How to remove service_kms.exe

service_kms.exe

The module service_kms.exe has been detected as Crack.AutoKMS

service_kms.exe
Remove service_kms.exe

File Details

Product Name:

Service_KMS
Company Name:

@ByELDI
MD5: a77a55875182bac02bde466441efdff3
Size: 720 KB
First Published: 2017-05-22 03:01:11 (8 years ago)
Latest Published: 2025-10-07 23:01:26 (a month ago)
Status: Crack.AutoKMS (on last analysis)
Analysis Date: 2025-10-07 23:01:26 (a month ago)

Overview

Signed By: @ByELDI
Status: Valid

Common Places:

%programfiles%\kmspico
%programfiles%\activation windows 10 office
%programfiles%\kmspico2016
%appdata%\zhp\quarantine
%programfiles%\office16\kmspico
%sysdrive%\kmspico
%sysdrive%\windows.old.000\program files\kmspico
%programfiles%
%sysdrive%
%sysdrive%\vtroot\harddiskvolume2\program files

File Names:

Service_KMS.exe
service_kms.exe
Service_KMS_IObitDel.exe

Geography:

29.2%
8.8%
6.0%
5.6%
4.7%
3.7%
2.8%
2.5%
2.5%
2.2%
2.2%
1.8%
1.7%
1.3%
1.2%
1.2%
1.1%
1.1%
1.0%
1.0%
1.0%
0.9%
0.9%
0.9%
0.7%
0.7%
0.6%
0.6%
0.6%
0.5%
0.4%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 10 58.6%
Windows 7 32.4%
Windows 8.1 7.1%
Windows 8 0.8%
Windows Server 2012 R2 0.6%
Windows Server 2012 0.2%
Windows Server 2008 R2 0.2%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000b3cce

.NET Info:

MVID: ed20c009-e620-49d6-aff6-ca5d50da775d

PE Sections:

Name Size of data MD5
.text 728576 df8587ebd2334c73369ba0b594464da2
.rsrc 4096 e4f05b6c5c2a5ea7355e114baf6e5645
.reloc 512 010ad05d0860fee5c27be419c8909a43

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for service_kms.exe
copyright for information about service_kms.exe