How to remove vService_KMS.exe
- File Details
- Overview
- Analysis
vService_KMS.exe
The module vService_KMS.exe has been detected as Risk.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
8d0c31d282cc9194791ea850041c6c45 |
| Size: |
728 KB |
| First Published: |
2017-05-21 06:07:22 (8 years ago) |
| Latest Published: |
2025-10-27 23:00:59 (2 weeks ago) |
| Status: |
Risk.Gen (on last analysis) |
|
| Analysis Date: |
2025-10-27 23:00:59 (2 weeks ago) |
Overview
| %programfiles%\kmspico |
| %appdata%\zhp\quarantine |
| %sysdrive%\windows.old\program files\kmspico |
| %sysdrive%\$recycle.bin\s-1-5-21-323884191-2092194048-1028303074-1001\$rqoylgc |
| %programfiles%\activation windows 10 office |
| %sysdrive%\$recycle.bin\s-1-5-21-79499368-3263216357-3996540022-1001\$rbrmtne |
| %programfiles%\kmspico2 |
| %programfiles%\microsoft office\office15\kmspico |
| %sysdrive%\$recycle.bin\s-1-5-21-1767605637-2923467744-1270222273-1001\$r27rwh4 |
| %sysdrive%\kmspico |
| Service_KMS.exe |
| vService_KMS.exe |
| gService_KMS.exe |
| service_kms.exe |
| Service_KMS_IObitDel.exe |
| service_kms.exe.1187.gzquar |
| Service_KMS (2017_01_04 18_17_48 UTC).exe |
| Service_KMS (2017_02_09 13_17_26 UTC).exe |
| Service_KMS.exe.quarantined |
| Service_21.exe |
| SERVICE_KMS.EXE |
|
10.0% |
|
|
8.4% |
|
|
6.8% |
|
|
5.3% |
|
|
4.4% |
|
|
4.3% |
|
|
3.7% |
|
|
3.2% |
|
|
3.1% |
|
|
3.1% |
|
|
2.4% |
|
|
2.2% |
|
|
2.0% |
|
|
2.0% |
|
|
1.8% |
|
|
1.8% |
|
|
1.6% |
|
|
1.5% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.3% |
|
|
1.3% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.9% |
|
|
0.8% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 10 |
67.8% |
|
| Windows 7 |
22.1% |
|
| Windows 8.1 |
7.9% |
|
| Windows 8 |
1.1% |
|
| Windows Server 2012 R2 |
0.5% |
|
| Windows Server 2008 R2 |
0.2% |
|
| Windows XP |
0.1% |
|
| Windows Vista |
0.1% |
|
| Windows Server 2016 |
0.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000b5a2e |
| MVID: |
8dfb19c6-b049-48ff-a1d0-947a2d88e1f0 |
| Name |
Size of data |
MD5 |
| .text |
736256 |
3b352486baf66fa69bdbc12f92b6247a |
| .rsrc |
4096 |
8b84f955244af7ff185516048258e2a6 |
| .reloc |
512 |
2df0818df8e81d33fb34e2a3bfbe57b1 |
