Home How it works Support Boost Connect Download

Boost Connect

Uncovering the DNA of programs.
Good programs    
1
6
7
,
7
9
6
  
Fair programs  
0
1
1
,
1
2
0
  
Bad programs 
0
0
4
,
2
7
7

What is cmd.exe?

Part of Windows Command Processor by Microsoft

What is it?

Command processor in windows is the command prompt(cmd). To start Windows command processor use winkey + R this will open Run window.Just type in cmd and this will open command prompt of windows where you can run various commands.You can create,delete files and folders, list the directory contents and can perform many other functions in command prompt.
(cmd.exe is a system file that is installed with Windows)
Download Boost and enjoy your PC. Speed up Windows Command Processor and optimize your PC.

How does cmd.exe run?

Process - cmd.exe is an instance of a running program. This 32-bit program executes with the privileges as the currently logged in user account. cmd.exe is executed by the process explorer.exe (Windows Explorer by Microsoft).

How does cmd.exe start?

Startup files (all users) run once - cmd.exe is registered with the run identifier 'removeiMeshtoolbar' and the execution command 'cmd.exe /c RD /S /Q "C:\Program Files\iMesh Applications\MediaBar\Datamngr\ToolBar"' in the Windows registry HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce. RunOnce keys are used to launch a service or background process whenever a user logs into Windows. Once the application is launched for the first time its entry will be removed from the Registry so it does not run again when the user logins again. Applications here are designed to be used primarily by Setup programs.
Startup files (user) run once - cmd.exe is registered with the run identifier 'Del4058325' and the execution command 'cmd.exe /c del "C:\users\user\appdata\Local\Temp\0.del"' in the Windows registry HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce. RunOnce keys are used to launch a service or background process whenever a any PC user logs into Windows. Once the application is launched for the first time its entry will be removed from the Registry so it does not run again when a user logins again. Applications here are designed to be used primarily by Setup programs.
Startup files (all users) run - cmd.exe is registered with the run identifier 'AMD AVT' and the execution command 'Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml' in the Windows registry HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Run keys are startup registry keys that are used to launch an application automatically when any Windows user logs into Windows.
Startup files (user) run - cmd.exe is registered with the run identifier 'Bomgar_Cleanup_ZD12543155818005' and the execution command 'cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-au" & reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD12543155818005 /f' in the Windows registry HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Run keys are startup registry keys that are used to launch an application automatically when a user logs into Windows.
Scheduled task - cmd.exe is launched automatically by registering itself into the Windows Task Scheduler under the task name 'BoostApp'. Task Scheduler provides the ability to schedule the launch of programs or scripts at pre-defined times or after specified time intervals or even with event-based triggers.

Community

What is the community is seeing?What is the community is doing?
About 0.5% of all Boost users have the cmd.exe process running.Of the 0.5% of cmd.exe users, 11.1% have disabled it.
How resource intensive is cmd.exe?
Comparison based on the average resource utilization across all programs.
0.00015% CPU1480.4%
Average CPU utilization across all programs is 0.00001%.
     2.01 MB RAM9.3%
Average private memory utilization across all programs is 21.53 MB.
 2 /min0.1%
Average I/O read and write operations for all programs is 2,253 per minute.
         5 GDI objects3.3%
Average number of GUI GDI and USER objects for all programs is 150.
Typical file (disk image) location:
C:\Windows\System32\cmd.exe

Are there other versions of Windows Command Processor?

cmd.exe - version 6.3.9431.0 (winmain_bluemp.130615-1214)
cmd.exe - version 6.2.9200.16384 (win8_rtm.120725-1247)
cmd.exe - version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
cmd.exe - version 6.1.7601.17514 (win7sp1_rtm.101119-1850)
cmd.exe - version 6.1.7600.16385 (win7_rtm.090713-1255)
cmd.exe - version 6.1.7600.16385 (win7_rtm.090713-1255)
cmd.exe - version 6.0.6000.16386 (vista_rtm.061101-2205)
cmd.exe - version 5.1.2600.5512 (xpsp.080413-2111) (this)
Why are multiple of the same versions listed?

What else is related?

msvcp60.dll (Microsoft (R) Visual C++ by Microsoft)
rstrui.exe (System Restore Application by Microsoft)
dismhost.exe (Dism Host Servicing Process by Microsoft)
bcmsqlstartupsvc.exe (Business Contact Manager for Microsoft Outlook 2010 by Microsoft)
msonsext.dll (Microsoft Office by Microsoft)
encwcbar.dll (Microsoft Encarta by Microsoft)
workfolderssvc.dll (Microsoft® Work Folders Service by Microsoft)
appreadiness.dll (AppReadiness by Microsoft)
ole32.dll (Microsoft OLE for Windows by Microsoft)
microsoft.biztalk.brmacontrols.dll (Microsoft (R) BizTalk (R) Server 2010 by Microsoft)
ssoconfig.exe (Microsoft® Enterprise Single Sign-On by Microsoft)
webfarmservice.exe (Microsoft IIS Extensions by Microsoft)
tfsjobagent.exe (Microsoft® Visual Studio® 2010 by Microsoft)
tfsbuildservicehost.exe (Microsoft® Visual Studio® 2010 by Microsoft)
ruleengineupdateservice.exe (Microsoft (R) BizTalk (R) Server 2010 by Microsoft)
entsso.exe (Microsoft® Enterprise Single Sign-On by Microsoft)
btsntsvc.exe (Microsoft (R) BizTalk (R) Server 2010 by Microsoft)
drmstor.dll (Microsoft® Windows Media Services by Microsoft)
themeui.dll (API de tema do Windows by Microsoft)
ntbackup.exe (Utilitário de cópia de segurança do Windows by Microsoft)
browseui.dll (Biblioteca da interface de utilizador do browser da shell by Microsoft)
shdocvw.dll (Objecto Doc da shell e biblioteca de controlos by Microsoft)

What Windows OS versions does this run on?

Microsoft Windows XP (5.1.2600.196608)

About Microsoft Corporation

Microsoft, founded in 1975 by Bill Gates and Paul Allen, is a veteran software company, best known for its Microsoft Windows operating system and the Microsoft More...
Download Boost

File details

File name: cmd.exe
Publisher: Microsoft Corporation (verified)
Name: Windows Command Processor
Description: Microsoft® Windows® Operating System
Version: 5.1.2600.5512 (xpsp.080413-2111)
Product version: 5.1.2600.5512
Size: 380 KB
Original file name: Cmd.Exe.MUI
Windows file protection: Yes

Resource utilization

CPU utilization averages
Total CPU: 0.0003748695%
Privileged CPU: 0.0002268277%
User CPU: 0.00014804178344%
Privileged CPU time: 321.88 ms
Privileged CPU time /min: 0 ms
Memory utilization averages
Committed memory: 29.75 MB
Peak committed memory: 36.22 MB
Paged memory: 2.01 MB
Peak paged memory: 2.23 MB
Paged system memory: 57.77 KB
Non-paged system memory: 2.23 KB
Working set memory: 1.7 MB
Peak working set memory: 2.75 MB
Min working set memory: 1.63 MB
Private memory: 2.01 MB
Page faults: 821
Page faults /min: 2
Process I/O averages
Total read operations: 3
Read operations /min: 1
Total read transfer: 16.97 KB
Read transfer /min: 24 Bytes
Total write operations: 5
Write operations /min: 1
Total write transfer: 251.11 KB
Write transfer /min: 735 Bytes
Total other operations: 813
Other operations /min: 2
Total other transfer: 131.33 KB
Other Transfer /min: 122 Bytes
GUI Object Averages
GDI objects: 5
USER objects: 1
Resources
Handle count average: 32
Thread count average: 1
Thread resource averages

Process details

Runs as (owner): User
Integrety level: Undefined
Windows platform: 32-bit
Parent Process
explorer.exe (Windows Explorer by Microsoft)
Child Process
ping.exe (TCP/IP Ping Command by Microsoft)
Process Commands
"C:\WINDOWS\system32\CMD.exe"
"C:\WINDOWS\system32\cmd.exe"
"C:\WINDOWS\system32\cmd.exe" /c set /p x= & del /f /s "C:\DOCUME~1\user\LocalS~1\Temp\Bunndle\BUNNDL~1.DLL"

Startup files (all users) run once details

Name: Del1203196625
Command: cmd.exe /Q /D /c del "C:\users\user\appdata\Local\Temp\0.del"

Startup files (user) run once details

Name: Uninstall C:\Users\Darlene\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112
Command: C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\users\user\appdata\Local\Microsoft\SkyDrive\17.0.2003.1112"

Startup files (all users) run details

Name: Adobe Flash Player SU
Command: C:\Windows\System32\cmd.exe /k start httC://3zz.info/ && exit

Startup files (user) run details

Name: Bomgar_Cleanup_ZD12543155818005
Command: cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-au" & reg delete HKCU\Software\Microsoft\Windows\ CurrentVersion\Run /v Bomgar_Cleanup_ZD12543155818005 /f

Scheduled task details

Name: BoostApp
Command: \BoostApp

Image hashes

MD5: 6d778e0f95447e6546553eeea709d03c
SHA-1: 811a005cf787c6ccbe0d9f1c36c1d49a9cb71fd1
SHA-256: 62abed7d45040381bbced97ea7b6c697b418448fd3322fd4bfb2bbfdb6155eb4

PE image details

Subsystem: Windows Console
Langauge*: Microsoft Visual C++
File packed: No
Import Table
advapi32.dll
kernel32.dll
msvcrt.dll
ntdll.dll
user32.dll
winbrand.dll
Stay up to date with news about Boost
Subscribe to our newsletter to receive the latest Boost news and discounts.
  
Like on Facebook
Follow on Twitter
© 2023 Reason Software Company Inc.
228 Park Ave S #74122 New York, NY 10003
(646) 664-1038 | [email protected]
How it works Privacy Terms Support Contact Download Donate Reason Software, the makers of Boost logo

Download Boost and enjoy your PC.

Increase your PC's performance.
Remove unwanted crapware.
Reduce your boot time.
Identify and resolves crashes.
Download the FREE unlimited trial of Boost!
No spyware, no adware, no bundles, no tricks.
Download

Save 40% on Boost

For a limited time, from now until Tuesday, May 30, 2023 you can purchase Boost for 40% off of the normal price, only $39.95 $24.95.
The instant online savings will be automatically applied during checkout.
 

100% Satisfaction Guarantee

Purchase with confidence. We stand behind Boost.
If for any reason you are not satisfied with your software purchase, simply contact our Customer Support within 30 days, and we'll refund the purchase price. We won't make you jump through hoops to get all your money back!