How to remove OInstall.exe

» File
File Details
Overview
Analysis

OInstall.exe

The module OInstall.exe has been detected as Hack.AutoKMS

Remove OInstall.exe

File Details

Main Info:

Product Name:	Office 2013-2016 C2R Install
MD5:	6d6eaab343f322867008d8b9cfefb7bd
Size:	11 MB
First Published:	2017-05-25 04:09:34 (8 years ago)
Latest Published:	2025-03-01 23:02:03 (2 months ago)

Analysis:

Status:	Hack.AutoKMS (on last analysis)
Analysis Date:	2025-03-01 23:02:03 (2 months ago)

Overview

Digital Signature

Signed By:	WZTeam
Status:	Valid

Common Places:

%desktop%\programas abril 0704\office 2016 pt-br dez 2016\office 2016 pt-br dez 2016

%desktop%\office.2016.pro\office.2016.pro

%sysdrive%\windows

%profile%\downloads\office.2016.pro.c2r.5.9.2\office.2016.pro

%profile%\downloads\office.2016.pro

%sysdrive%\kms tools portable 21.02.2017 by ratiborus\programs\office 2013-2016 c2r install v5.9.2

%appdata%\cyberlink\power2go\7.0\temp\programs\office 2013-2016 c2r install v5.9.2

%programfiles%\tcpu68\programm\web-install

%sysdrive%\programs\microsoft office 2016 en-th\office.2016.pro.c2r.5.9.2

%programfiles%\total commander - freemen

File Names:

Office 2016 C2R 5.9.2.exe

OInstall.exe

MicrosoftOffice.exe

O16 C2R 5.9.2.exe

Geography:

Thailand	31.0%
Russia	9.5%
Ukraine	8.2%
France	5.7%
Brazil	4.4%
Czech Republic	4.4%
Germany	4.4%
South Korea	3.2%
Hong Kong	2.5%
Mexico	1.9%
Belarus	1.9%
Italy	1.9%
United States	1.3%
Vietnam	1.3%
Austria	1.3%
Spain	1.3%
Kazakhstan	1.3%
Greece	1.3%
Canada	1.3%
Poland	1.3%
Romania	1.3%
Israel	0.6%
Norway	0.6%
Georgia	0.6%
Peru	0.6%
Singapore	0.6%
Morocco	0.6%
Algeria	0.6%
United Kingdom	0.6%
Taiwan	0.6%
Argentina	0.6%
Chile	0.6%
Moldova	0.6%
Slovakia	0.6%
Saudi Arabia	0.6%
Australia	0.6%

OS Version:

Windows 10	73.8%
Windows 7	22.5%
Windows 8.1	3.1%
Windows XP	0.6%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00001000

PE Sections:

Name	Size of data	MD5
.code	130048	ffc04b9abe3aa9b42505abd69e8797de
.text	593408	6e4dbf26bf90be105826ef8363c8deda
.rdata	116736	36daeed853b8bedaa7d9cb43719ceb3c
.data	11066368	4476111707446a62109f44460ac902e6
.rsrc	84480	f0da4f3236dcb6fd6efbb3cd04305ffb
.modplug	0	00000000000000000000000000000000

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for OInstall.exe

copyright for information about OInstall.exe

How to remove OInstall.exe

OInstall.exe

The module OInstall.exe has been detected as Hack.AutoKMS

File Details

Main Info:

Office 2013-2016 C2R Install

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: