What is Mstsc.exe?
Mstsc.exe is a leigitmate file. It is also called Remote Desktop Connection and it belongs to Microsoft Corporation. It is used to call the remote system in command line, It is commonly stored in C:\Windows\System32. The cyber criminals create malware with the fake name mstsc.exe to spread infections via Internet to damage the software and hardware.
Affected Platform: Windows OS
How to check if your computer is infected with Mstsc.exe malware?
When the system performance is very low and if you find Internet connection is flutuating. Check the task manager by pressing the combination of keys ctrl+alt+del and go to the process tab to check the location of mstsc.exe then right click on that to open the location, if the location is C:\Windows\System32, then the system is safe and secure, if it is located somewhere else, then the system is affected by mstsc.exe malware.
How to remove the Mstsc.exe malware from system using Comodo Antivirus?
Step 1: Download our award-winning Comodo Free Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
Step 4: Restart your PC.
Step 5: It will take some time for the Comodo Internet Security to update the antivirus.
Step 6: Proceed with a quick scan that automatically begins after the update.
Step 7: If threats are found during the scanning, you will be prompted with an alert screen.
Step 8: Comodo Antivirus will remove theMstsc.exe malware from your computer including all other malwares!
First Seen: 12 October 2011 at 2:44 am
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Microsoft Corporation | Executable | 1cfb0c8bf2377cd8 d3a06258687b8207 1cd5d2ab |
57df6458ad001a1f 8cf7623ea06ea20e |
Virus.Win32. Expiro.ew |
No | 6.0.6001.1 8000 (longhorn_ rtm.080118 -1840) |
6.0.6001.1 8000 |
 United States |
N/A |
| 2 | Microsoft Corporation | Executable | 3702ab7113ddee30 4e91b797a5aad5ff d6a60a64 |
554205c17e4f26d0 530833fee32516cd |
TrojWare.Win 32.TrojanDow nloader.Agen t.~d057 |
No | 5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710) |
5.2.3790.3 959 |
 Taiwan |
N/A |
| 3 | Microsoft Corporation | Executable | f09f637ec7d358f7 9f9c170a7383276c f0e0cae4 |
1b31ba6a296618dd faf2cfdd234d11a7 |
Virus.Win32. Virut.CE |
No | 6.1.7601.1 7514 (win7sp1_r tm.101119- 1850) |
6.1.7601.1 7514 |
 Vietnam |
N/A |
| 4 | Microsoft Corporation | Executable | a8595b8eaaf255a5 9027c07280223676 d83277f5 |
571875f4d4112c4c 328a5ec784482947 |
Virus.Win32. Parite.gen |
No | 6.0.6001.1 8000 (longhorn_ rtm.080118 -1840) |
6.0.6001.1 8000 |
 10.224.1.116/32 |
N/A |
Turkey
Poland
Belarus
Egypt
Italy
Nigeria
Brazil
Indonesia
UkraineFirst Seen: 03 January 2010 at 1:04 pm
| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | Microsoft Corporation | Executable | 9e57724e8041b93b 6b380b233165529e 99cd24e8 |
5ff04f97c32cd350 f936d4cd268cb4f8 |
No | 10.0.17134 .112 (WinBuild. 160101.080 0) |
10.0.17134 .112 |
United States |
| 2 | Microsoft Corporation | Executable | 32ed6c846193721b 5e6b6fe9a1a7c780 af5fffdc |
1f8b5bbe48b4daa7 a5bed7c3a4e4dd43 |
No | 10.0.19041 .3570 (WinBuild. 160101.080 0) |
10.0.19041 .3570 |
United States |
| 3 | Microsoft Corporation | Executable | ad137ebd81e68901 2ad5500ffeb706e6 d105b3bd |
dbf6e6c065720949 973478029a8f5875 |
No | 5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158) |
5.1.2600.2 180 |
Internal Submission |
| 4 | N/A | Non-executable | 4f1c4e12d1e81577 d6412e5825bf8e45 94f3e941 |
f434e067be32f318 c53af69c0dfd40b0 |
No | N/A | N/A |  Russian Federation |
Germany
United Kingdom
Japan
Satellite Provider
