How to remove Service_21.exe
- File Details
- Overview
- Analysis
Service_21.exe
The module Service_21.exe has been detected as Risk.Gen
File Details
Product Name: |
|
MD5: |
77a7651c4077dc0e5ebaa6574d586749 |
Size: |
954 KB |
First Published: |
2017-05-21 06:07:16 (7 years ago) |
Latest Published: |
2024-05-07 23:16:49 (7 months ago) |
Status: |
Risk.Gen (on last analysis) |
|
Analysis Date: |
2024-05-07 23:16:49 (7 months ago) |
Overview
%programfiles%\kmspico |
%profile%\downloads\win 8 pro.zip\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
%profile%\downloads\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
%desktop%\office pro plus 2010 (x86) - vl (chinese-traditional)\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
%localappdata%\microsoft\windows\filehistory\data\733\c\users\johnswah chan\desktop\office pro plus 2010 (x86) - vl (chinese-traditional)\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
%windir%\syswow64 |
%sysdrive%\windows.old\users\tester\backup ext hdd\isos\microsoft.office.professional.plus.2013.sp1.x64.vl.deutsch.vlsc.35984.microsoft.toolkit.v2.50.kmspico.v9.2.3\aktivierung.mit.kmspico.v9.2.3.all-in-one\kmspi.v9.2.3.aio.rar\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.only.service |
%sysdrive%\windows.old\users\tester\backup ext hdd\isos\windows.8.1.update1.fruehling.2014.aio.german.mtk250.kmsp923.iso-deepblue2000\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.only.service |
%windir%\system32 |
%profile%\downloads\compressed\prjctpro13tr64 gunceldepo.com_3\prjctpro13tr32\kmspico\kmspico only service |
Service_KMS.exe |
Service_21.exe |
service_kms.exe |
{0C261BA1-F59A-489D-AFFE-5F0888DDC6E3} |
Service_KMS.exe.vir |
|
13.9% |
|
|
12.9% |
|
|
11.5% |
|
|
6.3% |
|
|
4.9% |
|
|
4.3% |
|
|
3.6% |
|
|
3.6% |
|
|
3.4% |
|
|
2.6% |
|
|
2.1% |
|
|
2.1% |
|
|
2.0% |
|
|
1.4% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.9% |
|
|
0.9% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
Windows 8.1 |
34.7% |
|
Windows 7 |
31.4% |
|
Windows 10 |
30.0% |
|
Windows 8 |
2.1% |
|
Windows Server 2008 R2 |
0.9% |
|
Windows Embedded 8.1 |
0.5% |
|
Windows Server 2012 R2 |
0.3% |
|
Windows Vista |
0.1% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x000eb26e |
MVID: |
c2b0400f-6240-4d8d-8278-a63818e9c39a |
Name |
Size of data |
MD5 |
.text |
955392 |
bc5443963f99c13a0cabfea3bb0d2f63 |
.sdata |
512 |
4246ca273c608e3515d5d3ddcb895355 |
.rsrc |
15360 |
946191969186f00088527e38bad8f47c |
.reloc |
512 |
a9ef4799874890ab22556f70e8aa0a87 |