How to remove KMSELDI.exe

» File
File Details
Overview
Analysis

KMSELDI.exe

The module KMSELDI.exe has been detected as Hack.KMS

Remove KMSELDI.exe

File Details

Main Info:

Product Name:	KMS GUI ELDI
MD5:	132e4fd0484610a64d6d9580c331e647
Size:	902 KB
First Published:	2017-05-24 13:09:05 (7 years ago)
Latest Published:	2024-10-15 23:06:53 (4 months ago)

Analysis:

Status:	Hack.KMS (on last analysis)
Analysis Date:	2024-10-15 23:06:53 (4 months ago)

Overview

Digital Signature

Signed By:	ByELDI Certificate
Status:	Valid

Common Places:

%programfiles%\kmspico

%programfiles%

%windir%

%desktop%\memoria\activadores

%desktop%\respaldo memeria\programas\activadores

%desktop%\miguel olmos\nueva carpeta (3)\programas\activadores

%programfiles%

Geography:

	25.9%
	9.5%
	7.5%
	6.1%
	5.4%
	5.4%
	5.4%
	5.4%
	3.4%
	3.4%
	2.7%
	2.0%
	2.0%
	2.0%
	1.4%
	1.4%
	1.4%
	1.4%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%
	0.7%

OS Version:

Windows 7	37.5%
Windows 8.1	31.6%
Windows 10	21.1%
Windows 8	8.6%
Windows Server 2012 R2	0.7%
Windows Embedded 8.1	0.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000dd42e

.NET Info:

MVID:	3593f3df-b4c6-4020-90a3-ca75172795f9
Typelib ID:	863d9135-9365-4bee-95bf-0d83ded34d9f

PE Sections:

Name	Size of data	MD5
.text	898560	9ff196ca3b0eb84f28b919f2f235816a
.sdata	512	0cfddbe7e2bc6fca1198376791fa91f9
.rsrc	20992	2dd347fc7d7b538370c0b94eb8d5975a
.reloc	512	39a616f300f6ed63b9819394116bce24

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSELDI.exe

copyright for information about KMSELDI.exe