How to remove kmsss.exe
kmsss.exe
The module kmsss.exe has been detected as Trojan.Agent
File Details
| Product Name: | KMS Server Emulator Service (XP) |
| Company Name: | MDL Forum, mod by Ratiborus |
| MD5: | fe0b79c90bf882a4404de4dff046d331 |
| Size: | 294 KB |
| First Published: | 2017-05-22 07:06:20 (8 years ago) |
| Latest Published: | 2024-04-30 23:05:46 (a year ago) |
| Status: | Trojan.Agent (on last analysis) | |
| Analysis Date: | 2024-04-30 23:05:46 (a year ago) |
Common Places:
| %commonappdata%\kmsautos\bin |
| %commonappdata%\kmsauto\bin |
| %commonappdata%\kmsauto |
| %commonappdata%\kmsautos |
| %sysdrive%\$recycle.bin |
| %appdata%\360safe\softmgr |
| %commonappdata%\kmsautos |
| %commonappdata%\kmsautos |
| %commonappdata%\kmsautos |
| %commonappdata%\kmsautos |
File Names:
| KMSSS.exe |
| kmsss.exe |
| $R1MHNF5.exe |
| trz6002.tmp |
| 105044842.exe |
Geography:
| Russia | 23.6% | |
| Ukraine | 13.5% | |
| South Korea | 4.9% | |
| Vietnam | 4.1% | |
| Indonesia | 3.9% | |
| Thailand | 3.9% | |
| Taiwan | 3.5% | |
| United States | 3.3% | |
| Spain | 2.7% | |
| Belarus | 2.0% | |
| Brazil | 1.8% | |
| Turkey | 1.8% | |
| Kazakhstan | 1.8% | |
| China | 1.8% | |
| Iran | 1.4% | |
| Moldova | 1.2% | |
| Mexico | 1.2% | |
| Czech Republic | 1.2% | |
| Colombia | 1.2% | |
| Bulgaria | 1.0% | |
| Egypt | 1.0% | |
| Chile | 1.0% | |
| United Kingdom | 0.8% | |
| Malaysia | 0.8% | |
| Serbia | 0.8% | |
| Hong Kong | 0.6% | |
| France | 0.6% | |
| Israel | 0.6% | |
| Poland | 0.6% | |
| Germany | 0.6% | |
| Romania | 0.6% | |
| India | 0.6% | |
| Libya | 0.6% | |
| Ecuador | 0.6% | |
| Italy | 0.4% | |
| Saudi Arabia | 0.4% | |
| Venezuela | 0.4% | |
| Iraq | 0.4% | |
| Slovakia | 0.4% | |
| Latvia | 0.4% | |
| Bolivia | 0.4% | |
| Cuba | 0.4% | |
| Ireland | 0.4% | |
| Argentina | 0.4% | |
| Morocco | 0.4% | |
| Pakistan | 0.4% | |
| Bangladesh | 0.4% | |
| Lithuania | 0.2% | |
| Netherlands | 0.2% | |
| Croatia | 0.2% | |
| Canada | 0.2% | |
| New Zealand | 0.2% | |
| Lebanon | 0.2% | |
| Tunisia | 0.2% | |
| Armenia | 0.2% | |
| United Arab Emirates | 0.2% | |
| Kyrgyzstan | 0.2% | |
| Austria | 0.2% | |
| Honduras | 0.2% | |
| Uruguay | 0.2% | |
| Jordan | 0.2% | |
| Sweden | 0.2% | |
| Peru | 0.2% | |
| Kuwait | 0.2% | |
| Philippines | 0.2% | |
| Portugal | 0.2% | |
| Ghana | 0.2% | |
| Australia | 0.2% | |
| Sri Lanka | 0.2% |
OS Version:
| Windows 10 | 78.8% | |
| Windows 7 | 12.4% | |
| Windows 8.1 | 6.3% | |
| Windows 8 | 1.6% | |
| Windows Embedded 8.1 | 0.4% | |
| Windows Server 2012 R2 | 0.2% | |
| Windows Server 2008 R2 | 0.2% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x000191a4 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 203264 | 8a1e6b329ff73554352d11a3946a6ba5 |
| .rdata | 72704 | b60a793171cd1838aa65309a91a6b252 |
| .data | 8192 | d15ae9f48ea88d619ce22b82719041f2 |
| .rsrc | 1536 | 9f53c608344dbac32da168430929e2bb |
| .reloc | 14336 | b797540144a12dc87c73e764fb2c8116 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for kmsss.exe
