We checked up the file MSMSGRS.EXE and found it hazardous.
The file MSMSGRS.EXE must be deleted from the system immediately.
Kill the process MSMSGRS.EXE and remove MSMSGRS.EXE from the Windows startup.
Malware Analysis of MSMSGRS.EXE
Full path on a computer: %SysDir%\msmsgrs.exe
Detected by UnHackMe:
MSMSGRS.EXE
Default location: %SysDir%\msmsgrs.exe
Removal Results: Success
Number of reboot: 1
MSMSGRS.EXE is known as:
Trojan.BHO.Exploit.RpcDcom
MSMSGRS.EXE hash:
- MD5: 1176e444d886a47f71356be1622ea281
How to quickly detect MSMSGRS.EXE presence?
Registry:
- HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “Explorer.exe msmsgrs.exe”
Files:
- %SysDir%\history.log
- %SysDir%\msmsgrs.exe