ms16prn.exe - Dangerous

ms16prn.exe

Manual removal instructions:

Antivirus Report of ms16prn.exe:
ms16prn.exe Malware
ms16prn.exeDangerous
ms16prn.exeHigh Risk
ms16prn.exe
Backdoor.Throd.a
Throd is a Trojan that allows a 'master' to use the zombie machine as a proxy server.

The Trojan copies itself in the Windows system folder under a randomly combined multi-partite name:
ms, svc, win, 16, 32, 64, mes, prn, reg
"ms16prn.exe", for example.

In order to auto-launch, the Trojan creates a key in the system registry:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
with one of the following names chosen at random:
MS Driver Management
Synchronization Messager
System Directory Service
System Service Control
Windows Messaging System

Throd then attempts to connect to several remote servers and onpass ID information, including IP address and so forth, to the virus coder.
Throd accepts commands from the remote 'master' collets email addresses from the MS Outlook address book in to the mseml.dll file
and uses an http commands to send them to the same remote sites.
Throd can install and launch random files on command.
Throd also works as a proxy server and is capable of accepting and sending any type of data.

Automatic removal:
Use RegRun Startuip Optimizer to remove this worm.

Remove ms16prn.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.