Should I block it?

60%

60% of PCs block this file from running.

Possible reason:

Performance resource utilization

Additional versions

b63e6	20.00%
d1287	20.00%
5561b	20.00%
092e2	20.00%
88299	20.00%

(Note, Search Safer Inc. publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

Child process

windowsserver.exe (KinoniRemoteDesktop by Kinoni Oy)

Related files

service.exe

By Search Safer Inc. (Signed)

Remove service.exe

MD5:	88299db33cb18efbd98dbf36fe7c1f06
SHA1:	bfea42542f40f310db6502cc8c11acfb5762323a

Overview

service.exe runs as a service under the name Kinoni Remote Desktop (KinoniRemoteDesktop) with extensive SYSTEM privileges (full administrator access). It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine). The file is digitally signed by Search Safer Inc. which was issued by the DigiCert Inc certificate authority (CA).

Details

File name:	service.exe
Typical file path:	C:\Program Files\pcmax\service.exe
Size:	71.5 KB (73,216 bytes)
Build date:	1/10/2014 8:20 AM
Certificate
Issued to:	Search Safer Inc.
Authority (CA):	DigiCert Inc
Effective date:	Wednesday, May 28, 2014
Expiration date:	Wednesday, February 10, 2016
Digital DNA
File packed:	No
.NET CLR:	No

More details

Behaviors

Startup files (all users) run

Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'

'pcreg' → C:\Program Files\pcmax\service.exe

Scheduled tasks

The job 'pcreg' runs on logon in the path '\pcreg'

Services

Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)

'KinoniRemoteDesktop' (Kinoni Remote Desktop)

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

Memory
Private memory:	800 KB	21.59 MB
Private (maximum):	3.3 MB
Private (minimum):	272 KB
Non-paged memory:	800 KB	21.59 MB
Virtual memory:	15.63 MB	140.96 MB
Virtual memory (peak):	18.15 MB	169.69 MB
Working set:	292 KB	18.61 MB
Working set (peak):	3.34 MB	37.95 MB
Resource allocations
Threads:	2	12
Handles:	56	600

Process properties

Integrety level:	System
Platform:	64-bit
Command line:	"C:\Program Files\kinoni\remote desktop\service.exe"
Owner:	SYSTEM
Windows Service
Service name:	KinoniRemoteDesktop
Display name:	Kinoni Remote Desktop
Description:	“Kinoni Remote Desktop”
Type:	Win32OwnProcess, InteractiveProcess

Distribution by Windows OS

OS version	distribution
Windows 8.1 Pro	25.00%
Windows 7 Home Premium	25.00%
Windows 7 Professional	25.00%
Windows 8.1	25.00%

Distribution by country

United States installs about 75.00% of service.exe.

Distribution by PC manufacturer

PC Manufacturer	distribution
Dell	50.00%
Toshiba	50.00%

"Should I Block It?" client app is coming soon

We are still in the final stages of development and will hopefully have our 100% free client app available soon. The app will work in conjunction with your existing anti-virus program to quickly help you block potentially unwanted software from taking control of your PC.

In the meantime, if you would like to run our award winning software, "Should I Remove It?", which is designed to quickly purge your PC from unwanted programs, please download it it here, it's 100% FREE!

Featured on The Kim Komando Show, USA Today, Tom's Guide, CNET, Softonic and many more.

Remove Adware and Spyware Programs, FREE Download!