Recommended Posts

While scanning and saying:

msmsrvc.exe is netmeeting program in service pack 3, A-Squared put halt msmsrvc.exe -trogan.Win32.Agent.Acmd1A2. is false positive?

A-2 did not removed this file "Cannot remove the file & Reboot winxp?"

When I clicked "auarantine" but firewall blocked it (OA firewall).

a-squared Free - Version 4.5

Last update: 4/20/2010 9:53:16 PM

Scan settings:

Scan type: Deep Scan

Objects: Memory, Traces, Cookies, C:\

Scan archives: On

Heuristics: Off

ADS Scan: On

Scan start: 4/20/2010 10:57:13 PM

C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe detected: Trojan.Win32.Agent.acmd!A2


Files: 56157

Traces: 711579

Cookies: 5

Processes: 32


Files: 1

Traces: 0

Cookies: 0

Processes: 0

Registry keys: 0

Scan end: 4/20/2010 11:51:47 PM

Scan time: 0:54:34

Share this post

Link to post
Share on other sites

Hi GreatK,

Please submit the file from the detection list to EMSI developers for analysis

File was submitted from here (that's FP)

File is system file belonging to previous Service Pack (v5.1.2600.2180)

Current version that resides in ... \system32\ ... is 5.1.2600.5512

Please do not attempt to quarantine/delete all that you can see is flagged by security -

especially when that is resided in the system area.

You did the similar last time as well

Be careful - investigate first. Read this Sticky

My regards

p.s. next time please attach reports if you want to post them instead of in-line posting as it's stated in Forum Posting Rules

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.