How to remove #MSELDI_000.EXE

#MSELDI_000.EXE

The module #MSELDI_000.EXE has been detected as Crack.AutoKMS

#MSELDI_000.EXE
Remove #MSELDI_000.EXE

File Details

Product Name:

KMS GUI ELDI
Company Name:

@ByELDI
MD5: ea4137f439c07464c8094c90fce47084
Size: 903 KB
First Published: 2017-05-21 23:06:54 (8 years ago)
Latest Published: 2025-08-13 23:00:57 (2 months ago)
Status: Crack.AutoKMS (on last analysis)
Analysis Date: 2025-08-13 23:00:57 (2 months ago)

Overview

Signed By: @ByELDI
Status: Valid

Common Places:

%programfiles%\kmspico
%sysdrive%\kmspico
%appdata%\zhp\quarantine\kmspico
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$rdw6vyf\kmspico 10.1.8 portable
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$rqr1qwz\kmspico 10.1.8 portable
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$r0yoaij\kmspico 10.1.8 portable
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$rhdsubj\kmspico 10.1.8 portable\kmspico 10.1.8 portable
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$rr0mmmj.rar\kmspico 10.1.8 portable\kmspico 10.1.8 portable
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$r35oc8a.rar\kmspico 10.1.8 portable\kmspico 10.1.8 portable
%sysdrive%\$recycle.bin\s-1-5-21-977091263-3761003994-473994326-1000\$rtuym4f.rar\kmspico 10.1.8 portable\kmspico 10.1.8 portable

File Names:

KMSELDI.exe
#MSELDI_000.EXE
#MSELDI.EXE
Winact.exe
KmsP.exe
$RN57IU7.exe
$R5BDJV6.exe
kmseldi.exe
KMSELDI (1).exe
gKMSELDI.exe
KMSELDI.EXE
KMSELDI_IObitDel.exe

Geography:

10.7%
6.6%
4.5%
4.4%
3.9%
3.7%
3.6%
3.1%
2.6%
2.5%
2.4%
2.3%
2.3%
2.2%
2.0%
1.9%
1.9%
1.8%
1.7%
1.7%
1.5%
1.2%
1.2%
1.2%
1.2%
1.2%
1.2%
1.1%
1.1%
1.1%
1.0%
1.0%
0.9%
0.9%
0.8%
0.7%
0.7%
0.7%
0.7%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.5%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.4%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%
0.1%

OS Version:

Windows 10 76.7%
Windows 7 16.5%
Windows 8.1 5.1%
Windows 8 0.7%
Windows Server 2012 R2 0.4%
Windows XP 0.2%
Windows Server 2008 R2 0.2%
Windows Vista 0.1%
Windows Embedded 8.1 0.1%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000dd72e

.NET Info:

MVID: cf73b3da-bd53-4695-8bf0-16ecbc0b0c87

PE Sections:

Name Size of data MD5
.text 899072 db240fffacb13d31d5fc2e1819eca22f
.rsrc 20992 9445cee9a79429fd9646bd2e5c83792b
.reloc 512 f6435b8247b785a75cf6a86f2be4813f

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for #MSELDI_000.EXE
copyright for information about #MSELDI_000.EXE