How to remove kms-r@1nhook.exe

kms-r@1nhook.exe

The module kms-r@1nhook.exe has been detected as Hijack.Explorer

kms-r@1nhook.exe
Remove kms-r@1nhook.exe

File Details

MD5: 7e74f6f8ed323b6c6d6800af7a97cf7c
Size: 4 KB
First Published: 2017-05-21 11:05:01 (7 years ago)
Latest Published: 2024-11-14 23:00:46 (a week ago)
Status: Hijack.Explorer (on last analysis)
Analysis Date: 2024-11-14 23:00:46 (a week ago)

Common Places:

%sysdrive%\windows
%desktop%\recuper\windows
%sysdrive%\$recycle.bin\s-1-5-21-408480981-4064319745-3115365603-1001
%windir%
%sysdrive%\$windows.~bt\newos
%sysdrive%\backup c\c
%sysdrive%\windows.old\cleanup\0000.~bt\newos
%desktop%\testdisk-7.1-wip
%sysdrive%\windows.old.001
%desktop%\gerson docs\gerson r. fleck\windows.old

File Names:

KMS-R@1nhook.exe
kms-r@1nhook.exe
$R1I93MQ.exe
f195402528.exe
f213298320.exe
KMS-R@1nhook.exe.quarantined
398C74DC48A44D2C0F8F6A64FB13A153DBB6F0C4.exe
KMS-R@1nhook.exe.vir
KMS-R@1NHOOK.EXE

Geography:

51.2%
8.1%
5.2%
5.1%
4.7%
4.4%
3.7%
2.1%
1.7%
1.0%
0.9%
0.9%
0.8%
0.8%
0.6%
0.5%
0.5%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 10 75.4%
Windows 7 18.4%
Windows 8.1 4.4%
Windows 8 1.1%
Windows Server 2012 R2 0.5%
Windows Vista 0.1%
Windows XP 0.1%
Windows Server 2008 R2 0.1%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000140000000
Entry Address: 0x00001000

PE Sections:

Name Size of data MD5
.text 1024 2087ce3b7f5940a3e4cdbca11c9815df
.rdata 1536 65144dd8ecd194a509e59914560fe5a7
.pdata 512 63f90834bf508c3c466106a0fd9df225
.rsrc 512 8d096de51d16180d98ba04bad2632f19

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for kms-r@1nhook.exe
copyright for information about kms-r@1nhook.exe