How to remove KMSELDI.exe

KMSELDI.exe

The module KMSELDI.exe has been detected as Hack.KMS

KMSELDI.exe
Remove KMSELDI.exe

File Details

Product Name:

KMS GUI ELDI
Company Name:

@ByELDI
MD5: 799655f25ffc60954df76651a93fa9d5
Size: 1 MB
First Published: 2017-05-21 19:00:57 (7 years ago)
Latest Published: 2020-12-09 19:57:34 (4 years ago)
Status: Hack.KMS (on last analysis)
Analysis Date: 2020-12-09 19:57:34 (4 years ago)

Common Places:

%programfiles%\kmsnano
%programfiles%\microsoft office\kmsnano
%programfiles%
%temp%
%sysdrive%\zaza-pc\backup set 2018-03-19 142120\backup files 2018-03-19 142120\backup files 4.zip\c\program files
%sysdrive%\downloads\kmsnano 25
%programfiles%
%programfiles%
%programfiles%
%programfiles%

Geography:

39.6%
19.8%
10.4%
4.2%
3.1%
3.1%
2.1%
2.1%
2.1%
2.1%
2.1%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%

OS Version:

Windows 7 50.5%
Windows 10 34.0%
Windows 8 7.2%
Windows 8.1 5.2%
Windows XP 2.1%
Windows Vista 1.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x000da10e

.NET Info:

MVID: 764b3ae4-39d3-4786-a564-0b10491cca70
Typelib ID: 863d9135-9365-4bee-95bf-0d83ded34d9f

PE Sections:

Name Size of data MD5
.text 885248 1b7d42a49a03250f86b88673e7ebc4f9
.sdata 512 9800b92747995bd5d887adcc697a998e
.rsrc 374272 9cac35926c07459b75f22ad5806101e4
.reloc 512 76eb8fd496117a4c68cc0cea460ede23

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for KMSELDI.exe
copyright for information about KMSELDI.exe