Malware

RemoteAdmin.Win32.RDPWrap.b removal tips

Malware Removal

The RemoteAdmin.Win32.RDPWrap.b is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RemoteAdmin.Win32.RDPWrap.b virus can do?

  • Creates RWX memory
  • Unconventionial language used in binary resources: Russian
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine RemoteAdmin.Win32.RDPWrap.b?



File Info:

crc32: 29DD63D6
md5: 03fb8e478f4ba100d37a136231fa2f78
name: RDPConf.exe
sha1: 98685c37a6140701220c476449bee3f4e1fd28ef
sha256: 3c0e5d6863b03283afda9bd188501757d47dc57fc4bba2bdbb0d9baa34487fe0
sha512: 9d9052691c046e7268543b56c623ea2e9289f226b6c1f6449fbf5e2890f4b66d98e7bc312c663387d9f19d8f1b8b8959f9271fa0e2a51fc15791e29c49d908da
ssdeep: 24576:JwewFB5btX9uALSTRMab+wBySRX7ADs9UXOAPOA:At9UMSJADsaXOAPOA
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 Stas'M Corp. 2017
InternalName: RDPConf
FileVersion: 1.4.0.0
CompanyName: Stas'M Corp.
LegalTrademarks: Stas'M Corp.
Comments: http://stascorp.com
ProductName: RDP Host Support
ProductVersion: 1.6.2.0
FileDescription: RDP Configuration Program
OriginalFilename: RDPConf.exe
Translation: 0x0409 0x04e4

RemoteAdmin.Win32.RDPWrap.b also known as:

McAfeeRemAdm-RemoteAdmin.p
ZillyaTool.RDPWrap.Win32.10
AegisLabRiskware.Win32.RDPWrap.1!c
SangforMalware
K7AntiVirusRemoteTool ( 0053f8421 )
K7GWRemoteTool ( 0053f8421 )
TrendMicroHKTL_RADMIN.GZ
APEXMalicious
ClamAVWin.Trojan.Agent-6645876-0
Kasperskynot-a-virus:RemoteAdmin.Win32.RDPWrap.b
AlibabaRiskWare:Win32/RDPWrap.b7e1fdb2
F-SecurePrivacyRisk.SPR/RemoteAdmin.AN
McAfee-GW-EditionRemAdm-RemoteAdmin.p
SophosRDPWrap (PUA)
CyrenW32/Trojan.KVPF-3661
JiangminRemoteAdmin.RDPWrap.b
AviraSPR/RemoteAdmin.AN
Antiy-AVLRiskWare[RemoteAdmin]/Win32.RDPWrap
ZoneAlarmnot-a-virus:RemoteAdmin.Win32.RDPWrap.b
AhnLab-V3Unwanted/Win32.Rdpwrap.C2632304
CylanceUnsafe
PandaPUP/RemoteAdmin
TrendMicro-HouseCallHKTL_RADMIN.GZ
RisingMalware.Undefined!8.C (CLOUD)
MaxSecureTrojan.Malware.10885958.susgen

How to remove RemoteAdmin.Win32.RDPWrap.b?

RemoteAdmin.Win32.RDPWrap.b removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment