How to remove FakeClient.exe

FakeClient.exe

The module FakeClient.exe has been detected as Hack.AutoKMS

FakeClient.exe
Remove FakeClient.exe

File Details

MD5: 6241a145a6bc3511e7690dcf107cefd8
Size: 10 KB
First Published: 2019-05-03 00:08:32 (6 years ago)
Latest Published: 2025-09-24 23:00:54 (a day ago)
Status: Hack.AutoKMS (on last analysis)
Analysis Date: 2025-09-24 23:00:54 (a day ago)

Common Places:

%windir%\kms_vl_all
%mydoc%\application\ms office 2019 pro plus\office 2013-2019.zip\office 2013-2019\files\bin
%sysdrive%\új mappa (3)\torrent\office_2019\officertool\officefixes
%profile%\downloads\office 2013-2019.zip\office 2013-2019\files\bin
%sysdrive%\microsoft.office.professional.plus 2019..german-indiso\crack\officefixes
%sysdrive%\mega\office 2013-2019.zip\office 2013-2019\files\bin
%mydoc%\personal\officertool2018dec02\officertool\officefixes
%sysdrive%\progik\iroda\hun office 2016_2019 x64\office_2016–19_c2r_vl_iso_16.0.10342.20010_03.31.2019-15.01.42\files\bin
%windir%\files\bin
%windir%\files\bin

Geography:

8.0%
7.0%
6.0%
6.0%
5.5%
5.0%
5.0%
5.0%
5.0%
4.5%
3.5%
3.0%
2.5%
2.5%
2.5%
2.0%
2.0%
1.5%
1.5%
1.5%
1.5%
1.0%
1.0%
1.0%
1.0%
1.0%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%

OS Version:

Windows 10 92.7%
Windows 8.1 4.9%
Windows 7 2.4%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000100000000
Entry Address: 0x00001d68

PE Sections:

Name Size of data MD5
.text 6656 b3a44ed647d9cc99534517c3b71ef88b
.data 512 9da6ee3a2387e4c52b9e2d96045bb94a
.pdata 512 cdf9527dd24b2cc6964a018c901e750b
.rsrc 1024 171c68c5253a8bc835c53b119c35a235
.reloc 512 3c4ec6cfba38a33c514323bd1e80b7d3

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for FakeClient.exe
copyright for information about FakeClient.exe