How to remove autokms.exe

autokms.exe

The module autokms.exe has been detected as Virtool.AutoKMS

autokms.exe
Remove autokms.exe

File Details

Product Name:

AutoKMS
MD5: 07605abeb10fc533881c91f19decf69a
Size: 1 MB
First Published: 2017-05-21 13:08:34 (8 years ago)
Latest Published: 2026-01-11 23:00:16 (2 weeks ago)
Status: Virtool.AutoKMS (on last analysis)
Analysis Date: 2026-01-11 23:00:16 (2 weeks ago)

Common Places:

%windir%\autokms
%appdata%\zhp\quarantine
%sysdrive%\winnt\autokms
%profile%\desktop
%sysdrive%\windows.old\windows\autokms
%profile%\pycharmprojects\pefile
%sysdrive%\autokms
%windir%
%appdata%\zhp
%sysdrive%\windows.old\windows

File Names:

AutoKMS.exe
autokms.exe
2375A3B7F1D04412E4C2BDE87CD11BDA7DC6380F.exe

Geography:

21.4%
14.7%
7.6%
7.6%
5.2%
4.3%
3.8%
3.2%
2.4%
2.0%
1.7%
1.5%
1.1%
1.0%
0.9%
0.9%
0.9%
0.8%
0.8%
0.8%
0.8%
0.8%
0.8%
0.7%
0.7%
0.7%
0.6%
0.6%
0.6%
0.6%
0.6%
0.5%
0.5%
0.5%
0.5%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 7 71.2%
Windows 10 19.2%
Windows 8.1 6.8%
Windows 8 1.4%
Windows XP 0.9%
Windows Vista 0.3%
Windows Server 2008 R2 0.2%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0017c1de

.NET Info:

MVID: 07b2ea71-1ff1-4fa3-842a-51406a79d1df

PE Sections:

Name Size of data MD5
.text 1548800 823a28d4605e596ee202fde6d1e53160
.rsrc 373760 5e622c2a37598e6b8fa0794812a0c741
.reloc 512 dad809f2fa16f644953ce2b2463e2269

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for autokms.exe
copyright for information about autokms.exe