Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 7.04%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.47%
6.2.9200.16384 (win8_rtm.120725-1247) 17.37%
6.2.9200.16384 (win8_rtm.120725-1247) 1.88%
6.1.7601.17514 (win7sp1_rtm.101119-1850) 17.84%
6.1.7601.17514 (win7sp1_rtm.101119-1850) 37.09%
6.1.7600.16385 (win7_rtm.090713-1255) 3.29%
6.1.7600.16385 (win7_rtm.090713-1255) 2.82%
6.0.6000.16386 (vista_rtm.061101-2205) 7.51%
6.0.6000.16386 (vista_rtm.061101-2205) 0.47%
5.1.2600.5512 (xpsp.080413-2111) 4.23%

Relationships

Parent process
Child processes
Related files

cmd.exe

Windows Command Processor by Microsoft

Remove cmd.exe
Version:   6.3.9600.16384 (winblue_rtm.130821-1623)
MD5:   fc0b4a626881d7c5980d757214db2d25
SHA1:   0c2e3cf2d2f09792960a73dc772a086e99a96764
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is cmd.exe?

Command processor in windows is the command prompt(cmd).
To start Windows command processor use winkey + R this will open Run window.Just type in cmd and this will open command prompt of windows where you can run various commands.You can create,delete files and folders, list the directory contents and can perform many other functions in command prompt.

Overview

cmd.exe executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This is typically installed with the program Watch_Dogs published by Ubisoft. and is compiled as a 64 bit program.

DetailsDetails

File name:cmd.exe
Publisher:Microsoft Corporation
Product name:Windows Command Processor
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\cmd.exe
Original name:Cmd.Exe.MUI
File version:6.3.9600.16384 (winblue_rtm.130821-1623)
Product version:6.3.9600.16384
Size:347.5 KB (355,840 bytes)
Build date:8/22/2013 3:03 AM
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Watch_Dogs
 Ubisoft
12% remove
You play as Aiden Pearce, a brilliant hacker and former thug, whose criminal past led to a violent family tragedy. While seeking justice for those events, you'll monitor and hack those around you by manipulating the ctOS from the palm of your hand. You'll access omnipresent security cameras, download personal information to locate a target, control traffic lights and public transportation to stop the enemy... and more. Set in Chicago, w...

BehaviorsBehaviors

Startup files (all users) run once
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'FastFoxUninstall5' → cmd.exe /C rmdir /Q "C:\users\user\appdata\Roaming\NCH Software"
  • 'FastFoxUninstall4' → cmd.exe /C rmdir /Q "C:\users\user\appdata\Roaming\NCH Software\Program Files"
  • 'FastFoxUninstall3' → cmd.exe /C rmdir /S /Q "C:\users\user\appdata\Roaming\NCH Software\Program Files\FastFox"
  • 'FastFoxUninstall2' → cmd.exe /C rmdir /Q "C:\Program Files\NCH Software\FastFox"
  • 'FastFoxUninstall' → cmd.exe /C rmdir /S /Q "C:\Program Files\NCH Software\FastFox"
  • 'DelTr4467046' → cmd.exe /c rd /s /q "C:\users\user\appdata\Roaming\mysearchdial"
  • 'Del1639781' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del125888062' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del95943703' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del32322796' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del160256437' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del43786750' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del43774332' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del1203196625' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del94878045' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del326931' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del136013075' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'removeiMeshdatamngr' → cmd.exe /c RD /S /Q "C:\Program Files\Search Results Toolbar"
  • 'Del52821423' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'removeiLividdatamngr' → cmd.exe /c RD /S /Q "C:\Program Files\Search Results Toolbar"
  • 'Del153953127' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'removeSearchqutoolbar' → cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar"
Startup files (user) run once
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce'
  • 'Uninstall C:\Users\Adilson\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
  • 'Uninstall C:\Users\StoneyBC\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
  • 'Uninstall C:\Users\StoneyBC\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64"
  • 'DelTr4467046' → cmd.exe /c rd /s /q "C:\users\user\appdata\Roaming\mysearchdial"
  • 'Del1639781' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Uninstall C:\Users\Brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
  • 'Uninstall C:\Users\Brandon\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
  • 'Uninstall C:\Users\Татьяна\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
  • 'Del32322796' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Uninstall C:\Users\centrogum\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
  • 'Del43786750' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Del43774332' → cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"
  • 'Uninstall C:\Users\Janine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64' → C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64"
  • 'Uninstall C:\Users\prettymomma\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2011.0627"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2010.0530"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_5' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2006.0314_5"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_5\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2006.0314_5\amd64"
  • 'Uninstall C:\Users\Angela Doran\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_5\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2003.1112_5\amd64"
  • 'Uninstall C:\Users\Eric Feller\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64' → C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'CMD' → cmd.exe /k if %datC:~6,4%%datC:~3,2%%datC:~0,2% LEQ 20130909 (exit) else (start httC://alt-rutor.org && exit)
  • 'Adobe Flash Player SU' → C:\Windows\System32\cmd.exe /k start httC://3zz.info/ && exit
  • 'AMD AVT' → Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Bomgar_Cleanup_ZD12543155818005' → cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-au" & reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD12543155818005 /f
Scheduled tasks
  • The job 'BoostApp' runs in the path '\BoostApp'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00000099%
0.028634%
Kernel CPU:0.00000099%
0.013761%
Kernel CPU time:7,813 ms/min
100,923,805ms/min
CPU cycles:48/sec
17,470,203/sec
Memory
Private memory:1.5 MB
21.59 MB
Private (maximum):2.15 MB
Private (minimum):1.3 MB
Non-paged memory:1.5 MB
21.59 MB
Virtual memory:13.14 MB
140.96 MB
Virtual memory (peak):13.71 MB
169.69 MB
Working set:1.31 MB
18.61 MB
Working set (peak):2.16 MB
37.95 MB
Page faults:604/min
2,039/min
I/O
I/O other transfer:0 Bytes/sec
448.09 KB/min
I/O other operations:1/sec
1,671/min
Resource allocations
Threads:1
12
Handles:32
600

BehaviorsProcess properties

Integrety level:Medium
Platform:64-bit
Command lines:
  • C:\Windows\System32\cmd.exe /c ""C:\users\user\desktop\cpuminer-gc3355-win32-sandor111-tui\miner-start.bat" "
  • cmd /c ""C:/manageengine/servicedesk/pgsql/bin/postgres.exe" -d "C:/manageengine/servicedesk/pgsql/data" -p65432 < "nul" 2>&1"
Owner:User
Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 33.00%
Windows 7 Ultimate 17.00%
Windows 8 Pro 9.50%
Windows 7 Professional 6.00%
Windows 8 5.50%
Windows Vista Home Premium 5.00%
Windows 7 Home Basic 4.50%
Windows 8.1 4.50%
Microsoft Windows XP 4.00%
Windows 8 Pro with Media Center 2.50%
Windows 8.1 Pro 1.50%
Windows 7 Ultimate N 1.50%
Windows 7 Starter 1.00%
Windows Vista Home Basic 1.00%
Windows 8.1 Single Language 0.50%
Windows 8.1 Enterprise Evaluation 0.50%
Windows 8.1 Pro with Media Center 0.50%
Windows Vista Ultimate 0.50%
Windows 8.1 Pro Preview with Media Center 0.50%
Windows 8 Pro N 0.50%
Windows 8 Enterprise N 0.50%
21 other Windows OS version

Distribution by countryDistribution by country

United States installs about 49.75% of Windows Command Processor.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 26.84%
Dell 18.95%
Toshiba 13.68%
ASUS 11.58%
Acer 7.89%
Lenovo 7.37%
GIGABYTE 3.68%
Samsung 3.68%
Sony 3.16%
Gateway 1.05%
Intel 1.05%
Compaq 1.05%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE