How to remove KMSpico.exe

» File
File Details
Overview
Analysis

KMSpico.exe

The module KMSpico.exe has been detected as Hack.AutoKMS

Remove KMSpico.exe

File Details

Main Info:

Product Name:	KMSnano
Company Name:	ByELDI
MD5:	ed4e06e07856176cf904534277d55a11
Size:	1 MB
First Published:	2017-12-21 22:15:33 (7 years ago)
Latest Published:	2024-06-17 23:00:55 (a year ago)

Analysis:

Status:	Hack.AutoKMS (on last analysis)
Analysis Date:	2024-06-17 23:00:55 (a year ago)

Common Places:

%sysdrive%\pogramas pc\officepro_13x_64bits_esp\activ_ ofi_13_permanente\activador office 2013\002 kms_activator\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

%desktop%\diciembre 2017\instalacion de office\programa officce 2010\activador office 2010\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

%sysdrive%\xfer\idm\microsoft office (2013)\sharewbb_kmstosnew08august\kms tools\kmspico\kmspico oem\$oem$\$$\setup

%sysdrive%\爸爸的資料\程式(9400)\作業系統\kms activator new reliz 20.08.2013 aio winall retail\kmspico\kmspico oem\$oem$\$$\setup

%desktop%\escritorio 2018

%sysdrive%\$recycle.bin\s-1-5-21-87135576-2087611795-607172523-1000\$rfx3m3o\kmspico.v8.4 p-h\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

%sysdrive%\$recycle.bin\s-1-5-21-1740679853-1520997301-558946601-1000\$r4f7037\kmspico.v8.4 p-h\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

%sysdrive%\$recycle.bin\s-1-5-21-1740679853-1520997301-558946601-1000\$r4f7037\oficce\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

%sysdrive%\$recycle.bin\s-1-5-21-1740679853-1520997301-558946601-1000\$r8sw9cg\oficce\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

%sysdrive%\$recycle.bin\s-1-5-21-87135576-2087611795-607172523-1000\$rfx3m3o\oficce\kmspico.v8.4-heldigard\kmspico oem\$oem$\$$\setup

Geography:

	46.7%
	20.0%
	13.3%
	6.7%
	6.7%
	6.7%

OS Version:

Windows 7	66.7%
Windows 10	13.3%
Windows 8.1	13.3%
Windows XP	6.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000168cf

PE Sections:

Name	Size of data	MD5
.text	90624	4794b31aa8ab9b337e775f7340a2271d
.rdata	14336	4db2dba763a9460e4543f48d7929b457
.data	2048	948353a21f43eb6ad7b646bc00bb4688
.rsrc	372224	96640076b64aa94fe35c30a0dd7032ec

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSpico.exe

copyright for information about KMSpico.exe