RiskWare.IFEOHijack.KMS

RiskWare.IFEOHijack.KMS is Malwarebytes detection name for a number of debugger values in the Windows registry added by software that allows the illegal use of Microsoft products.

When an executable is listed under the IMAGE FILE EXECUTION OPTIONS key and it has a debugger value set, Windows always checks under that key what the valuedata is and launches that “debugger” instead of the executable. By setting a debugger for an executable, you basically intercept any calls to that executable and run another executable instead.

The debugger settings flagged by RiskWare.IFEOHijack.KMS are made by software that allows the illegal use of Microsoft products.

RiskWare.IFEOHijack.KMS is a “removal only” detection name. That means users must make the call themselves whether or not to remove the program flagged by Malwarebytes. If users wish to keep the program, they may add it to exclusions.

Malwarebytes can detect and remove RiskWare.IFEOHijack.KMS without further user interaction.

When RiskWare.IFEOHijack.KMS is detected on your computer, Malwarebytes for Windows does not know if it was authorized. Optimization software, malware, and Potentially Unwanted Programs (PUPs) are known to make these types of changes, hence they are regarded as riskware.

To have Malwarebytes for Windows ignore RiskWare.IFEOHijack.KMS, you must add RiskWare.IFEOHijack to the Allow list. Here’s how to do it.