How to remove nircmd.exe
nircmd.exe
The module nircmd.exe has been detected as Risk.NirSoft
File Details
| Product Name: | NirCmd |
| Company Name: | NirSoft |
| MD5: | 831277cb4ca3c7897acd8fda2c189eca |
| Size: | 111 KB |
| First Published: | 2017-10-23 10:20:35 (7 years ago) |
| Latest Published: | 2018-12-17 20:51:19 (6 years ago) |
| Status: | Risk.NirSoft (on last analysis) | |
| Analysis Date: | 2018-12-17 20:51:19 (6 years ago) |
Common Places:
| %localappdata%\microsoft\windows sidebar\gadgets\batterymonitor.gadget\internal |
| %sysdrive%\program 1\yedek\torrent\tools |
File Names:
| nircmd64.exe |
| nircmd.exe |
Geography:
| 33.3% | ||
| 33.3% | ||
| 16.7% | ||
| 16.7% |
OS Version:
| Windows 7 | 66.7% | |
| Windows 10 | 33.3% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00014f10 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 82944 | fba9e98e1624e8ba60d2f17d2378cf58 |
| .rdata | 24064 | 4cfc6e8ea60c1cf9bbb03d47e678c27c |
| .data | 1024 | 6dbdafe031bc9357a6b66faacf26bfec |
| .pdata | 2560 | 363bfff6a375aefecce6ae907e250fc6 |
| .rsrc | 2560 | af497d952d6fd47ce96cf74ad684365a |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nircmd.exe
