How to remove Elevate_x86.exe

» File
File Details
Overview
Analysis

Elevate_x86.exe

The module Elevate_x86.exe has been detected as Risk.Gen

Remove Elevate_x86.exe

File Details

Main Info:

Product Name:	NirCmd
Company Name:	NirSoft
MD5:	84d499f558570c32f4cb100a9124890b
Size:	43 KB
First Published:	2017-05-22 11:14:07 (8 years ago)
Latest Published:	2025-02-28 23:01:12 (9 months ago)

Analysis:

Status:	Risk.Gen (on last analysis)
Analysis Date:	2025-02-28 23:01:12 (9 months ago)

Common Places:

%programfiles%\greenbrowser\plugin\quickmute+

%sysdrive%\$recycle.bin\s-1-5-21-3026355524-453306283-1535374647-1001\$rqg1g27\nirsoft

%windir%\prey\versions\1.6.8\lib\agent\actions\alarm\bin

%profile%\downloads\instalador_prodemge.exe

%desktop%\nirsoft_package_1.20.2\nirsoft

%temp%\afolder

%windir%\prey\versions\1.6.7\lib\agent\actions\alarm\bin

%programfiles%\wscc_x64\nirsoft utilities

%profile%\downloads\nirsoft_package_1.20.2\nirsoft

%programfiles%\wscc3\nirsoft utilities

File Names:

nircmd.exe

Elevate_x86.exe

7005.tmp.exe

nircmd(2977).exe

8598.tmp.exe

77E1.tmp.exe

1BDC.tmp.exe

A779.tmp.exe

DEFC.tmp.exe

342F.tmp.exe

C507.tmp.exe

4B46.tmp.exe

B9E0.tmp.exe

1651.tmp.exe

E43C.tmp.exe

D5D8.tmp.exe

3D25.tmp.exe

2214.tmp.exe

F578.tmp.exe

C334.tmp.exe

34E9.tmp.exe

AF.tmp.exe

986B.tmp.exe

5380.tmp.exe

7D1F.tmp.exe

2DC8.tmp.exe

34F8.tmp.exe

F7FA.tmp.exe

D7B.tmp.exe

EF70.tmp.exe

6BA2.tmp.exe

3383.tmp.exe

temp.tmp

8924FCCB5874AB5499D90773FA9FFF2E46AD756B.exe

FBC7.tmp.exe

9749.tmp.exe

2894.tmp.exe

E4A8.tmp.exe

7F1F.tmp.exe

6784.tmp.exe

EAFD.tmp.exe

2180.tmp.exe

FD60.tmp.exe

E998.tmp.exe

3C58.tmp.exe

1FB4.tmp.exe

C23A.tmp.exe

8B80.tmp.exe

40A.tmp.exe

FFE4.tmp.exe

24B3.tmp.exe

D0BC.tmp.exe

CAE5.tmp.exe

D390.tmp.exe

F7B2.tmp.exe

FCA3.tmp.exe

F13A.tmp.exe

2068.tmp.exe

F8FA.tmp.exe

EE5B.tmp.exe

7B2B.tmp.exe

73D9.tmp.exe

CB91.tmp.exe

F346.tmp.exe

896.tmp.exe

5504.tmp.exe

C633.tmp.exe

912B.tmp.exe

4E7E.tmp.exe

C328.tmp.exe

29F9.tmp.exe

215E.tmp.exe

9C01.tmp.exe

3244.tmp.exe

C075.tmp.exe

5D03.tmp.exe

8973.tmp.exe

1905.tmp.exe

D2BB.tmp.exe

195.tmp.exe

C5C.tmp.exe

58B0.tmp.exe

chipset.exe

1C41.tmp.exe

AE80.tmp.exe

4A8C.tmp.exe

F1E1.tmp.exe

1FF.tmp.exe

483A.tmp.exe

4035.tmp.exe

5DAE.tmp.exe

43A8.tmp.exe

CAC1.tmp.exe

CB6D.tmp.exe

2FD9.tmp.exe

F4E7.tmp.exe

2173.tmp.exe

5389.tmp.exe

F35.tmp.exe

3B56.tmp.exe

E06F.tmp.exe

DD2.tmp.exe

FED.tmp.exe

2BB.tmp.exe

4E61.tmp.exe

314B.tmp.exe

37C8.tmp.exe

AAC1.tmp.exe

C293.tmp.exe

54C1.tmp.exe

C6AA.tmp.exe

4584.tmp.exe

9937.tmp.exe

267.tmp.exe

A52F.tmp.exe

2842.tmp.exe

4454.tmp.exe

CD9B.tmp.exe

4EDC.tmp.exe

4D3B.tmp.exe

4F49.tmp.exe

2D33.tmp.exe

5E8B.tmp.exe

9816.tmp.exe

568B.tmp.exe

8D7A.tmp.exe

A609.tmp.exe

C536.tmp.exe

7A59.tmp.exe

7BA.tmp.exe

46FC.tmp.exe

DBA9.tmp.exe

965.tmp.exe

3373.tmp.exe

CFF.tmp.exe

D0B8.tmp.exe

1E3.tmp.exe

AAD.tmp.exe

AC2B.tmp.exe

D6C6.tmp.exe

2A69.tmp.exe

569C.tmp.exe

7A2B.tmp.exe

CC95.tmp.exe

2249.tmp.exe

2123.tmp.exe

D1F3.tmp.exe

48B8.tmp.exe

149F.tmp.exe

9171.tmp.exe

7D87.tmp.exe

3926.tmp.exe

BF5F.tmp.exe

82AB.tmp.exe

27BA.tmp.exe

4F91.tmp.exe

70AA.tmp.exe

D5AE.tmp.exe

9DE4.tmp.exe

6253.tmp.exe

7443.tmp.exe

46D6.tmp.exe

7DF9.tmp.exe

9681.tmp.exe

497C.tmp.exe

5A91.tmp.exe

AEB3.tmp.exe

44B8.tmp.exe

6158.tmp.exe

72B2.tmp.exe

83EB.tmp.exe

EC8A.tmp.exe

9A36.tmp.exe

C88.tmp.exe

B295.tmp.exe

606D.tmp.exe

6619.tmp.exe

ABD4.tmp.exe

3FDB.tmp.exe

C68B.tmp.exe

1A58.tmp.exe

A1C.tmp.exe

E3E9.tmp.exe

AF0C.tmp.exe

89FD.tmp.exe

CCC8.tmp.exe

9B74.tmp.exe

B059.tmp.exe

37A8.tmp.exe

CB28.tmp.exe

E9A7.tmp.exe

E5A1.tmp.exe

FAED.tmp.exe

7685.tmp.exe

77DF.tmp.exe

AEC1.tmp.exe

BF3C.tmp.exe

A9A7.tmp.exe

C0D9.tmp.exe

33D6.tmp.exe

8212.tmp.exe

93D6.tmp.exe

CA78.tmp.exe

31E7.tmp.exe

76CF.tmp.exe

4C25.tmp.exe

53E6.tmp.exe

177A.tmp.exe

94A9.tmp.exe

66F8.tmp.exe

297B.tmp.exe

451C.tmp.exe

3201.tmp.exe

6C8F.tmp.exe

576C.tmp.exe

1612.tmp.exe

A210.tmp.exe

6B6.tmp.exe

C6D6.tmp.exe

5F66.tmp.exe

F135.tmp.exe

190.tmp.exe

1D6E.tmp.exe

1A0E.tmp.exe

F1C8.tmp.exe

B91A.tmp.exe

AFC2.tmp.exe

BE33.tmp.exe

5269.tmp.exe

FBDD.tmp.exe

21DF.tmp.exe

1675.tmp.exe

7FD9.tmp.exe

65F.tmp.exe

87B5.tmp.exe

ABF.tmp.exe

2F42.tmp.exe

DD9C.tmp.exe

B4ED.tmp.exe

C871.tmp.exe

2784.tmp.exe

4F1A.tmp.exe

6FDD.tmp.exe

7CC6.tmp.exe

3520.tmp.exe

9887.tmp.exe

A2D3.tmp.exe

312D.tmp.exe

3FFB.tmp.exe

48B2.tmp.exe

832C.tmp.exe

2886.tmp.exe

F92.tmp.exe

69D.tmp.exe

9E1F.tmp.exe

25BB.tmp.exe

BA72.tmp.exe

FF4E.tmp.exe

635C.tmp.exe

10B.tmp.exe

45B0.tmp.exe

DDD1.tmp.exe

FB00.tmp.exe

D5BF.tmp.exe

4395.tmp.exe

F3E1.tmp.exe

1085.tmp.exe

chipset1.exe

83E7.tmp.exe

F134.tmp.exe

3D9A.tmp.exe

457D.tmp.exe

CAFA.tmp.exe

B24.tmp.exe

C4BD.tmp.exe

B2E8.tmp.exe

D17D.tmp.exe

A6CB.tmp.exe

EC97.tmp.exe

BE62.tmp.exe

A2A9.tmp.exe

41A8.tmp.exe

F8E.tmp.exe

285D.tmp.exe

B9B5.tmp.exe

AC7B.tmp.exe

A883.tmp.exe

DCE.tmp.exe

9712.tmp.exe

4AE0.tmp.exe

AC50.tmp.exe

F68D.tmp.exe

8A31.tmp.exe

6092.tmp.exe

4B14.tmp.exe

CFEB.tmp.exe

F877.tmp.exe

1413.tmp.exe

A853.tmp.exe

9003.tmp.exe

77D8.tmp.exe

222B.tmp.exe

21EE.tmp.exe

636B.tmp.exe

7F8E.tmp.exe

72E.tmp.exe

chipset.exe.vir

2BEB.tmp.exe

FB42.tmp.exe

nircmdx32.exe

c27dbd4b4a4c333586ec156f8c5759fa-5409[1].exe

c27dbd4b4a4c333586ec156f8c5759fa-5409[4].exe

c27dbd4b4a4c333586ec156f8c5759fa-5409[3].exe

c27dbd4b4a4c333586ec156f8c5759fa-5409[2].exe

Ninja.exe

6921.tmp.exe

54D2.tmp.exe

4750.tmp.exe

1FC2.tmp.exe

6164.tmp.exe

9E65.tmp.exe

EBD4.tmp.exe

B030.tmp.exe

B2DF.tmp.exe

B5AC.tmp.exe

C7D8.tmp.exe

1BC2.tmp.exe

541B.tmp.exe

B2AE.tmp.exe

70A0.tmp.exe

nissc.exe

4DD4.tmp.exe

FC5E.tmp.exe

NirCmd.exe

cmd.exe

9CB8.tmp.exe

BB8.tmp.exe

nircmd32.exe

$RBR2CUI.exe

Geography:

	10.0%
	6.0%
	5.9%
	5.0%
	4.6%
	3.9%
	3.9%
	3.9%
	3.8%
	3.6%
	3.1%
	3.0%
	2.3%
	2.1%
	2.0%
	1.8%
	1.7%
	1.7%
	1.7%
	1.7%
	1.5%
	1.3%
	1.3%
	1.3%
	1.1%
	1.1%
	1.1%
	1.1%
	1.0%
	1.0%
	0.9%
	0.8%
	0.8%
	0.8%
	0.7%
	0.7%
	0.6%
	0.6%
	0.6%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.4%
	0.4%
	0.4%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.2%
	0.2%
	0.2%
	0.2%
	0.2%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%
	0.1%

OS Version:

Windows 10	61.2%
Windows 7	29.4%
Windows 8.1	8.2%
Windows 8	0.7%
Windows XP	0.4%
Windows Server 2012 R2	0.1%
Windows Vista	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00019d40

PE Sections:

Name	Size of data	MD5
UPX0	0	00000000000000000000000000000000
UPX1	40960	1305b13f2af0811e9644ea5832ed20d2
.rsrc	2560	eacf3e9ac96593f0fed57ad23f54e9e7

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for Elevate_x86.exe

copyright for information about Elevate_x86.exe

How to remove Elevate_x86.exe

Elevate_x86.exe

The module Elevate_x86.exe has been detected as Risk.Gen

File Details

Main Info:

NirCmd

NirSoft

Analysis:

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: