How to remove $RMYNGF4.exe

» File
File Details
Overview
Analysis

$RMYNGF4.exe

The module $RMYNGF4.exe has been detected as PUP.HackKMS

Remove $RMYNGF4.exe

File Details

Main Info:

Product Name:	KMSAuto Lite
Company Name:	Ratiborus, MSFree Inc.
MD5:	4fb4caecab9b7c3fae2affae8dd38409
Size:	5 MB
First Published:	2017-05-21 07:08:24 (8 years ago)
Latest Published:	2022-08-02 23:23:31 (3 years ago)

Analysis:

Status:	PUP.HackKMS (on last analysis)
Analysis Date:	2022-08-02 23:23:31 (3 years ago)

Common Places:

%sysdrive%\windows

%profile%\downloads\compressed\kmsauto lite portable test4

%desktop%\microsoft office 2016 professional plus 16.0.6366.2025 + crack\crack\kmsauto 2.8

%profile%\downloads\compressed\microsoft office professional plus 2016 final vl 64bit\microsoft office professional plus 2016 final vl 64bit\kmsauto lite portable-husaintricks.com

%profile%\downloads\microsoft office 2016 professional plus + ativador - www.dtorrent.com.br\ativador

%programfiles%\microsoft office\root\crack

%programfiles%\microsoft office\office16

%profile%\downloads\microsoft office 2016 professional plus 16.0.6366.2025 + crack\crack\kmsauto 2.8

%programfiles%\microsoft office

%sysdrive%\$recycle.bin\s-1-5-21-3504510149-547488387-2033739256-1001

File Names:

KMSAuto.exe

$RMYNGF4.exe

KMSAutoLite.exe

office 2016 orjinal yapma.exe

$R3UTQ53.exe

TmpF712.tmp

TmpCC06.tmp

KMSAut222o.exe

KMSAutoNet.exe

e8e3ba21-7ffd-4c01-a7c6-cfa187ca9161.tmp

$R1NFQZT.exe

KMSAuto

Geography:

	28.1%
	14.0%
	7.3%
	6.5%
	4.8%
	3.8%
	3.4%
	2.6%
	2.6%
	2.5%
	1.9%
	1.9%
	1.4%
	1.4%
	1.2%
	1.2%
	1.0%
	0.9%
	0.8%
	0.7%
	0.7%
	0.7%
	0.6%
	0.6%
	0.5%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 10	69.1%
Windows 7	23.2%
Windows 8.1	6.7%
Windows Server 2008 R2	0.4%
Windows 8	0.3%
Windows Vista	0.2%
Windows Server 2012 R2	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00001000

PE Sections:

Name	Size of data	MD5
.code	103936	9d32d983c6ed84bbb0d56a9a9da80b30
.text	307200	536c2dec49ba6c8f9dac97d3ba50b6eb
.rdata	35840	72679c95f19163a0118d222b12234a57
.data	5672448	0bf905855e532632d4c65ec49fe6fc75
.rsrc	45568	f27017dac37e311dfd5f26f93a671eda

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RMYNGF4.exe

copyright for information about $RMYNGF4.exe

How to remove $RMYNGF4.exe

$RMYNGF4.exe

The module $RMYNGF4.exe has been detected as PUP.HackKMS

File Details

Main Info:

KMSAuto Lite

Ratiborus, MSFree Inc.

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: