How to remove $RB49KUD.sys

$RB49KUD.sys

The module $RB49KUD.sys has been detected as Risk.RemoteAdmin

$RB49KUD.sys
Remove $RB49KUD.sys

File Details

Product Name:

UltraVnc miniport driver2
Company Name:

UVNC BVBA
MD5: 621c40398b1a0242acbcc2ba65c23a66
Size: 11 KB
First Published: 2017-08-20 12:09:43 (7 years ago)
Latest Published: 2018-09-12 05:03:53 (6 years ago)
Status: Risk.RemoteAdmin (on last analysis)
Analysis Date: 2018-09-12 05:03:53 (6 years ago)

Overview

Signed By: uvnc bvba
Status: Valid

Common Places:

%programfiles%\opiekunnet\konsola\vnc\driver\vista64\driver
%system%\drivers
%system%\driverstore\filerepository\mv2.inf_amd64_neutral_33f6848fb0f6ad6d
%sysdrive%\$recycle.bin\s-1-5-21-3440705321-3869224375-2206127129-1001
%programfiles%\ultravnc\driver\vista64\driver
%programfiles%\izex\nethelper client v7.0 x64
%system%
%programfiles%\ultravnc\driver\vista64
%sysdrive%\vnc\drivers\vista64
%programfiles%\izex

File Names:

mv2.sys
$RB49KUD.sys
vista_mv2.sys

Geography:

45.8%
29.2%
12.5%
4.2%
4.2%
2.1%
2.1%

OS Version:

Windows 7 72.9%
Windows 10 25.0%
Windows Server 2008 R2 2.1%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000010000
Entry Address: 0x00005008

PE Sections:

Name Size of data MD5
.text 512 82b341ddd90e3c50c69d8f7d435001ec
.rdata 512 6c9136f8773d5f1309e7a5b085b888d1
.data 512 043c46095689123e1f5be96c109c2f46
.pdata 512 a32fb8b8f58627cb6cff5eec9c191083
INIT 512 872500d433d47501bef27d892a4d5aaa
.rsrc 1024 5b776b12354b6e74d023d34d54856dc9

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for $RB49KUD.sys
copyright for information about $RB49KUD.sys