How to remove OInstall.exe

OInstall.exe

The module OInstall.exe has been detected as Hack.AutoKMS

OInstall.exe
Remove OInstall.exe

File Details

Product Name:

Office 2013-2016 C2R Install
MD5: 6d6eaab343f322867008d8b9cfefb7bd
Size: 11 MB
First Published: 2017-05-25 04:09:34 (7 years ago)
Latest Published: 2025-03-01 23:02:03 (2 months ago)
Status: Hack.AutoKMS (on last analysis)
Analysis Date: 2025-03-01 23:02:03 (2 months ago)

Overview

Signed By: WZTeam
Status: Valid

Common Places:

%desktop%\programas abril 0704\office 2016 pt-br dez 2016\office 2016 pt-br dez 2016
%desktop%\office.2016.pro\office.2016.pro
%sysdrive%\windows
%profile%\downloads\office.2016.pro.c2r.5.9.2\office.2016.pro
%profile%\downloads\office.2016.pro
%sysdrive%\kms tools portable 21.02.2017 by ratiborus\programs\office 2013-2016 c2r install v5.9.2
%appdata%\cyberlink\power2go\7.0\temp\programs\office 2013-2016 c2r install v5.9.2
%programfiles%\tcpu68\programm\web-install
%sysdrive%\programs\microsoft office 2016 en-th\office.2016.pro.c2r.5.9.2
%programfiles%\total commander - freemen

File Names:

Office 2016 C2R 5.9.2.exe
OInstall.exe
MicrosoftOffice.exe
O16 C2R 5.9.2.exe

Geography:

31.0%
9.5%
8.2%
5.7%
4.4%
4.4%
4.4%
3.2%
2.5%
1.9%
1.9%
1.9%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
1.3%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%
0.6%

OS Version:

Windows 10 73.8%
Windows 7 22.5%
Windows 8.1 3.1%
Windows XP 0.6%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00001000

PE Sections:

Name Size of data MD5
.code 130048 ffc04b9abe3aa9b42505abd69e8797de
.text 593408 6e4dbf26bf90be105826ef8363c8deda
.rdata 116736 36daeed853b8bedaa7d9cb43719ceb3c
.data 11066368 4476111707446a62109f44460ac902e6
.rsrc 84480 f0da4f3236dcb6fd6efbb3cd04305ffb
.modplug 0 00000000000000000000000000000000

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for OInstall.exe
copyright for information about OInstall.exe