Should I block it?

98%

Yes, 98% block recommendation.

Possible reason:

Multiple malware detections

Additional versions

2.5.0.0	1.27%
2.5.0.0	1.27%
2.4.9.0	3.80%
2.4.7.0	1.27%
2.4.3.0	13.92%
2.2.2.0	34.18%
2.2.0.0	1.27%
2.1.6.0	8.86%
2.1.5.0	1.27%
2.1.3.0	3.80%
2.0.0.0	2.53%
2.0.0.0	20.25%
2.0.0.0	6.33%

AutoKMS.exe

AutoKMS

Remove AutoKMS.exe

Version:	2.2.0.0
MD5:	49bb8d0b9e079745aa18becb7f36feaf
SHA1:	2e21725796379cdc73f5666f4d910fc343d7c6db
SHA256:	3a0c739410004a77338a64823bfe59f8f9cdd83db80a0243336edcb569a1aef7

Warning 31 antivirus scanners has detected malware.

Overview

autokms.exe is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). The assembly utilizes the .NET run-time framework (which is required to be installed on the PC).

Details

File name:	autokms.exe
Product name:	AutoKMS
Typical file path:	C:\windows\autokms\autokms.exe
File version:	2.2.0.0
Size:	1.83 MB (1,924,096 bytes)
Digital DNA
File packed:	No
Code language:	Microsoft Visual C# / Basic .NET
.NET CLR:	Yes
.NET NGENed:	No

More details

Behaviors

Scheduled tasks

The job 'AutoKMSCustom' runs daily in the path '\AutoKMSCustom'
The task 'AutoKMSDaily' runs daily in the path '\AutoKMSDaily'
The job 'AutoKMS' runs daily in the path '\AutoKMS'
Entry path '\AutoKMSDaily'
Entry path '\AutoKMS'
Entry path 'C:\WINDOWS\Tasks\AutoKMS.job'

Startup files (all users) run

Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'AutoKMS' → C:\WINDOWS\AutoKMS.exe

Scheduled tasks startups

Set to load on user login (bypasses Windows UAC if enabled)

Malware detections

Based on 40+ industry antivirus scanners, 31 of them detected the following malware.

Antivirus engine	Engine version	Detection
Agnitum	5.5.1.3	Trojan.DR.Agent!LrNEZV2Q4uQ
AhnLab V3 Internet Security	2013.07.10	Trojan/Win32.Gen
Avira AntiVir	7.11.89.160	TR/Dropper.Gen
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	2014.0.3629	Dropper.Generic4.NFC
BitDefender	7.2	Trojan.Generic.6325903
CAT Quick Heal	7.13.12.00	Trojan.Meredrop
Commtouch	5.4.1.7	W32/Trojan.WNVD-6506
Comodo Internet Security	16572	UnclassifiedMalware
Dr.Web	8.13.7.11	Trojan.Inject1.6910
Emsisoft Anti-Malware	3.0.0.583	Trojan.Generic.6325903 (B)
eSafe	7.0.17.0	Win32.TRDropper
ESET NOD32	7.8547	a variant of Win32/HackKMS.B
F-Secure	11.0.19100.45	Trojan.Generic.6325903
G Data	13.7.22	Trojan.Generic.6325903
Ikarus	T3.1.4.3.0	possible-Threat.Tool.Keygen
K7 AntiVirus	9.170.8983	Riskware
K7GW	12.7.0.12	Riskware
McAfee	5.400.1158	Artemis!49BB8D0B9E07
McAfee Gateway Anti-Malware	v2013-dat	Artemis!49BB8D0B9E07
Microsoft Security Essentials	1.9607.0	HackTool:Win32/Keygen
NANO AntiVirus	0.24.0.53443	Trojan.Win32.MLW.dzbvf
Norman	7.01.04	Suspicious_Gen2.PSYEM
Panda Antivirus	10.0.3.5	Generic Trojan
PC Tools	9.0.0.2	Trojan.Gen
Rising Antivirus	24.70.00.04	Trojan.Win32.Generic.129A33EC
Sophos	4.90.0	Generic PUA CO
Symantec	20131.1.0.101	Trojan.Gen
Trend Micro	9.740.0.1012	CRCK_ACTIVATE
Trend Micro HouseCall	9.700.0.1001	CRCK_ACTIVATE
VIPRE Antivirus	19442	Trojan.Win32.Meredrop

Distribution by Windows OS

OS version	distribution
Windows 7 Ultimate	32.91%
Windows 7 Home Premium	16.46%
Windows 8	7.59%
Windows 7 Professional	7.59%
Windows 8 Pro	7.59%
Windows 8.1	5.06%
Windows 8.1 Pro with Media Center	3.80%
Windows 8.1 Single Language	2.53%
Windows 8 Enterprise N	2.53%
Microsoft Windows XP	2.53%
Windows 7 Enterprise	2.53%
Windows 7 Starter	2.53%
Windows 8 Enterprise	2.53%
Windows 8.1 Pro	1.27%
Windows 8.1 Pro Preview with Media Center	1.27%
Windows 7 Home Basic	1.27%

Distribution by country

United States installs about 11.39% of AutoKMS.

Distribution by PC manufacturer

PC Manufacturer	distribution
Lenovo	33.71%
ASUS	15.73%
Toshiba	13.48%
Acer	8.99%
Hewlett-Packard	7.87%
Intel	4.49%
Dell	4.49%
GIGABYTE	4.49%
American Megatrends	3.37%
Samsung	3.37%

Remove Adware and Spyware Programs, FREE Download!