How to remove nircmd.exe
nircmd.exe
The module nircmd.exe has been detected as Trojan.Agent
File Details
| Product Name: | NirCmd |
| Company Name: | NirSoft |
| MD5: | a1cd6a64e8f8ad5d4b6c07dc4113c7ec |
| Size: | 44 KB |
| First Published: | 2020-01-02 00:11:12 (5 years ago) |
| Latest Published: | 2025-10-15 23:00:28 (a month ago) |
| Status: | Trojan.Agent (on last analysis) | |
| Analysis Date: | 2025-10-15 23:00:28 (a month ago) |
Common Places:
| %appdata% |
| %desktop%\nirsoft_package_enc_1.23.3 |
| %desktop%\hb-ttg10.5\data\libs |
| %sysdrive%\scrapbook\20200301173440 |
| %sysdrive%\scrapbook plus 1.10.25.42 56.0b9\core\scrapbook plus 1.10.25.42 56.0b9\scrapbook\data\20200301173440 |
| %sysdrive%\scrapbook 2\20200301173440 |
| %sysdrive%\download\nirsoft_package_enc_1.23.15 |
| %desktop%\win.iso\projects\include\x86\additionalfiles\windows |
| %profile%\downloads\programs |
| %profile%\downloads\programs |
Geography:
| 9.7% | ||
| 9.2% | ||
| 8.1% | ||
| 5.9% | ||
| 5.4% | ||
| 5.4% | ||
| 5.4% | ||
| 4.9% | ||
| 4.3% | ||
| 3.8% | ||
| 3.8% | ||
| 3.8% | ||
| 3.8% | ||
| 3.2% | ||
| 2.7% | ||
| 2.2% | ||
| 1.1% | ||
| 1.1% | ||
| 1.1% | ||
| 1.1% | ||
| 1.1% | ||
| 1.1% | ||
| 1.1% | ||
| 1.1% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% |
OS Version:
| Windows 10 | 84.9% | |
| Windows 7 | 12.4% | |
| Windows 8.1 | 1.6% | |
| Windows Server 2016 | 1.1% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00019ef0 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | 00000000000000000000000000000000 |
| UPX1 | 41472 | f6762d6e7218ba6a7208bc7e3a005b6a |
| .rsrc | 3072 | 524b3e8eab715b7df24c43adb2da2f22 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nircmd.exe
