How to remove Service_21.exe
- File Details
- Overview
- Analysis
Service_21.exe
The module Service_21.exe has been detected as Risk.Gen
File Details
| Product Name: |
|
| MD5: |
77a7651c4077dc0e5ebaa6574d586749 |
| Size: |
954 KB |
| First Published: |
2017-05-21 06:07:16 (8 years ago) |
| Latest Published: |
2024-05-07 23:16:49 (2 years ago) |
| Status: |
Risk.Gen (on last analysis) |
|
| Analysis Date: |
2024-05-07 23:16:49 (2 years ago) |
Overview
| %programfiles%\kmspico |
| %profile%\downloads\win 8 pro.zip\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
| %profile%\downloads\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
| %desktop%\office pro plus 2010 (x86) - vl (chinese-traditional)\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
| %localappdata%\microsoft\windows\filehistory\data\733\c\users\johnswah chan\desktop\office pro plus 2010 (x86) - vl (chinese-traditional)\kmspico v9.2.3 final activator for windows and office full\kmspico only service |
| %windir%\syswow64 |
| %sysdrive%\windows.old\users\tester\backup ext hdd\isos\microsoft.office.professional.plus.2013.sp1.x64.vl.deutsch.vlsc.35984.microsoft.toolkit.v2.50.kmspico.v9.2.3\aktivierung.mit.kmspico.v9.2.3.all-in-one\kmspi.v9.2.3.aio.rar\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.only.service |
| %sysdrive%\windows.old\users\tester\backup ext hdd\isos\windows.8.1.update1.fruehling.2014.aio.german.mtk250.kmsp923.iso-deepblue2000\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.all-in-one\kmspico.v9.2.3.only.service |
| %windir%\system32 |
| %profile%\downloads\compressed\prjctpro13tr64 gunceldepo.com_3\prjctpro13tr32\kmspico\kmspico only service |
| Service_KMS.exe |
| Service_21.exe |
| service_kms.exe |
| {0C261BA1-F59A-489D-AFFE-5F0888DDC6E3} |
| Service_KMS.exe.vir |
|
13.9% |
|
|
12.9% |
|
|
11.5% |
|
|
6.3% |
|
|
4.9% |
|
|
4.3% |
|
|
3.6% |
|
|
3.6% |
|
|
3.4% |
|
|
2.6% |
|
|
2.1% |
|
|
2.1% |
|
|
2.0% |
|
|
1.4% |
|
|
1.3% |
|
|
1.3% |
|
|
1.3% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.9% |
|
|
0.9% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 8.1 |
34.7% |
|
| Windows 7 |
31.4% |
|
| Windows 10 |
30.0% |
|
| Windows 8 |
2.1% |
|
| Windows Server 2008 R2 |
0.9% |
|
| Windows Embedded 8.1 |
0.5% |
|
| Windows Server 2012 R2 |
0.3% |
|
| Windows Vista |
0.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000eb26e |
| MVID: |
c2b0400f-6240-4d8d-8278-a63818e9c39a |
| Name |
Size of data |
MD5 |
| .text |
955392 |
bc5443963f99c13a0cabfea3bb0d2f63 |
| .sdata |
512 |
4246ca273c608e3515d5d3ddcb895355 |
| .rsrc |
15360 |
946191969186f00088527e38bad8f47c |
| .reloc |
512 |
a9ef4799874890ab22556f70e8aa0a87 |
