What is rcp.exe?
rcp.exe is a legitimate executable file developed by Microsoft Corporation. This process is known as TCP/IP Remote Copy Command and it belongs to Windows Operating system. It is commonly stored in C:\Windows\System32. Cybercriminals find a way out to mimic malicious programs in the name of rcp.exe to spread malware infection.
Affected Platform: Windows OS
How to detect whether your system is affected by rcp.exe?
Viruses can easily affect and corrupt “.exe” files causing several system malfunctions. Below are the symptoms to check if your system is infected with the malware:
- Problem during computer start-up.
- Problem during program start-up.
- Errors while running specific functions.
- Damaged and missing link files.
- Conflict in the process.
- Missing or corrupted driver files.
- Invalid Windows registry.
- Hardware malfunction.
To further establish the infection of malware, take the following steps:
- Go to Task Manager by pressing the combination of keys CTRL+ALT+DEL.
- Go to the process tab and right-click on the rcp.exe file and open its location.
If the file is located outside C:\Windows\System32, then you should perform an antivirus scan to get rid of the malware infection.
How does Comodo Antivirus help you to protect your system from rcp.exe malware?
Comodo Antivirus protects your system from malware attacks and also removes any existing infections. Following are the steps to effectively purge out the rcp.exe malware from your system.
Step 1: Download and install Comodo Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
Step 4: Restart your PC.
Step 5: Wait until the Comodo Internet Security updates the antivirus.
Step 6: Initiate a quick scan that instantly begins after the update.
Step 7: If the system is infected with rcp.exe malware or any other threats, you will be prompted with an alert screen upon scanning.
Step 8: Comodo Antivirus will remove rcp.exe malware from your computer including all other malwares!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Microsoft Corporation | Executable | 7e1680a6304532ef 73ba97e9eb5c2181 48241025 |
135ba4a349fb5bf9 b86fa464531177a7 |
Virus.Win32. Virut.CE |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
 102.41.88.6/32 |
N/A |
| 2 | Microsoft Corporation | Executable | 950b26ebb1231d1f f0b1591b7c0aea04 523dc122 |
6fbd3a7d5a13c3d4 8f38ebacc6389510 |
Virus.Win32. Parite.gen |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
 United Arab Emirates |
N/A |
| 3 | Microsoft Corporation | Executable | 92b9f5f23b31dd92 7267677b612d3ef4 a85b2f82 |
affba2c9bcb2ecd8 c0ff7d9be14ceff4 |
Virus.Win32. Virut.Ce |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
 Italy |
N/A |
| 4 | Microsoft Corporation | Executable | 96db137d7ba178f8 503b671e5ee083bf f0a77211 |
71fc0b917e46da91 edfa12ecc7089629 |
Virus.Win32. Virut.CE |
No | 5.1.2600.5 512 (xpsp.0804 13-0852) |
5.1.2600.5 512 |
156.220.2.23/32 |
N/A |
Taiwan
Turkey
Egypt
Bulgaria
Ukraine
Russian Federation
Greece
Europe
India| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | N/A | Executable | b8df542213f12196 1dfe5c334b949dfa 7c4da91e |
53e1e1d713d49e2f 0658e682949fdd43 |
No | N/A | N/A |  United States |
| 2 | REKORD | Executable | 081a40373a43f995 fc333576eee831bb 87643a3e |
b738fcc10b606b63 bf2a4ae089023a81 |
No | 2.0.146.41 6 |
2.0.146.41 6 |
10.224.25.96/32 |
| 3 | N/A | Non-executable | 4f6976a3ef0ae30e cd9e4b3aa1386874 a7987aba |
e4a452c7f2753192 60faaf8dc03827b5 |
No | N/A | N/A | 10.108.22.232/32 |
| 4 | N/A | Non-executable | 3347430c14e1ffbd 481d665a606522a8 281b9de2 |
7acb9e4b2d92b7f3 4040aae81aa0af48 |
No | N/A | N/A | 10.224.1.117/32 |
Poland
