How to remove OINSTALL.EXE

OINSTALL.EXE

The module OINSTALL.EXE has been detected as Hack.KMS

OINSTALL.EXE
Remove OINSTALL.EXE

File Details

Product Name:

Office 2013-2016 C2R Install
MD5: 188fc9f977fbd6ff31eb52566581148d
Size: 13 MB
First Published: 2018-07-13 18:15:03 (5 years ago)
Latest Published: 2023-08-10 23:46:41 (8 months ago)
Status: Hack.KMS (on last analysis)
Analysis Date: 2023-08-10 23:46:41 (8 months ago)

Overview

Signed By: WZTeam
Status: Valid

Common Places:

%windir%
%programfiles%\ratiborus\kms tools portable\programs
%sysdrive%\ofiice 2016\office pro plus 2016 (64 bits)
%profile%\onedrive
%sysdrive%\ofiice 2016\office pro plus 2016 (32 bits)
%sysdrive%\$recycle.bin
%commonappdata%\portable aps\активация\kms tools portable 13.07.2017 by ratiborus\programs
%sysdrive%\data data data\data toolkitttttttt\[baba] ratiborus kms tools 13.07.2017 portable\[baba] ratiborus kms tools 13.07.2017 portable\[baba] ratiborus kms tools 13.07.2017 portable\kmstools\programs
%sysdrive%\data data data\data toolkitttttttt\[baba] ratiborus kms tools 13.07.2017 portable\kmstools\programs
%sysdrive%\data data data\data toolkitttttttt

File Names:

OInstall.exe
OINSTALL.EXE
O16 C2R 5.9.7.exe
$RAWDD5M.exe

Geography:

33.3%
22.2%
18.5%
3.7%
3.7%
3.7%
3.7%
3.7%
3.7%
3.7%

OS Version:

Windows 10 74.1%
Windows 7 22.2%
Windows 8.1 3.7%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00001000

PE Sections:

Name Size of data MD5
.code 140288 184687a7fcd7bb128dd6515c9745c187
.text 743936 77aa7e3d3807ed09e2899b56cbf083e5
.rdata 143872 f899fbf81a6042dad762c17f97f00b1f
.data 12616192 b3c11696889f4c7f13b58c1f0d5e427c
.rsrc 84480 64fe84b748c6c81c7a00fb63e7b29a9a
.modplug 0 00000000000000000000000000000000

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for OINSTALL.EXE
copyright for information about OINSTALL.EXE