonappdata%\kmsautos
%commonappdata%\kmsauto
%appdata%\zhp
%appdata%\zhp\quarantine
%commonappdata%\kmsautos
%commonappdata%\kmsautos
%commonappdata%\kmsautos
%commonappdata%\kmsautos

File Names:

KMSSS.exe
KMSSS.exe.quarantined

Geography:

23.6%
12.9%
7.9%
7.9%
5.9%
5.5%
4.3%
3.0%
2.5%
1.9%
1.8%
1.7%
1.3%
1.3%
1.3%
1.1%
1.1%
1.1%
1.1%
1.1%
0.8%
0.8%
0.7%
0.7%
0.6%
0.5%
0.5%
0.5%
0.4%
0.4%
0.4%
0.4%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 10 74.7%
Windows 7 19.3%
Windows 8.1 4.9%
Windows 8 0.6%
Windows Server 2012 R2 0.2%
Windows Embedded 8.1 0.1%
Windows Server 2016 0.1%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00002829

PE Sections:

Name Size of data MD5
.text 11264 ccb77bca326cc49da84471e625a5bda7
.rdata 10752 f780f2c8e9853727c08bea2cabac502e
.data 4608 4591af2721e19e22b419f42b4997d15a
.rsrc 2048 449ff164a74d30afe59531c5ae990ff0
.reloc 2048 d60a476eb3ca1054020cf176ec5b3bf6

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for KMSSS.exe.quarantined
copyright for information about KMSSS.exe.quarantined