How to remove NIRCMD.EXE
NIRCMD.EXE
The module NIRCMD.EXE has been detected as General Threat
File Details
| Product Name: | NirCmd |
| Company Name: | NirSoft |
| MD5: | 55126bfa5802cc5feb9a77e3fe27275f |
| Size: | 34 KB |
| First Published: | 2017-10-09 21:08:01 (7 years ago) |
| Latest Published: | 2020-03-17 19:37:13 (4 years ago) |
| Status: | General Threat (on last analysis) | |
| Analysis Date: | 2020-03-17 19:37:13 (4 years ago) |
Common Places:
| %programfiles%\windows sidebar\gadgets\monitoroff.gadget\core |
| %temp%\2013\catalog |
| %localappdata%\microsoft\windows sidebar\gadgets\monitoroff.gadget\core |
| %temp%\aida64 |
| %temp%\2016\catalog |
| %windir%\temp |
| %profile% |
| %programfiles%\«среда для visio» |
| %localappdata%\microsoft\windows sidebar\gadgets\monitoroff.gadget |
| %windir%\temp |
File Names:
| nircmd.exe |
| NIRCMD.EXE |
Geography:
| 42.3% | ||
| 19.2% | ||
| 7.7% | ||
| 7.7% | ||
| 7.7% | ||
| 3.8% | ||
| 3.8% | ||
| 3.8% | ||
| 3.8% |
OS Version:
| Windows 7 | 50.0% | |
| Windows 8.1 | 34.6% | |
| Windows 10 | 7.7% | |
| Windows XP | 7.7% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00015af0 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | 00000000000000000000000000000000 |
| UPX1 | 32256 | bc58e7bc54357a69d0fb8b6f0fc4ae63 |
| .rsrc | 2048 | e3cf4ce6f0365718ecf8a275e92637f7 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for NIRCMD.EXE
