How to remove KMSELDI.exe.vir
- File Details
- Overview
- Analysis
KMSELDI.exe.vir
The module KMSELDI.exe.vir has been detected as Crack.AutoKMS
File Details
| Product Name: |
|
| MD5: |
6bbedd3e5505afa3c9ce2b81a0c1362d |
| Size: |
1 MB |
| First Published: |
2017-05-21 06:07:16 (8 years ago) |
| Latest Published: |
2024-01-28 23:35:51 (a year ago) |
| Status: |
Crack.AutoKMS (on last analysis) |
|
| Analysis Date: |
2024-01-28 23:35:51 (a year ago) |
Overview
| %programfiles%\kmspico |
| %appdata%\zhp\quarantine\kmspico |
| %programfiles%\panda security\panda security protection\lostandfound |
| %programfiles% |
| %desktop%\desktop |
| %desktop% |
| %programfiles%\panda security\panda security protection |
| %sysdrive%\$recycle.bin\s-1-5-21-1705778768-239233795-1564717606-1001 |
| %sysdrive%\windows.old\program files |
| %desktop%\spico |
| KMSELDI.exe |
| KMSELDI.exe.vir |
| Turkey |
15.0% |
|
| Vietnam |
11.6% |
|
| Brazil |
11.3% |
|
| Thailand |
6.5% |
|
| Iran |
4.4% |
|
| Indonesia |
3.2% |
|
| Taiwan |
3.2% |
|
| Italy |
3.2% |
|
| Peru |
2.6% |
|
| Mexico |
2.4% |
|
| Germany |
2.3% |
|
| Spain |
2.1% |
|
| South Korea |
1.6% |
|
| Ukraine |
1.6% |
|
| Poland |
1.6% |
|
| India |
1.6% |
|
| United States |
1.5% |
|
| Israel |
1.3% |
|
| Bulgaria |
1.3% |
|
| Argentina |
1.1% |
|
| Colombia |
1.0% |
|
| Egypt |
1.0% |
|
| Russia |
1.0% |
|
| Pakistan |
1.0% |
|
| Japan |
0.8% |
|
| Malaysia |
0.8% |
|
| Bolivia |
0.8% |
|
| Venezuela |
0.6% |
|
| Nigeria |
0.6% |
|
| France |
0.6% |
|
| Czech Republic |
0.6% |
|
| Sri Lanka |
0.6% |
|
| Belarus |
0.6% |
|
| Netherlands |
0.6% |
|
| Portugal |
0.6% |
|
| Philippines |
0.6% |
|
| Chile |
0.5% |
|
| Australia |
0.5% |
|
| Morocco |
0.5% |
|
| Mongolia |
0.5% |
|
| Jordan |
0.5% |
|
| El Salvador |
0.5% |
|
| Ecuador |
0.5% |
|
| Romania |
0.3% |
|
| Saudi Arabia |
0.3% |
|
| Canada |
0.3% |
|
| United Arab Emirates |
0.3% |
|
| Austria |
0.3% |
|
| Singapore |
0.3% |
|
| Panama |
0.3% |
|
| Bosnia and Herzegovina |
0.2% |
|
| Haiti |
0.2% |
|
| Costa Rica |
0.2% |
|
| Croatia |
0.2% |
|
| Belgium |
0.2% |
|
| Myanmar |
0.2% |
|
| Greece |
0.2% |
|
| Cuba |
0.2% |
|
| Uzbekistan |
0.2% |
|
| Azerbaijan |
0.2% |
|
| Hong Kong |
0.2% |
|
| Ethiopia |
0.2% |
|
| Algeria |
0.2% |
|
| South Africa |
0.2% |
|
| Bangladesh |
0.2% |
|
| Honduras |
0.2% |
|
| Côte d'Ivoire |
0.2% |
|
| Windows 8.1 |
39.5% |
|
| Windows 7 |
31.2% |
|
| Windows 10 |
24.8% |
|
| Windows 8 |
2.4% |
|
| Windows Server 2008 R2 |
1.1% |
|
| Windows Embedded 8.1 |
0.5% |
|
| Windows Server 2012 R2 |
0.3% |
|
| Windows Vista |
0.2% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0010774e |
| MVID: |
858763be-b485-49fe-bd97-0e5a4a38be6b |
| Name |
Size of data |
MD5 |
| .text |
1071104 |
52c797e52d382dad4334e2d4e7517761 |
| .sdata |
512 |
576c4293c24890c7b0d1d0e333d55730 |
| .rsrc |
20992 |
63424a2815c8919d2d6b6f2f61ae98a9 |
| .reloc |
512 |
a8d3351b914f0963aa7c031c1ee9fa31 |
