home

MsgSys.exe

Messenger

Shield Apps

The application MsgSys.exe by Shield Apps has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
ShieldApps  (signed by Shield Apps)

Product:
Messenger

Version:
4.0.122.0

MD5:
70b9953ce56df6a313bf0972d88d94ea

SHA-1:
4e0db13bfa695874da94bdb34055434217994cd5

SHA-256:
2d70728fba7abee12254bbeb954ed9d96cec5b37dff3f507d02970fe30f48f0e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/16/2024 1:02:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.10.15.9

File size:
671.1 KB (687,160 bytes)

Product version:
4.0.122.0

Copyright:
Copyright (C) ShieldApps 2012. All rights reserved.

Original file name:
MsgSys.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\mastertools\tray\msgsys.exe

Digital Signature
Signed by:
Shield Apps

Authority:
COMODO CA Limited

Valid from:
5/24/2012 2:00:00 AM

Valid to:
5/25/2013 1:59:59 AM

Subject:
CN=Shield Apps, O=Shield Apps, STREET="5042 Wilshire blvd #18607", L=Los Angeles, S=California, PostalCode=90036, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00F905A195D3B1CCF823462D6C5EEECD72

File PE Metadata
Compilation timestamp:
2/13/2013 12:43:01 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:O2lj8GOwoTbf6SlKsa3STAiq3pl+Dw7sWd6ZKINECaLdja5vFLnnv3PSY:2G6hy+DwWKImVdjktjfPSY

Entry address:
0x31FF7

Entry point:
E8, 9B, B1, 00, 00, E9, 79, FE, FF, FF, 6A, 0C, 68, 48, FB, 47, 00, E8, B7, 07, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 50, 1A, 49, 00, 77, 22, 6A, 04, E8, C3, 84, 00, 00, 59, 83, 65, FC, 00, 56, E8, CA, 8C, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, C3, 07, 00, 00, C3, 6A, 04, E8, BE, 83, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 0F, 87, A1, 00, 00, 00, 53, 57, 8B, 3D, 24, 11, 47, 00, 83, 3D, FC, FC, 48, 00, 00, 75, 18, E8, 85, A5, 00...
 
[+]

Code size:
445.5 KB (456,192 bytes)

Remove MsgSys.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.