How to remove KMSELDI.exe

KMSELDI.exe

The module KMSELDI.exe has been detected as Crack.AutoKMS

KMSELDI.exe
Remove KMSELDI.exe

File Details

Product Name:

KMS GUI ELDI
Company Name:

@ByELDI
MD5: e1d8689f5e0944e974fc958b58c62d16
Size: 1 MB
First Published: 2017-05-30 09:12:33 (7 years ago)
Latest Published: 2022-05-01 23:23:32 (3 years ago)
Status: Crack.AutoKMS (on last analysis)
Analysis Date: 2022-05-01 23:23:32 (3 years ago)

Overview

Signed By: @ByELDI
Status: Valid

Common Places:

%programfiles%\kmspico
%programfiles%
%sysdrive%\microsoft toolkit collection pack february 2017\windows 10 - permenant activator\windows 10 activators
%sysdrive%\backup verbatim usb 2018-04-18\microsoft toolkit collection pack february 2017\windows 10 - permenant activator\windows 10 activators
%sysdrive%\windows.old\program files
%programfiles%
%sysdrive%
%programfiles%
%sysdrive%\software\softwares\ms office
%programfiles%

Geography:

Thailand 11.4%
Brazil 11.4%
Sweden 8.6%
India 7.1%
Romania 5.7%
Italy 4.3%
Indonesia 4.3%
Canada 2.9%
Hungary 2.9%
Pakistan 2.9%
Vietnam 2.9%
Croatia 2.9%
Sri Lanka 2.9%
Costa Rica 2.9%
Argentina 2.9%
South Africa 1.4%
Namibia 1.4%
Czech Republic 1.4%
Spain 1.4%
France 1.4%
United Kingdom 1.4%
Tunisia 1.4%
Slovakia 1.4%
Netherlands 1.4%
Israel 1.4%
Algeria 1.4%
Belgium 1.4%
Greece 1.4%
Mexico 1.4%
Taiwan 1.4%
Peru 1.4%
Democratic Republic of the Congo 1.4%

OS Version:

Windows 10 62.9%
Windows 7 30.0%
Windows 8.1 7.1%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x001162fe

.NET Info:

MVID: 20e0cec7-2f63-403f-bcfe-39ee5e5c5963

PE Sections:

Name Size of data MD5
.text 1131520 b3c8668ac02607e7525d5d21af2fcd60
.rsrc 20992 8deab088da843ba1905429404df67a36
.reloc 512 524459b4b3e72410d54224e0f64ea2f2

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for KMSELDI.exe
copyright for information about KMSELDI.exe
­