Is this a virus?

Hi
I need some advice.
Every time I start my PC I get this notification: "Threat Found - action needed".
And very time I have to remove it.
Is it dangerous? If yes, how can I remove that 'Patcher.exe?
Thanks

Most antivirus programs identify AutoKMS.exe as malware—such as Microsoft identifies it as HackTool:Win32/Keygen or HackTool:Win32/Vigorf.A, and Symantec identifies it as Trojan.Gen.

Open the Command Prompt by typing cmd.exe into Start Menu, right-click on Cmd.exe, and open it as an administrator.

Execute below command to delete SppExtComObjPatcher.exe file.

Code:

Del  C:\Windows\System32\SppExtComObjPatcher.exe

The fact you have it on your PC suggest you have a pirated copy of Windows or office as there is no other reason to have the file and deleting it you may find you system isn't activated

Hi folks

question reminds me of "I've a 7 inch black disc with a hole in the middle --- is this a record "

auto/kms is AFAIK only used for activating pirate copies of Ms software -- if you purchased the software and you were told to use this then report seller to Microsoft (and also if you got it from Amazon etc report that as well).

As a previous poster said there's 100% NO REASON WHATSOVER to have this on a computer.

Cheers
jimbo

As everyone else has said, there's no reason to have 'AutoKMS' installed unless Microsoft software has been pirated in order to avoid genuine activation. Usually the offending software is Microsoft Office. If you take away Auto from KMS you are left with KMS (duh) which stands for Key Management Server. This is the method that many organisations that have hundreds perhaps even thousands of computers on their network use for activation of software, like Microsoft Office, by setting us a KMS. It works as a convenient centralised hub for authenticating software as genuine and then allowing to run in full feature mode on many computers at once with very little middle man work required. The software activates itself against the KMS for a period of 180 days. After the 180 days the software will again seek to activate itself against the KMS. This saves the laborious sysadmin role of going around manually activating every version of Microsoft Office.

When it comes down to everyday use from an everyday user perspective the same method is available, and Microsoft offer it as a means to reduce the pain of this manual activation. And this is where software pirates have capitalised for a long time. They exploit this process by running Microsoft software against an emulated genuine key management server. So basically Microsoft Office thinks it's being genuinely activated by a genuine KMS. Viola - free software.

The bad news is that if you got your computer through a computer repair/sales shop they have essentially ripped you off. They have cracked the genuine activation process of Microsoft products while offering you paid services that otherwise should include the necessary stuff you pay for when you pay such a shop to do their job. Shops have to buy licenses for products just like everybody else and they charge for this. If you bought your machine off the internet or anywhere else, the same principles still apply. If you paid directly/indirectly for the software on your computer I'm sorry to say but it's likely you've been ripped off.

As for the threat 'AutoKMS' poses, there is a negligible one. This might be controversial to say but in reality many people run pirated software for years and never are the threat detection notifications indicative of an actual threat. This is because by and large, like drugs on the black market, if you shop around you will get what you pay for/want. It's the same with pirated software. If you go down the wrong street (website) and get some dodgy stuff then of course you'll probably end up with a virus. Antivirus/malware/etc software usually picks this stuff up on behalf of the companies that offer genuine products to counter what is illegal activity in digital piracy. The threats themselves are very minimal because the guys who reverge engineer software and develop keygens, cracks etc do not do it in order to go after their target audience; people who want stuff for free. They do it in order to stick a middle finger up at the big fish who make billions each year. There has been a lot of debate pretty much since computers became personal and affordable as to whether software should be free or not. But this is a debate for another day. Either way, the seemingly bad guys behind the scenes making free software possible are not looking to hack computers or screw over the end user. Not most of them anyway. They are like anarchists rebelling against the system. Actually much of the reverge engineering knowledge known today that evolved into modern digital priacy stems from the original scenes/movements whereby extremely gifted and knowledgeable academics and researchers broke things deliberately in order to see how they worked. And consequently found ways to get beyond activation processes, generating genuine serial numbers en masse, disabling security protocols etc.

That being said, is it possible you get a compromised crack/keygen/pirated activation software? Absolutely. The very nature of these things work by manipulating your system into obtaining the desired effect; free software. So they ARE a threat in that by their very nature they do things that the system is not supposed to do. In the process it is very easy to throw in a few more spanners and for example backdoor these things, especially if whatever you use to pirate stuff remains on the computer and is not deleted after use, like a keygen for example, which is one and done, you use it and then delete it and it's gone. A crack on the other hand could be laden with a keylogger, a trojan, some sort of personal data exfil technique etc. But that's IF it's a dodgy one. Like mentioned above, despite what AV detections say, the threats are actually more geared towards the damage done to the companies who make the software, and not the person with the piracy tools on their computer.

So the threat will probably be minimal. But this doesn't make digital piracy acceptable. Nor does it make getting ripped off if you bought a machine and paid for software like Microsoft Office only to find out it's pirated acceptable either.

What do you do? It depends on your circumstances. You can report the guys you bought your computer from. Or you can have words with your friend who reckoned to fix your computer and put new software on it for you. Either way you will have to wipe Office from your system and then reinstall it and genuinely activate it.

FreeBooter said:

Most antivirus programs identify AutoKMS.exe as malware—such as Microsoft identifies it as HackTool:Win32/Keygen or HackTool:Win32/Vigorf.A, and Symantec identifies it as Trojan.Gen.

Open the Command Prompt by typing cmd.exe into Start Menu, right-click on Cmd.exe, and open it as an administrator.

Execute below command to delete SppExtComObjPatcher.exe file.

Code:

Del  C:\Windows\System32\SppExtComObjPatcher.exe

Samuria said:

The fact you have it on your PC suggest you have a pirated copy of Windows or office as there is no other reason to have the file and deleting it you may find you system isn't activated

swarfega said:

You can scan it with TotalVirus and see what the majority say.

jimbo45 said:

Hi folks

question reminds me of "I've a 7 inch black disc with a hole in the middle --- is this a record "

auto/kms is AFAIK only used for activating pirate copies of Ms software -- if you purchased the software and you were told to use this then report seller to Microsoft (and also if you got it from Amazon etc report that as well).

As a previous poster said there's 100% NO REASON WHATSOVER to have this on a computer.

Cheers
jimbo

supermammalego said:

As everyone else has said, there's no reason to have 'AutoKMS' installed unless Microsoft software has been pirated in order to avoid genuine activation. Usually the offending software is Microsoft Office. If you take away Auto from KMS you are left with KMS (duh) which stands for Key Management Server. This is the method that many organisations that have hundreds perhaps even thousands of computers on their network use for activation of software, like Microsoft Office, by setting us a KMS. It works as a convenient centralised hub for authenticating software as genuine and then allowing to run in full feature mode on many computers at once with very little middle man work required. The software activates itself against the KMS for a period of 180 days. After the 180 days the software will again seek to activate itself against the KMS. This saves the laborious sysadmin role of going around manually activating every version of Microsoft Office.

When it comes down to everyday use from an everyday user perspective the same method is available, and Microsoft offer it as a means to reduce the pain of this manual activation. And this is where software pirates have capitalised for a long time. They exploit this process by running Microsoft software against an emulated genuine key management server. So basically Microsoft Office thinks it's being genuinely activated by a genuine KMS. Viola - free software.

The bad news is that if you got your computer through a computer repair/sales shop they have essentially ripped you off. They have cracked the genuine activation process of Microsoft products while offering you paid services that otherwise should include the necessary stuff you pay for when you pay such a shop to do their job. Shops have to buy licenses for products just like everybody else and they charge for this. If you bought your machine off the internet or anywhere else, the same principles still apply. If you paid directly/indirectly for the software on your computer I'm sorry to say but it's likely you've been ripped off.

As for the threat 'AutoKMS' poses, there is a negligible one. This might be controversial to say but in reality many people run pirated software for years and never are the threat detection notifications indicative of an actual threat. This is because by and large, like drugs on the black market, if you shop around you will get what you pay for/want. It's the same with pirated software. If you go down the wrong street (website) and get some dodgy stuff then of course you'll probably end up with a virus. Antivirus/malware/etc software usually picks this stuff up on behalf of the companies that offer genuine products to counter what is illegal activity in digital piracy. The threats themselves are very minimal because the guys who reverge engineer software and develop keygens, cracks etc do not do it in order to go after their target audience; people who want stuff for free. They do it in order to stick a middle finger up at the big fish who make billions each year. There has been a lot of debate pretty much since computers became personal and affordable as to whether software should be free or not. But this is a debate for another day. Either way, the seemingly bad guys behind the scenes making free software possible are not looking to hack computers or screw over the end user. Not most of them anyway. They are like anarchists rebelling against the system. Actually much of the reverge engineering knowledge known today that evolved into modern digital priacy stems from the original scenes/movements whereby extremely gifted and knowledgeable academics and researchers broke things deliberately in order to see how they worked. And consequently found ways to get beyond activation processes, generating genuine serial numbers en masse, disabling security protocols etc.

That being said, is it possible you get a compromised crack/keygen/pirated activation software? Absolutely. The very nature of these things work by manipulating your system into obtaining the desired effect; free software. So they ARE a threat in that by their very nature they do things that the system is not supposed to do. In the process it is very easy to throw in a few more spanners and for example backdoor these things, especially if whatever you use to pirate stuff remains on the computer and is not deleted after use, like a keygen for example, which is one and done, you use it and then delete it and it's gone. A crack on the other hand could be laden with a keylogger, a trojan, some sort of personal data exfil technique etc. But that's IF it's a dodgy one. Like mentioned above, despite what AV detections say, the threats are actually more geared towards the damage done to the companies who make the software, and not the person with the piracy tools on their computer.

So the threat will probably be minimal. But this doesn't make digital piracy acceptable. Nor does it make getting ripped off if you bought a machine and paid for software like Microsoft Office only to find out it's pirated acceptable either.

What do you do? It depends on your circumstances. You can report the guys you bought your computer from. Or you can have words with your friend who reckoned to fix your computer and put new software on it for you. Either way you will have to wipe Office from your system and then reinstall it and genuinely activate it.

Thank you everybody for the information.