How to remove SERVICE_KMS.EXE

» File
File Details
Overview
Analysis

SERVICE_KMS.EXE

The module SERVICE_KMS.EXE has been detected as Crack.AutoKMS

Remove SERVICE_KMS.EXE

File Details

Main Info:

Product Name:	Service_KMS
Company Name:	@ByELDI
MD5:	8d0c31d282cc9194791ea850041c6c45
Size:	728 KB
First Published:	2017-05-21 06:07:22 (7 years ago)
Latest Published:	2025-05-05 23:00:38 (9 hours ago)

Analysis:

Status:	Crack.AutoKMS (on last analysis)
Analysis Date:	2025-05-05 23:00:38 (9 hours ago)

Overview

Digital Signature

Signed By:	@ByELDI
Status:	Valid

Common Places:

%programfiles%\kmspico

%appdata%\zhp\quarantine

%sysdrive%\windows.old\program files\kmspico

%sysdrive%\$recycle.bin\s-1-5-21-323884191-2092194048-1028303074-1001\$rqoylgc

%programfiles%\activation windows 10 office

%sysdrive%\$recycle.bin\s-1-5-21-79499368-3263216357-3996540022-1001\$rbrmtne

%programfiles%\kmspico2

%programfiles%\microsoft office\office15\kmspico

%sysdrive%\$recycle.bin\s-1-5-21-1767605637-2923467744-1270222273-1001\$r27rwh4

%sysdrive%\kmspico

File Names:

Service_KMS.exe

vService_KMS.exe

gService_KMS.exe

service_kms.exe

Service_KMS_IObitDel.exe

service_kms.exe.1187.gzquar

Service_KMS (2017_01_04 18_17_48 UTC).exe

Service_KMS (2017_02_09 13_17_26 UTC).exe

Service_KMS.exe.quarantined

Service_21.exe

SERVICE_KMS.EXE

Geography:

Thailand	10.0%
Vietnam	8.4%
Turkey	6.8%
Taiwan	5.3%
Brazil	4.4%
Indonesia	4.3%
Spain	3.7%
India	3.2%
Argentina	3.1%
Mexico	3.0%
Peru	2.4%
Italy	2.2%
Netherlands	2.0%
United States	2.0%
Iran	1.8%
Colombia	1.8%
Poland	1.6%
Pakistan	1.5%
France	1.4%
Hungary	1.4%
Egypt	1.4%
Germany	1.3%
Philippines	1.3%
Hong Kong	1.0%
China	1.0%
Chile	1.0%
Malaysia	0.9%
Greece	0.8%
Japan	0.7%
Serbia	0.7%
Israel	0.7%
Algeria	0.7%
Bulgaria	0.7%
Venezuela	0.7%
United Kingdom	0.6%
Australia	0.6%
Romania	0.6%
Portugal	0.6%
Ecuador	0.6%
Morocco	0.5%
Croatia	0.5%
South Korea	0.5%
Bolivia	0.5%
Bosnia and Herzegovina	0.5%
Belgium	0.5%
Canada	0.5%
Sri Lanka	0.5%
Nepal	0.5%
Saudi Arabia	0.4%
Bangladesh	0.4%
Myanmar	0.4%
Czech Republic	0.3%
Russia	0.3%
South Africa	0.3%
Slovakia	0.2%
Austria	0.2%
Sweden	0.2%
Costa Rica	0.2%
Guatemala	0.2%
El Salvador	0.2%
Switzerland	0.2%
United Arab Emirates	0.2%
Paraguay	0.2%
Panama	0.2%
Nigeria	0.2%
Tunisia	0.2%
Honduras	0.2%
Lithuania	0.2%
Kenya	0.2%
Slovenia	0.1%
Dominican Republic	0.1%
Uruguay	0.1%
Estonia	0.1%
Iraq	0.1%
Qatar	0.1%
Denmark	0.1%
Mongolia	0.1%
New Zealand	0.1%
Norway	0.1%
Singapore	0.1%
Kuwait	0.1%
Azerbaijan	0.1%
Bahrain	0.1%
Ukraine	0.1%
Cambodia	0.1%
Albania	0.1%
Brunei	0.1%
Cyprus	0.1%
Madagascar	0.1%
Nicaragua	0.1%
Georgia	0.1%
Jordan	0.1%
Tanzania	0.1%
Laos	0.1%
Oman	0.1%
Cuba	0.1%
Cameroon	0.1%
Lebanon	0.1%
Papua New Guinea	0.1%
Togo	0.1%
Syria	0.1%
Côte d'Ivoire	0.1%
Ethiopia	0.1%
Senegal	0.1%
Cape Verde	0.1%
Finland	0.1%

OS Version:

Windows 10	67.8%
Windows 7	22.1%
Windows 8.1	7.9%
Windows 8	1.1%
Windows Server 2012 R2	0.5%
Windows Server 2008 R2	0.2%
Windows Server 2012	0.1%
Windows XP	0.1%
Windows Vista	0.1%
Windows Server 2016	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000b5a2e

.NET Info:

MVID:

8dfb19c6-b049-48ff-a1d0-947a2d88e1f0

PE Sections:

Name	Size of data	MD5
.text	736256	3b352486baf66fa69bdbc12f92b6247a
.rsrc	4096	8b84f955244af7ff185516048258e2a6
.reloc	512	2df0818df8e81d33fb34e2a3bfbe57b1

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for SERVICE_KMS.EXE

copyright for information about SERVICE_KMS.EXE

How to remove SERVICE_KMS.EXE

SERVICE_KMS.EXE

The module SERVICE_KMS.EXE has been detected as Crack.AutoKMS

File Details

Main Info:

Service_KMS

@ByELDI

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

.NET Info:

PE Sections:

More information: