Jump to content

why is cmd.exe attempting to launch bcdedit.exe?


Recommended Posts

I was on Wilders Security Forum last night when all of a sudden Online Armor prompted me asking if I wanted to allow Cmd.exe to launch bcdedit.exe. I was not familiar with bcdedit so I Googled it, and discovered bcdedit is the primary tool for editing the boot configuration. I was not installing anything at the time, and the only web page I was on was Wilders. The only other web application I was using at the time was Tixati, but I was not downloading anything executable. I had already downloaded the latest Windows updates the day before this occurred.  I decided to block bcdedit.exe from launching because I did not know why any application would be silently trying to change my boot configuration. I did a scan with Hitman Pro, and Malwarebytes. I did not find anything. I also have NOD 32 installed. Is this harmless, or more likely a threat?

post-2846-0-05985000-1405021492_thumb.jpg

Link to comment
Share on other sites

It is unlikely that cmd.exe starts bcdedit.exe directly. More likely one application or script is running bcdedit.exe through cmd.exe (Batch scripts for example). Unfortunately Online Armor doesn't resolve the inheritance properly at this time. However, if it happens again you can look at the process tree using a tool like Process Explorer or Process Hacker to find out the process that is actually calling cmd.exe and ultimately bcdedit.exe.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...