How to remove KMSELDI.exe

» File
File Details
Overview
Analysis

KMSELDI.exe

The module KMSELDI.exe has been detected as Hack.KMS

KMSELDI.exe

Remove KMSELDI.exe

File Details

Main Info:

Product Name:	KMS GUI ELDI
MD5:	c41072b170b818b1a3163fa1c404b4f0
Size:	908 KB
First Published:	2017-07-26 18:22:36 (7 years ago)
Latest Published:	2022-03-25 23:32:53 (2 years ago)

Analysis:

Status:	Hack.KMS (on last analysis)
Analysis Date:	2022-03-25 23:32:53 (2 years ago)

Overview

Digital Signature

Signed By:	ByELDI Certificate
Status:	Valid

Common Places:

%programfiles%\kmspico

%programfiles%

%programfiles%

%programfiles%

Geography:

	62.5%
	12.5%
	12.5%
	12.5%

OS Version:

Windows 8.1	66.7%
Windows 7	22.2%
Windows 10	11.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000ded6e

.NET Info:

MVID:

eb9b5553-12a7-4004-901b-83db9d49ce8e

PE Sections:

Name	Size of data	MD5
.text	904704	9402ada699bef288618c0f0d0fbb10df
.sdata	512	422e46df6d272a003f3cfe7262854c0b
.rsrc	20992	409de2ed80425599418dc91c06717a2c
.reloc	512	88e7d0f473e0932ffdcd4b0527c1d704

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KMSELDI.exe

copyright for information about KMSELDI.exe