How to remove Service_21.exe

» File
File Details
Overview
Analysis

Service_21.exe

The module Service_21.exe has been detected as Risk.Gen

Remove Service_21.exe

File Details

Main Info:

Product Name:	Service_KMS
MD5:	77a7651c4077dc0e5ebaa6574d586749
Size:	954 KB
First Published:	2017-05-21 06:07:16 (6 years ago)
Latest Published:	2024-01-03 23:54:32 (3 months ago)

Analysis:

Status:	Risk.Gen (on last analysis)
Analysis Date:	2024-01-03 23:54:32 (3 months ago)

Overview

Digital Signature

Signed By:	@ByELDI
Status:	Valid

Common Places:

%programfiles%\kmspico

%profile%\downloads\win 8 pro.zip\kmspico v9.2.3 final activator for windows and office full\kmspico only service

%profile%\downloads\kmspico v9.2.3 final activator for windows and office full\kmspico only service

%desktop%\office pro plus 2010 (x86) - vl (chinese-traditional)\kmspico v9.2.3 final activator for windows and office full\kmspico only service

%localappdata%\microsoft\windows\filehistory\data\733\c\users\johnswah chan\desktop\office pro plus 2010 (x86) - vl (chinese-traditional)\kmspico v9.2.3 final activator for windows and office full\kmspico only service

%windir%\syswow64

%sysdrive%\windows.old\users\tester\backup ext hdd\isos\microsoft.office.professional.plus.2013.sp1.x64.vl.deutsch.vlsc.35984.microsoft.toolkit.v2.50.kmspico.v9.2.3\aktivierung.mit.kmspico.v9.2.3.all-in-one\kmspi.v9.2.3.aio.rar\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.only.service

%sysdrive%\windows.old\users\tester\backup ext hdd\isos\windows.8.1.update1.fruehling.2014.aio.german.mtk250.kmsp923.iso-deepblue2000\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.only.service

%windir%\system32

%profile%\downloads\compressed\prjctpro13tr64 gunceldepo.com_3\prjctpro13tr32\kmspico\kmspico only service

File Names:

Service_KMS.exe

Service_21.exe

service_kms.exe

{0C261BA1-F59A-489D-AFFE-5F0888DDC6E3}

Service_KMS.exe.vir

Geography:

	13.9%
	12.9%
	11.5%
	6.3%
	4.9%
	4.3%
	3.6%
	3.6%
	3.4%
	2.6%
	2.1%
	2.0%
	2.0%
	1.4%
	1.3%
	1.3%
	1.3%
	1.1%
	1.1%
	1.1%
	1.1%
	0.9%
	0.9%
	0.7%
	0.7%
	0.7%
	0.7%
	0.6%
	0.6%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 8.1	34.8%
Windows 7	31.3%
Windows 10	30.0%
Windows 8	2.1%
Windows Server 2008 R2	0.9%
Windows Embedded 8.1	0.5%
Windows Server 2012 R2	0.3%
Windows Vista	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000eb26e

.NET Info:

MVID:

c2b0400f-6240-4d8d-8278-a63818e9c39a

PE Sections:

Name	Size of data	MD5
.text	955392	bc5443963f99c13a0cabfea3bb0d2f63
.sdata	512	4246ca273c608e3515d5d3ddcb895355
.rsrc	15360	946191969186f00088527e38bad8f47c
.reloc	512	a9ef4799874890ab22556f70e8aa0a87

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for Service_21.exe

copyright for information about Service_21.exe