How to remove temp.exe
temp.exe
The module temp.exe has been detected as Possible Threat
File Details
| Product Name: | NirCmd |
| Company Name: | NirSoft |
| MD5: | b417238213efb0d2a23562674406cdf9 |
| Size: | 114 KB |
| First Published: | 2017-06-20 15:07:43 (8 years ago) |
| Latest Published: | 2022-01-28 21:56:43 (3 years ago) |
| Status: | Possible Threat (on last analysis) | |
| Analysis Date: | 2022-01-28 21:56:43 (3 years ago) |
Common Places:
| %sysdrive%\xmr |
| %windir%\system32 |
| %localappdata%\temp |
| %appdata%\reg |
| %sysdrive%\amdj |
| %sysdrive%\windows |
| %appdata%\nirsoft utilities |
| %profile%\downloads\nircmd-x64 |
| %programfiles%\examsoft\examplify\services |
| %sysdrive%\windows_repair_toolbox\downloads\nirlauncher\nirsoft\x64 |
File Names:
| nircmd.exe |
| temp.exe |
| nircmd64.exe |
Geography:
| Turkey | 47.0% | |
| United States | 32.2% | |
| Russia | 4.7% | |
| Germany | 2.0% | |
| Italy | 2.0% | |
| Egypt | 2.0% | |
| Poland | 1.3% | |
| Guatemala | 1.3% | |
| Ukraine | 1.3% | |
| Australia | 0.7% | |
| Canada | 0.7% | |
| Romania | 0.7% | |
| Bulgaria | 0.7% | |
| Belgium | 0.7% | |
| Brazil | 0.7% | |
| Greece | 0.7% | |
| Israel | 0.7% | |
| Switzerland | 0.7% |
OS Version:
| Windows 10 | 72.0% | |
| Windows 7 | 16.7% | |
| Windows 8.1 | 9.3% | |
| Windows 8 | 2.0% |
Analysis
| Subsystem: | Windows GUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x000157a0 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 84992 | 0ca50d84d3085e20d30eeb3704c2b582 |
| .rdata | 24064 | cc641fbefd74279348972a1b74a8238a |
| .data | 1024 | 4d0cc2ffced8ae85e5f5ad6c7577bad4 |
| .pdata | 2560 | 5d5482d8b165e5048d2a5f12805629a1 |
| .rsrc | 3072 | d08ef5be09c0faefd3f5fb05998c760e |
More information:
Download GridinSoft
Anti-Malware - Removal tool for temp.exe
