How to remove RDPConf.exe

» File
File Details
Overview
Analysis

RDPConf.exe

The module RDPConf.exe has been detected as Risk.RemoteAdmin

RDPConf.exe

Remove RDPConf.exe

File Details

Main Info:

Product Name:	RDP Host Support
Company Name:	Stas'M Corp.
MD5:	03fb8e478f4ba100d37a136231fa2f78
Size:	1 MB
First Published:	2018-02-27 09:11:31 (7 years ago)
Latest Published:	2025-11-03 23:01:29 (2 weeks ago)

Analysis:

Status:	Risk.RemoteAdmin (on last analysis)
Analysis Date:	2025-11-03 23:01:29 (2 weeks ago)

Common Places:

%desktop%

%desktop%\rdp

%commonappdata%

%profile%\downloads\compressed

%sysdrive%\script_v3.4\tweak\termsrv

%sysdrive%\backups\clientes\cfc\servidor

%sysdrive%\0000

%profile%\downloads

%desktop%\downloads-apk\mouse server remote

%profile%\downloads\mouse server remote

Geography:

	21.5%
	10.5%
	6.7%
	5.7%
	5.3%
	4.3%
	4.3%
	3.8%
	3.3%
	2.9%
	2.4%
	1.9%
	1.9%
	1.4%
	1.4%
	1.4%
	1.4%
	1.4%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	1.0%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%
	0.5%

OS Version:

Windows 10	77.8%
Windows 7	15.1%
Windows 8.1	3.8%
Windows Server 2016	1.9%
Windows Server 2008 R2	0.9%
Windows Server 2012 R2	0.5%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000bbc78

PE Sections:

Name	Size of data	MD5
.text	760320	129e3fae9e85c88e7ae019fd6457650d
.itext	3584	97628668c98f466236a46589dcf119af
.data	9728	735b7bf7a3442ce46acaad3c11459c71
.bss	0	00000000000000000000000000000000
.idata	12800	e2d0ec8b50b85414a4c43840636fa0a9
.didata	1024	43121747f5451e5b356edcacc5d9e24a
.tls	0	00000000000000000000000000000000
.rdata	512	dc1b7e655b1f90a291d2062b840f6f13
.reloc	69632	d0cc471d68e85588de853a31d692812c
.rsrc	237568	22fcbc689257db568064e95138583ab7

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for RDPConf.exe

copyright for information about RDPConf.exe