RemoteAdmin.Win32.RDPWrap.c removal instruction

The RemoteAdmin.Win32.RDPWrap.c is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What RemoteAdmin.Win32.RDPWrap.c virus can do?

Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Unconventionial language used in binary resources: Russian
Sniffs keystrokes

How to determine RemoteAdmin.Win32.RDPWrap.c?


File Info:
crc32: 4F390AEA
md5: 8f82226b2f24d470c02f6664f67f23f7
name: RDPCheck.exe
sha1: 66f40824b406c748846ef11e6b022958f8cbe48b
sha256: 5603338a1f8dbb46efb8e0869db3491d5db92f362711d6680f91ecc5d18bfadf
sha512: 04bc1f785bddf264699fb6bf6fce9652af8c95872f8fef93540f0b86df2e93ced910f01dc54a76a5425d2f5446d587df6ad20d8976fc4be7e9ce3511eb4b00ee
ssdeep: 12288:AR55BK3IsHoeGoE0SYmsjRwH/fD/sK3wzBOSdzIaVI99l/rk9gvQJg7:81KY2oeGTKRqPCBOSd0aVIHloI
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright xa9 Stas'M Corp. 2015
InternalName: RDPCheck
FileVersion: 2.2.0.0
CompanyName: Stas'M Corp.
LegalTrademarks: Stas'M Corp.
Comments: http://stascorp.com
ProductName: RDP Host Support
ProductVersion: 1.6.0.0
FileDescription: Local RDP Checker
OriginalFilename: RDPCheck.exe
Translation: 0x0409 0x04e4

RemoteAdmin.Win32.RDPWrap.c also known as:

CAT-QuickHeal	RemoteAdmin.RDPWrap
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
K7GW	RemoteTool ( 0053f8421 )
K7AntiVirus	RemoteTool ( 0053f8421 )
APEX	Malicious
ClamAV	Win.Trojan.Agent-6301884-0
Kaspersky	not-a-virus:RemoteAdmin.Win32.RDPWrap.c
Alibaba	RiskWare:Win32/RDPWrap.03f6d75c
NANO-Antivirus	Riskware.Win32.Rdpwrap.eyvlpq
AegisLab	Riskware.Win32.RDPWrap.1!c
F-Secure	PrivacyRisk.SPR/RemoteAdmin.560333
DrWeb	Program.Rdpwrap.1
TrendMicro	HackTool.Win32.Radmin.GJ
MaxSecure	Trojan.Malware.10816499.susgen
Sophos	RDPWrap (PUA)
Jiangmin	RemoteAdmin.RDPWrap.c
Avira	SPR/RemoteAdmin.560333
ZoneAlarm	not-a-virus:RemoteAdmin.Win32.RDPWrap.c
Zoner	Trojan.Win32.65664
TrendMicro-HouseCall	HackTool.Win32.Radmin.GJ
Yandex	Riskware.RemoteAdmin!

How to remove RemoteAdmin.Win32.RDPWrap.c?

RemoteAdmin.Win32.RDPWrap.c removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X