How to remove TCMDX64.EXE

» File
File Details
Overview
Analysis

TCMDX64.EXE

The module TCMDX64.EXE has been detected as Trojan.Kryptik

Remove TCMDX64.EXE

File Details

Main Info:

Product Name:	Ghisler Software GmbH Totalcmd-X64
Company Name:	Ghisler Software GmbH
MD5:	fc1ea3162b4e2006bd8906fdef8686fe
Size:	123 KB
First Published:	2019-04-15 23:17:25 (5 years ago)
Latest Published:	2019-08-30 12:16:35 (5 years ago)

Analysis:

Status:	Trojan.Kryptik (on last analysis)
Analysis Date:	2019-08-30 12:16:35 (5 years ago)

Overview

Digital Signature

Signed By:	Ghisler Software GmbH
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%sysdrive%\prg dec 2018\system utilities dec2018-2019\total commander\appnee.com.total.commander.v9.20.portable.fr.7z\app

%sysdrive%\portable\system\total commander portable\total commander 9.0 final portable by portableappz.exe\total commander 9.0 final portable by portableappz\app

%sysdrive%\setup\boot\dlc boot\dlc boot 2017 v3.4 final\dlc boot 2017 v3.4 final\dlc1\programs\windows\files

%sysdrive%\totalcmd.zip

%sysdrive%\setup\tienichmaytinh.com__dlc boot 2017 v3.4 final\dlc boot 2017 v3.4 final\dlc1\programs\windows\files

%sysdrive%\programok\boot\dlc_boot_2017\dlc boot 2017 v3.4 final\dlc1\programs\windows\files

%sysdrive%\setup\dlc.boot.2019\dlc.boot.2019\dlc1\programs\windows\files

%sysdrive%\prog.ente 2018\total commander 9.21 final deutsch multilingual 32 + 64-bit\total.commander.9.21_portable\total.commander.9.21_portable.7z\app

%sysdrive%\01.05.2019-alles gemicht\dreambox\total commander 9.21 final deutsch multilingual 32 + 64-bit\total.commander.9.21_portable\total.commander.9.21_portable.7z\app

%desktop%\dreambox\total commander 9.21 final deutsch multilingual 32 + 64-bit\total.commander.9.21_portable\total.commander.9.21_portable.7z\app

Geography:

	23.9%
	10.9%
	8.7%
	8.7%
	6.5%
	6.5%
	4.3%
	4.3%
	4.3%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%
	2.2%

OS Version:

Windows 10	78.3%
Windows 7	19.6%
Windows 8.1	2.2%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00005da0

PE Sections:

Name	Size of data	MD5
.text	75264	4a71ae4048253f8796974aa12d23ac3b
.rdata	18944	52f4b8bdfcca00b9bdd7c0c00cc2545c
.data	6144	706ec50880c927bde284d3161fe123d9
.pdata	4096	54f59e50b4efeb22074b87223bd81e8f
.rsrc	7680	6189bd95d316870288798898071aeb3c

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for TCMDX64.EXE

copyright for information about TCMDX64.EXE