What is NIRCMD.exe?
NIRCMD.exe is a legitimate process file popularly known as NirCmd. It is associated with Nirmd by NirSoft. It is located in C:\Program files by default.
Malware programmers write virus files with malicious scripts and save them as NIRCMD.exe with an intention to spread virus on the internet.
Affected Platforms: Windows OS
How to determine if your computer is infected with NIRCMD.exe malware?
Look out for the these symptoms to check if your PC is infected with NIRCMD.exe malware:
- Unstable internet connection
- NIRCMD.exe occupies extra CPU space
- PC processing speed slows down
- Browser often redirects to irrelevant websites
- Browser is bombarded with hordes of popup ads
- Computer screen freezes repeatedly
Take the following steps to diagnose your PC for possible NIRCMD.exe malware attack:
Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.
Step 2: If you notice the file located outside C:\Program files perform an antivirus scan to get rid of the malware.
How to remove NIRCMD.exe malware from system using Comodo Antivirus?
Step 1: Download our award-winning Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
Step 4: Restart your PC after the installation gets over
Step 5: Wait for Comodo Internet Security to update the software for virus protection.
Step 6: Proceed with the quick scan that automatically begins after the update.
Step 7: If threats are found during the scanning, you will be notified through an alert screen.
Step 8: Comodo Antivirus will remove NIRCMD.exe malware from your computer including all other malwares!
Windows OS PC Security Softwares:
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | NirSoft | Executable | a6fabdfc665eca4d 91294d6fbcbd141c 3aaabde1 |
1d3a6db35b193580 efbc786fee7dbcca |
Virus.Win32. Sality.gen |
No | 2.65 | 2.65 |  Ukraine |
N/A |
| 2 | NirSoft | Executable | 915d06bfc4628079 34eba4e983a3fc28 a2d42385 |
c93fb1d74dd90d37 7bdffbe677a33336 |
Virus.Win32. Sality.gen |
No | 2.71 | 2.71 |  186.156.243.105/32 |
N/A |
| 3 | NirSoft | Executable | 2de7f26f6e084b8e 5a61602c0a2c73dc 3cf83794 |
f8bf997c12aa28ec fe957088baa57579 |
Virus.Win32. Sality.gen |
No | 1.85 | 1.85 |  Brazil |
N/A |
| 4 | NirSoft | Executable | 4e9e5753e9adb8ad 503b016534753a41 f68b6a30 |
6a00c12491cb8da8 721c4e916e250e08 |
Packed.Win32 .MUPX.Gen |
No | 2.81 | 2.81 | 10.224.25.40/32 |
N/A |
Turkey
Russian Federation
Poland
United States| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | NirSoft | Executable | 20cd453fcac9d996 0b0076715d985a55 784a6b53 |
5ed4728caa339c2a 7479102f0c04c087 |
No | 2.86 | 2.86 | 10.108.22.193/32 |
| 2 | NirSoft | Executable | 466cf02efdd7c1e6 086c95ab4b792cd4 44024da3 |
80cce4afc880cde9 f75dc4e8b497da80 |
No | 2.75 | 2.75 | 10.108.51.116/32 |
| 3 | NirSoft | Executable | 60e2f48a51c061bb a72a08f34be78135 4f87aa49 |
a1cd6a64e8f8ad5d 4b6c07dc4113c7ec |
No | 2.86 | 2.86 | 10.224.25.107/32 |
| 4 | NirSoft | Executable | 04bf7acc7d0aa74f a750f7c32fdebbbe 1daf46f8 |
b417238213efb0d2 a23562674406cdf9 |
No | 2.81 | 2.81 | 10.108.22.205/32 |
