Is Chrome Browser/ Computer compromised by KMSPico?

Information Security Asked by waterbyte on December 27, 2020

I recently installed a new windows key for my friend.
He was using a hack program previously, known as Auto KMS. So after new keys installation, I used Windows defender to remove AutoKMS program. The defender found the kms program in


which I think the hack program needed for bypassing windows licensing. However, the Auto KMS program was also present in below location which is a private directory for Google chrome.

windows defender notification

  1. Why would a hack program to bypass windows licensing be present in Google Chrome’s user data folder?
  2. Was this hack program also spying on Chrome history, cookies and stuff like banking websites?
    How does this even work, Can a trojan program copy its payload in data files of chrome and chrome unknowingly loads it in memory?
  3. Even though we have scanned full pc with windows defender and did an offline scan, should we be wary that the virus/trojan is still present?

The Auto KMS program was also present in the exclusion list of Windows defender. I removed it before scanning the whole computer.

Add your own answers!

Related Questions

Diffie Hellman c# implementation

2  Asked on January 2, 2022 by roger-far


How to know if an RFI/LFI attack was successful?

2  Asked on December 31, 2021 by user226295


Suricata and rules based on MAC address

1  Asked on December 28, 2021 by loi219


Signing CSR using an ECC keypair

2  Asked on December 28, 2021


How to identify IP from a UDP-based DoS

4  Asked on December 26, 2021 by nihas


PostgreSQL injection with basic sanitization

1  Asked on December 26, 2021 by asker-asky


Ask a Question

Get help from others!

© 2023 All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP