How to remove nircmd.exe
nircmd.exe
The module nircmd.exe has been detected as Trojan.Agent
File Details
| Product Name: | NirCmd |
| Company Name: | NirSoft |
| MD5: | a1cd6a64e8f8ad5d4b6c07dc4113c7ec |
| Size: | 44 KB |
| First Published: | 2020-01-02 00:11:12 (5 years ago) |
| Latest Published: | 2025-06-10 23:01:04 (a week ago) |
| Status: | Trojan.Agent (on last analysis) | |
| Analysis Date: | 2025-06-10 23:01:04 (a week ago) |
Common Places:
| %appdata% |
| %desktop%\nirsoft_package_enc_1.23.3 |
| %desktop%\hb-ttg10.5\data\libs |
| %sysdrive%\scrapbook\20200301173440 |
| %sysdrive%\scrapbook plus 1.10.25.42 56.0b9\core\scrapbook plus 1.10.25.42 56.0b9\scrapbook\data\20200301173440 |
| %sysdrive%\scrapbook 2\20200301173440 |
| %sysdrive%\download\nirsoft_package_enc_1.23.15 |
| %desktop%\win.iso\projects\include\x86\additionalfiles\windows |
| %profile%\downloads\programs |
| %profile%\downloads\programs |
Geography:
| 9.3% | ||
| 8.7% | ||
| 6.4% | ||
| 6.4% | ||
| 5.8% | ||
| 5.8% | ||
| 5.8% | ||
| 5.2% | ||
| 4.7% | ||
| 4.1% | ||
| 4.1% | ||
| 3.5% | ||
| 2.9% | ||
| 2.9% | ||
| 2.3% | ||
| 2.3% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 1.2% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% |
OS Version:
| Windows 10 | 83.7% | |
| Windows 7 | 13.4% | |
| Windows 8.1 | 1.7% | |
| Windows Server 2016 | 1.2% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x00019ef0 |
PE Sections:
| Name | Size of data | MD5 |
| UPX0 | 0 | 00000000000000000000000000000000 |
| UPX1 | 41472 | f6762d6e7218ba6a7208bc7e3a005b6a |
| .rsrc | 3072 | 524b3e8eab715b7df24c43adb2da2f22 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for nircmd.exe
