mssyncr.exe - Dangerous

%sysdir%\mssyncr.exe

Fix it immediately:

Manual removal instructions:

Antivirus Report of %sysdir%\mssyncr.exe:

%sysdir%\mssyncr.exe	Malware
%sysdir%\mssyncr.exe	Dangerous
%sysdir%\mssyncr.exe	High Risk

%sysdir%\mssyncr.exe

Trojan Anits.

Copy his body to files:
%System%\mssyncr.exe
%Windir%\services.exe

Uses Active Setup key to autostartup.
"StubPath = %system%\mssyncr.exe"
Key:
HKM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44AC6201-B203-10CC-1f32-A0BC12E2014D}

Adds the value:
"LoginSessionDisable" = "1"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAS Autodial\Control
to prevent the Trojan from causing the system to dial to an ISP.

- Downloads a web page from the domain, microsoft.com, to verify that it is connected to the Internet.
Next, the Trojan attempts to download and execute files from the following domains:
geocities.com
cruel-intentionz.net

Remove it from startup,
go to the
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAS Autodial\Control\"LoginSessionDisable".
Set default value to "".

Remove mssyncr.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.

mssyncr.exe - Dangerous

%sysdir%\mssyncr.exe

Fix it immediately:

Manual removal instructions:

Dmitry Sokolov:

Testimonials

Download for free

Links

Select