How to remove kmsss.exe

kmsss.exe

The module kmsss.exe has been detected as Trojan.Agent

kmsss.exe
Remove kmsss.exe

File Details

Product Name:

KMS Server Emulator Service (XP)
Company Name:

MDL Forum, mod by Ratiborus
MD5: fe0b79c90bf882a4404de4dff046d331
Size: 294 KB
First Published: 2017-05-22 07:06:20 (7 years ago)
Latest Published: 2024-04-30 23:05:46 (9 months ago)
Status: Trojan.Agent (on last analysis)
Analysis Date: 2024-04-30 23:05:46 (9 months ago)

Common Places:

%commonappdata%\kmsautos\bin
%commonappdata%\kmsauto\bin
%commonappdata%\kmsauto
%commonappdata%\kmsautos
%sysdrive%\$recycle.bin
%appdata%\360safe\softmgr
%commonappdata%\kmsautos
%commonappdata%\kmsautos
%commonappdata%\kmsautos
%commonappdata%\kmsautos

File Names:

KMSSS.exe
kmsss.exe
$R1MHNF5.exe
trz6002.tmp
105044842.exe

Geography:

23.6%
13.5%
4.9%
4.1%
3.9%
3.9%
3.5%
3.3%
2.7%
2.0%
1.8%
1.8%
1.8%
1.8%
1.4%
1.2%
1.2%
1.2%
1.2%
1.0%
1.0%
1.0%
0.8%
0.8%
0.8%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 10 78.8%
Windows 7 12.4%
Windows 8.1 6.3%
Windows 8 1.6%
Windows Embedded 8.1 0.4%
Windows Server 2012 R2 0.2%
Windows Server 2008 R2 0.2%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000191a4

PE Sections:

Name Size of data MD5
.text 203264 8a1e6b329ff73554352d11a3946a6ba5
.rdata 72704 b60a793171cd1838aa65309a91a6b252
.data 8192 d15ae9f48ea88d619ce22b82719041f2
.rsrc 1536 9f53c608344dbac32da168430929e2bb
.reloc 14336 b797540144a12dc87c73e764fb2c8116

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for kmsss.exe
copyright for information about kmsss.exe