How to remove nircmd.exe
nircmd.exe
The module nircmd.exe has been detected as General Threat
File Details
| Product Name: | NirCmd |
| Company Name: | NirSoft |
| MD5: | 1d56c98258b6d70f56baa32380dea992 |
| Size: | 27 KB |
| First Published: | 2017-10-11 17:08:52 (7 years ago) |
| Latest Published: | 2022-03-31 23:16:30 (2 years ago) |
| Status: | General Threat (on last analysis) | |
| Analysis Date: | 2022-03-31 23:16:30 (2 years ago) |
Common Places:
| %programfiles%\total commander\soft\usdownloader |
| %sysdrive%\total_s\programm |
| %sysdrive%\system volume information\_restore{b32572c7-6c18-468c-840d-e185c3e04c16} |
| %programfiles%\total commander\soft |
Geography:
| 85.7% | ||
| 14.3% |
OS Version:
| Windows 7 | 57.1% | |
| Windows XP | 28.6% | |
| Windows 10 | 14.3% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00011fe0 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | 00000000000000000000000000000000 |
| UPX1 | 25088 | 84df6592d475160447f42997ab7570ab |
| .rsrc | 2048 | 40476047931a3de90427ad488bd49b74 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nircmd.exe
