How to remove gKMSELDI.exe

gKMSELDI.exe

The module gKMSELDI.exe has been detected as General Threat

gKMSELDI.exe
Remove gKMSELDI.exe

File Details

Product Name:

KMS GUI ELDI
MD5: 60d7e2aea0dedf43ff7dd21ce944ab84
Size: 1 MB
First Published: 2017-05-21 09:02:34 (6 years ago)
Latest Published: 2018-11-14 09:10:04 (5 years ago)
Status: General Threat (on last analysis)
Analysis Date: 2018-11-14 09:10:04 (5 years ago)

Overview

Signed By: ByELDI Certificate
Status: Valid

Common Places:

%programfiles%\system
%programfiles%\kmspico
%programfiles%\activation windows 8 office 2013
%desktop%\dossier\kmspico
%desktop%\papa\programas 1\office 2013\kmspico
%programfiles%

File Names:

KMSELDI.exe
gKMSELDI.exe

Geography:

45.0%
14.5%
4.2%
3.5%
3.0%
2.6%
2.1%
1.9%
1.4%
1.2%
1.2%
0.9%
0.9%
0.9%
0.9%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.5%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 8.1 67.3%
Windows 10 16.4%
Windows 7 15.4%
Windows 8 0.5%
Windows Server 2008 R2 0.2%
Windows Vista 0.2%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0011a98e

.NET Info:

MVID: 404baf00-36d6-42a8-85e5-b629ea00a84e

PE Sections:

Name Size of data MD5
.text 1149440 971eb5e79023e744dd4270b3a8a88bc9
.sdata 512 e074709947c6afb1df83ecc4dbaa8ea4
.rsrc 20992 036a003bb7f67920f193acff8cc201da
.reloc 512 33cab2c2f579d1697c4b18b412c0f5e1

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for gKMSELDI.exe
copyright for information about gKMSELDI.exe