How to remove cmd.exe
cmd.exe
The module cmd.exe has been detected as Trojan.Injector
File Details
| Product Name: | Sistema operacional Microsoft® Windows® |
| Company Name: | Microsoft Corporation |
| MD5: | d43ff24e3526bc8ec29349d9ae7943ea |
| Size: | 391 KB |
| First Published: | 2018-08-13 16:02:55 (6 years ago) |
| Latest Published: | 2018-11-15 06:11:30 (5 years ago) |
| Status: | Trojan.Injector (on last analysis) | |
| Analysis Date: | 2018-11-15 06:11:30 (5 years ago) |
Common Places:
| %sysdrive%\backup\recuperação\windows\servicepackfiles |
| %sysdrive%\backup\recuperação\windows |
| %sysdrive%\fotos\windows |
| %sysdrive%\fotos\windows\servicepackfiles |
| %sysdrive%\backup jan-2014\jailson\unidade f disco 3\portable uso\programas sistemas\pc.optimizer.pro.6.1.3.2.portable\pc optimizer pro\%systemsystem% |
| %system% |
| %sysdrive%\i386 |
| %sysdrive%\install\xpsp3\i386 |
| %mydoc%\backup ronam\backap ronam\windows |
| %mydoc%\backup ronam\backap ronam\windows\system32 |
Geography:
| 100.0% |
OS Version:
| Windows 7 | 43.5% | |
| Windows XP | 39.1% | |
| Windows 10 | 17.4% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x4ad00000 |
| Entry Address: | 0x00005046 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 129024 | 22af9bd439f389bc0b54b8da41229930 |
| .data | 117248 | ac08e12c2ca9c0b872b354378edde336 |
| .rsrc | 153600 | 2107b3de45280ba50514373eda44088e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for cmd.exe
