What is rcp.exe?
rcp.exe is a legitimate executable file developed by Microsoft Corporation. This process is known as TCP/IP Remote Copy Command and it belongs to Windows Operating system. It is commonly stored in C:\Windows\System32. Cybercriminals find a way out to mimic malicious programs in the name of rcp.exe to spread malware infection.
Affected Platform: Windows OS
How to detect whether your system is affected by rcp.exe?
Viruses can easily affect and corrupt “.exe” files causing several system malfunctions. Below are the symptoms to check if your system is infected with the malware:
- Problem during computer start-up.
- Problem during program start-up.
- Errors while running specific functions.
- Damaged and missing link files.
- Conflict in the process.
- Missing or corrupted driver files.
- Invalid Windows registry.
- Hardware malfunction.
To further establish the infection of malware, take the following steps:
- Go to Task Manager by pressing the combination of keys CTRL+ALT+DEL.
- Go to the process tab and right-click on the rcp.exe file and open its location.
If the file is located outside C:\Windows\System32, then you should perform an antivirus scan to get rid of the malware infection.
How does Comodo Antivirus help you to protect your system from rcp.exe malware?
Comodo Antivirus protects your system from malware attacks and also removes any existing infections. Following are the steps to effectively purge out the rcp.exe malware from your system.
Step 1: Download and install Comodo Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
Step 4: Restart your PC.
Step 5: Wait until the Comodo Internet Security updates the antivirus.
Step 6: Initiate a quick scan that instantly begins after the update.
Step 7: If the system is infected with rcp.exe malware or any other threats, you will be prompted with an alert screen upon scanning.
Step 8: Comodo Antivirus will remove rcp.exe malware from your computer including all other malwares!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Microsoft Corporation | Executable | 950b26ebb1231d1f f0b1591b7c0aea04 523dc122 |
6fbd3a7d5a13c3d4 8f38ebacc6389510 |
Virus.Win32. Parite.gen |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
 United Arab Emirates |
N/A |
| 2 | Microsoft Corporation | Executable | 92b9f5f23b31dd92 7267677b612d3ef4 a85b2f82 |
affba2c9bcb2ecd8 c0ff7d9be14ceff4 |
Virus.Win32. Virut.Ce |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
 Italy |
N/A |
| 3 | Microsoft Corporation | Executable | 96db137d7ba178f8 503b671e5ee083bf f0a77211 |
71fc0b917e46da91 edfa12ecc7089629 |
Virus.Win32. Virut.CE |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
 156.220.2.23/32 |
N/A |
| 4 | Microsoft Corporation | Executable | 907af33abd53d38c 9f8ffc3634db610e d23fc65c |
a226033a9900666c 39e5b5f6b3681eef |
Unclassified Malware |
No | 6.00.2600. 0000 (xpclient. 010817-114 8) |
6.00.2600. 0000 |
Internal Submission |
N/A |
Taiwan
Egypt
Bulgaria
Greece
Europe
Ukraine
Russian Federation| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | N/A | Non-executable | 3347430c14e1ffbd 481d665a606522a8 281b9de2 |
7acb9e4b2d92b7f3 4040aae81aa0af48 |
No | N/A | N/A | 10.224.1.117/32 |
| 2 | Arcom Communications | Executable | 9ff794af61288743 b25c750c2da6bb1a cbece925 |
0f8c68ad6791b10f 6723c18183f63559 |
No | 5.00.0002 | 5.00.0002 | Internal Submission |
| 3 | Microsoft Corporation | Executable | aade3bbf0543aea5 1820d9ea2cc6b5e3 c522e736 |
c3cfbf5b88e7ed4a 4ee20b9673e626cb |
No | 5.00.2134. 1 |
5.00.2134. 1 |
Internal Submission |
| 4 | N/A | Executable | 54fd6d29b9ed8caf e9e93728f46646d6 caf653a8 |
91e80103f9e93e18 e17f2755d78f406a |
No | N/A | N/A |  United States |
Poland
