We Recommend: You Boost your PC today

VersionsVersions

2.4.3.0 2.63%
2.2.2.0 55.26%
2.2.0.0 2.63%
2.1.6.0 7.89%
2.1.5.0 2.63%
2.1.3.0 7.89%
2.0.0.0 2.63%
2.0.0.0 18.42%

AutoKMS.exe

AutoKMS

Warning 171 antivirus scanners has detected malware in various versions of AutoKMS.exe.

Overview

autokms.exe has 8 known versions, the most recent one is 2.4.3.0. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. In order execute the program with adminsitrator rights and prevent a UAC prompt, the program will add a job to the Windows Task Scheduler that will automtaiclaly start it when a user logs on. The average file size is about 1.27 MB. This is a .NET Common Language Runtime (CLR) assembly.

DetailsDetails

File name:autokms.exe
Product name:AutoKMS
Typical file path:C:\windows\autokms\autokms.exe

BehaviorsBehaviors

(Note, the behaviors below are for all versions of autokms.exe, select a unique version for details.)
Scheduled tasks
  • The task 'AutoKMSDaily' runs in the path '\AutoKMSDaily'
  • The job 'AutoKMS' runs daily in the path '\AutoKMS'
  • Entry path '\AutoKMSDaily'
  • Entry path '\AutoKMS'
  • Entry path 'C:\WINDOWS\Tasks\AutoKMS.job'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\AutoKMS'
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'AutoKMS' → C:\WINDOWS\AutoKMS.exe

MalwareMalware detections

Based on 40+ industry antivirus scanners, 171 of them detected the following malware.
Antivirus engineEngine versionDetectionFile version
Agnitum 5.5.1.3 Trojan.Meredrop!Fzg3EZJAohU 2.1.3.0
Agnitum 5.5.1.3 Trojan.Meredrop!FRcm9CKzHag 2.1.5.0
Agnitum 5.5.1.3 Trojan.DR.Agent!vUMtdLQQGW8 2.2.2.0
Agnitum 5.5.1.3 Trojan.Gendal!1f/JuUgpm9g 2.1.6.0
Agnitum 5.5.1.3 Trojan.Meredrop!pMjFc1ZBsZw 2.0.0.0
Agnitum 5.5.1.3 Trojan.DR.Agent!LrNEZV2Q4uQ 2.2.0.0
Agnitum 5.5.1.3 Trojan.Meredrop!b2VmcmZh45I 2.0.0.0
AhnLab V3 Internet Security 2013.04.04.04 Trojan/Win32.Gen 2.1.5.0
AhnLab V3 Internet Security 2013.07.10.00 Trojan/Win32.Gen 2.2.0.0
AhnLab V3 Internet Security 2013.07.05.00 Win-AppCare/Hacktool.647168.B 2.0.0.0
Avira AntiVir 7.11.70.32 TR/Meredrop.A.10879 2.1.5.0
Avira AntiVir 7.11.72.208 TR/Dropper.Gen 2.2.2.0
Avira AntiVir 7.11.73.120 TR/Meredrop.A.8924 2.0.0.0
Avira AntiVir 7.11.89.160 TR/Dropper.Gen 2.2.0.0
Avira AntiVir 7.11.88.224 SPR/Tool.Keygen.BI.38 2.0.0.0
Antiy Labs AVL 2.0.3.7 Trojan/win32.agent.gen 2.1.3.0
Antiy Labs AVL 2.0.3.7 Trojan/Win32.Pakes.gen 2.2.2.0
avast! 6.0.1289.0 Win32:PUP-gen [PUP] 2.1.3.0
avast! 6.0.1289.0 Win32:PUP-gen [PUP] 2.2.2.0
avast! 6.0.1289.0 Win32:PUP-gen [PUP] 2.0.0.0
avast! 8.0.1489.320 Win32:PUP-gen [PUP] 2.2.0.0
avast! 8.0.1489.320 Win32:PUP-gen [PUP] 2.0.0.0
AVG 10.0.0.1190 Generic22.GWB 2.1.3.0
AVG 10.0.0.1190 Generic23.BLCV 2.1.5.0
AVG 10.0.0.1190 HackTool.TEO 2.2.2.0
AVG 10.0.0.1190 Generic23.CYP 2.1.6.0
AVG 10.0.0.1190 Generic19.AVDB 2.0.0.0
AVG 10.0.0.1190 Dropper.Generic4.NFC 2.2.0.0
AVG 10.0.0.1190 Generic20.AIOK 2.0.0.0
BitDefender 7.2 Trojan.Generic.5963867 2.1.3.0
BitDefender 7.2 Application.Keygen.BY 2.0.0.0
BitDefender 7.2 Trojan.Generic.6325903 2.2.0.0
CAT Quick Heal 12.00 Trojan.Meredrop 2.1.5.0
CAT Quick Heal 12.00 Trojan.Meredrop 2.2.0.0
Commtouch 5.4.1.7 W32/Trojan.HIML-8905 2.1.3.0
Commtouch 5.4.1.7 W32/Trojan.PUGW-4060 2.1.5.0
Commtouch 5.4.1.7 W32/Trojan.IOLG-8678 2.2.2.0
Commtouch 5.4.1.7 W32/Trojan.XSZZ-7616 2.1.6.0
Commtouch 5.4.1.7 W32/Risk.IALF-3386 2.0.0.0
Commtouch 5.4.1.7 W32/Trojan.WNVD-6506 2.2.0.0
Commtouch 5.4.1.7 W32/Risk.SRKH-7905 2.0.0.0
Comodo Internet Security 15736 UnclassifiedMalware 2.1.3.0
Comodo Internet Security 15806 UnclassifiedMalware 2.1.5.0
Comodo Internet Security 15943 UnclassifiedMalware 2.2.2.0
Comodo Internet Security 15875 UnclassifiedMalware 2.1.6.0
Comodo Internet Security 15977 UnclassifiedMalware 2.0.0.0
Comodo Internet Security 16572 UnclassifiedMalware 2.2.0.0
Comodo Internet Security 16548 UnclassifiedMalware 2.0.0.0
Dr.Web Trojan.Inject1.6910 2.2.0.0
Emsisoft Anti-Malware 3.0.0.575 Trojan.Generic.5963867 (B) 2.1.3.0
Emsisoft Anti-Malware 3.0.0.575 Application.Keygen.BY (B) 2.0.0.0
Emsisoft Anti-Malware 3.0.0.583 Trojan.Generic.6325903 (B) 2.2.0.0
eSafe 7.0.17.0 Win32.SPRTool.Keygen 2.1.3.0
eSafe 7.0.17.0 Win32.Trojan 2.1.5.0
eSafe 7.0.17.0 Win32.TRDropper 2.2.2.0
eSafe 7.0.17.0 Win32.Trojan 2.1.6.0
eSafe 7.0.17.0 Win32.TRDropper 2.2.0.0
eSafe 7.0.17.0 Win32.Trojan 2.0.0.0
ESET NOD32 8172 a variant of Win32/HackKMS.B 2.1.3.0
ESET NOD32 8193 a variant of Win32/HackKMS.B 2.1.5.0
ESET NOD32 8231 a variant of Win32/HackKMS.B 2.2.2.0
ESET NOD32 8211 a variant of Win32/HackKMS.B 2.1.6.0
ESET NOD32 8243 Win32/HackKMS.A 2.0.0.0
ESET NOD32 8547 a variant of Win32/HackKMS.B 2.2.0.0
ESET NOD32 8529 a variant of Win32/HackKMS.B 2.0.0.0
Fortinet 5.0.43.0 W32/SPNR.1CJI11!tr 2.1.3.0
Fortinet 5.0.43.0 W32/Malware_fam.NB 2.1.5.0
Fortinet 5.0.43.0 W32/CrackOffice.0A24!tr 2.2.2.0
Fortinet 5.0.43.0 W32/Dx.UQG!tr 2.0.0.0
Fortinet 5.1.146.0 W32/Dropper.DGT!tr 2.0.0.0
F-Prot 4.7.1.166 W32/MalwareF.OISJ 2.0.0.0
F-Prot 4.7.1.166 W32/MalwareF.TCON 2.0.0.0
F-Secure 11.0.19020.35 Trojan.Generic.5963867 2.1.3.0
F-Secure 11.0.19020.35 Application.Keygen.BY 2.0.0.0
F-Secure 11.0.19100.45 Trojan.Generic.6325903 2.2.0.0
G Data 22 Trojan.Generic.5963867 2.1.3.0
G Data 22 Application.Keygen.BY 2.0.0.0
G Data 22 Trojan.Generic.6325903 2.2.0.0
Ikarus T3.1.4.0.0 not-a-virus.Actiavtion.KMS 2.1.3.0
Ikarus T3.1.4.0.0 possible-Threat.Tool.Keygen 2.1.5.0
Ikarus T3.1.4.0.0 not-a-virus:Activator.MSOffice 2.2.2.0
Ikarus T3.1.4.0.0 not-a-virus.Keygen.KMS 2.1.6.0
Ikarus T3.1.4.0.0 possible-Threat.Patch.KMS 2.0.0.0
Ikarus T3.1.4.3.0 possible-Threat.Tool.Keygen 2.2.0.0
Ikarus T3.1.4.3.0 possible-Threat.ActivationTool.KMS 2.0.0.0
K7 AntiVirus 9.164.8447 Riskware 2.1.3.0
K7 AntiVirus 9.164.8499 Riskware 2.1.6.0
K7 AntiVirus 9.164.8548 Riskware 2.0.0.0
K7 AntiVirus 9.170.8983 Riskware 2.2.0.0
K7 AntiVirus 9.170.8961 Riskware 2.0.0.0
K7GW 12.7.0.8 Riskware 2.0.0.0
K7GW 12.7.0.12 Riskware 2.2.0.0
Kingsoft 2013.4.9.267 Win32.Troj.Generic.a.(kcloud) 2.0.0.0
Malwarebytes 1.70.0.9 Trojan.AutoKMS 2.2.2.0
Malwarebytes 1.70.0.9 Trojan.Agent.H 2.1.6.0
Malwarebytes 1.75.0.1 Riskware.Keygen 2.0.0.0
Malwarebytes 1.75.0.1 Riskware.Keygen 2.0.0.0
McAfee 5.400.0.1158 Generic Dropper!1f3 2.1.3.0
McAfee 5.400.0.1158 Generic Dropper!dvv 2.1.5.0
McAfee 5.400.0.1158 Generic KeyGen 2.2.2.0
McAfee 5.400.0.1158 Generic PUP.z!gp 2.1.6.0
McAfee 5.400.0.1158 Generic.dx!uqg 2.0.0.0
McAfee 5.400.0.1158 Artemis!49BB8D0B9E07 2.2.0.0
McAfee 5.400.0.1158 Crack-Generic 2.0.0.0
McAfee Gateway Anti-Malware 2012.1 Generic Dropper!1f3 2.1.3.0
McAfee Gateway Anti-Malware 2012.1 Generic Dropper!dvv 2.1.5.0
McAfee Gateway Anti-Malware 2012.1 Generic KeyGen 2.2.2.0
McAfee Gateway Anti-Malware 2012.1 Generic PUP.z!gp 2.1.6.0
McAfee Gateway Anti-Malware 2012.1 Generic.dx!uqg 2.0.0.0
McAfee Gateway Anti-Malware 2013 Artemis!49BB8D0B9E07 2.2.0.0
McAfee Gateway Anti-Malware 2013 Crack-Generic 2.0.0.0
Microsoft Security Essentials 1.9302 HackTool:Win32/Keygen 2.1.3.0
Microsoft Security Essentials 1.9302 HackTool:Win32/Keygen 2.1.5.0
Microsoft Security Essentials 1.9302 HackTool:Win32/Keygen 2.1.6.0
Microsoft Security Essentials 1.9402 HackTool:Win32/Keygen 2.0.0.0
Microsoft Security Essentials 1.9607 HackTool:Win32/Keygen 2.2.0.0
Microsoft Security Essentials 1.9607 HackTool:Win32/Keygen 2.0.0.0
eScan by MicroWorld 12.0.250.0 Trojan.Generic.5963867 2.1.3.0
eScan by MicroWorld 12.0.250.0 Application.Keygen.BY 2.0.0.0
NANO AntiVirus 0.24.0.52049 Trojan.Win32.Meredrop.zevmu 2.0.0.0
NANO AntiVirus 0.24.0.53443 Trojan.Win32.MLW.dzbvf 2.2.0.0
Norman 7.00.22 Suspicious_Gen2.MKFVJ 2.1.3.0
Norman 7.00.22 Suspicious_Gen2.NPCVJ 2.1.5.0
Norman 7.00.22 Suspicious_Gen2.PQUNW 2.2.2.0
Norman 7.00.22 Suspicious_Gen2.NOZBW 2.1.6.0
Norman 7.00.22 Suspicious_Gen2.ENOUR 2.0.0.0
Norman 7.01.04 Suspicious_Gen2.PSYEM 2.2.0.0
Norman 7.01.04 Suspicious_Gen2.FMSYS 2.0.0.0
nProtect 2013-03-28.01 Trojan.Generic.5963867 2.1.3.0
Panda Antivirus 10.0.3.5 Generic Malware 2.1.3.0
Panda Antivirus 10.0.3.5 Generic Trojan 2.0.0.0
Panda Antivirus 10.0.3.5 Generic Trojan 2.2.0.0
Panda Antivirus 10.0.3.5 Generic Trojan 2.0.0.0
PC Tools 9.0.0.2 Trojan.Gen 2.1.5.0
PC Tools 9.0.0.2 Trojan.Gen 2.0.0.0
PC Tools 9.0.0.2 Trojan.Gen 2.2.0.0
PC Tools 9.0.0.2 Trojan.Gen 2.0.0.0
Rising Antivirus 24.57.00.04 Trojan.Win32.Generic.12A30279 2.1.6.0
Rising Antivirus 24.70.00.04 Trojan.Win32.Generic.129A33EC 2.2.0.0
Sophos 4.87.0 Mal/Meredrop-B 2.1.3.0
Sophos 4.87.0 Mal/Meredrop-B 2.1.5.0
Sophos 4.87.0 Troj/AutoKMS-A 2.2.2.0
Sophos 4.88.0 Mal/Keygen-N 2.0.0.0
Sophos 4.90.0 Generic PUA CO 2.2.0.0
Sophos 4.90.0 Troj/Keygen-EI 2.0.0.0
Symantec 20121.3.0.76 WS.Reputation.1 2.1.3.0
Symantec 20121.3.0.76 Trojan.Gen 2.1.5.0
Symantec 20121.3.0.76 Trojan.Gen 2.0.0.0
Symantec 20131.1.0.101 Trojan.Gen 2.2.0.0
Symantec 20131.1.0.101 Trojan.Gen.2 2.0.0.0
Trend Micro 9.740.0.1012 TROJ_SPNR.1CJI11 2.1.3.0
Trend Micro 9.740.0.1012 TROJ_SPNR.0BGS11 2.1.5.0
Trend Micro 9.740.0.1012 HKTL_HACKMS 2.2.2.0
Trend Micro 9.740.0.1012 TROJ_SPNR.0BJS11 2.1.6.0
Trend Micro 9.740.0.1012 CRCK_KEYGEN 2.0.0.0
Trend Micro 9.740.0.1012 CRCK_ACTIVATE 2.2.0.0
Trend Micro 9.740.0.1012 TROJ_SPNR.04CI11 2.0.0.0
Trend Micro HouseCall 9.700.0.1001 TROJ_SPNR.1CJI11 2.1.3.0
Trend Micro HouseCall 9.700.0.1001 TROJ_SPNR.0BGS11 2.1.5.0
Trend Micro HouseCall 9.700.0.1001 HKTL_HACKMS 2.2.2.0
Trend Micro HouseCall 9.700.0.1001 TROJ_SPNR.0BJS11 2.1.6.0
Trend Micro HouseCall 9.700.0.1001 CRCK_KEYGEN 2.0.0.0
Trend Micro HouseCall 9.700.0.1001 CRCK_ACTIVATE 2.2.0.0
Trend Micro HouseCall 9.700.0.1001 TROJ_SPNR.04CI11 2.0.0.0
VIPRE Antivirus 16356 Trojan.Win32.Generic!BT 2.1.3.0
VIPRE Antivirus 16550 Trojan.Win32.Generic!BT 2.1.5.0
VIPRE Antivirus 16902 Trojan.Win32.Generic!BT 2.2.2.0
VIPRE Antivirus 16716 Trojan.Win32.Generic!BT 2.1.6.0
VIPRE Antivirus 16986 Trojan.Win32.Generic!BT 2.0.0.0
VIPRE Antivirus 19442 Trojan.Win32.Meredrop 2.2.0.0
VIPRE Antivirus 19310 Trojan.Win32.Generic!BT 2.0.0.0

VersionsAll file variations of autokms.exe

MD5SHA-1File size
d4f602b1f775b5827932d3c5b04a3fd2 8baaf0b8c8bc4f1bbc4e3d1e02b3516805c1690c 3.22 MB
07605abeb10fc533881c91f19decf69a 13ee8c9fce6f74512dcd188cca0655c5ede37612 1.83 MB
49bb8d0b9e079745aa18becb7f36feaf 2e21725796379cdc73f5666f4d910fc343d7c6db 1.83 MB
3cb03c134f7307866b3c52735cdfae76 53d5c81eee1d9397ad6657088a49d72343022203 717 KB
5f8661f8550d9c66073ef49c1bbbaf8b 81f5010e7b4dbd49c66abc46a3ddda996a95f590 714.5 KB
901306b7ca56b1214a88087d224bf145 8ceb9933d8b7da5366012b5b26985e56c37c2523 712 KB
df608bdb810684df278ba5e0c38c8885 66a815e5ebc64c21f961bf031f8d701881603b0d 601.5 KB
e529a1ba814ab5afa5068db7e487b4ba 6faf21e89147e54d02eb3daae1c7149de7361d94 632 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 31.58%
Windows 7 Home Premium 23.68%
Windows 8 Pro 10.53%
Windows 7 Professional 7.89%
Microsoft Windows XP 5.26%
Windows 7 Enterprise 5.26%
Windows 7 Starter 5.26%
Windows 8 Enterprise 5.26%
Windows 8.1 Pro Preview with Media Center 2.63%
Windows 7 Home Basic 2.63%

Distribution by countryDistribution by country

Philippines installs about 10.53% of AutoKMS.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 33.33%
GIGABYTE 16.67%
Samsung 12.50%
Acer 12.50%
Lenovo 8.33%
American Megatrends 8.33%
Hewlett-Packard 8.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE