» msngrss.exe
Overview
Analysis
File Details

msngrss.exe

Microsoft Live Messenger

The executable msngrss.exe has been detected as malware by 27 anti-virus scanners.

File name:

msngrss.exe

Publisher:

Microsoft Live Messenger

Product:

Microsoft Live Messenger

Version:

9.5.2.3

MD5:

081feca15a245873dab836c6225656bd

SHA-1:

2f3e2b374b5dcfc1c4a52a6066f70385a0fc170c

SHA-256:

984eea08ae915268fcba0b089ada3e9b286de79c61b63dca6d84420e6d696a0e

Scanner detections:

27 / 68

Status:

Malware

Explanation:

The software cotains keystroke monitoring/logging capablities which may or may not be installed without the user's knowledge.

Analysis date:

4/1/2025 7:17:44 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Suspicious

7.1.1

AhnLab V3 Security

Trojan/Win32.Genome

2013.06.04

Avira AntiVirus

TR/FakeMSN.E

7.11.82.162

avast!

Win32:Spyware-gen [Spy]

2014.9-170315

Bitdefender

Gen:Trojan.Heur.3K0@r89HTbmG

1.0.20.370

Comodo Security

TrojWare.Win32.Spy.Banker.Gen

16371

Emsisoft Anti-Malware

Gen:Trojan.Heur.3K0@r89HTbmG

8.17.03.15.07

ESET NOD32

Win32/FakeMSN (variant)

11.8408

Fortinet FortiGate

W32/Banker.U!tr.pws

3/15/2017

F-Prot

W32/SysVenFak.A.gen

v6.4.7.1.166

F-Secure

Gen:Trojan.Heur.3K0@r89HTbmG

11.2017-15-03_4

G Data

Gen:Trojan.Heur.3K0@r89HTbmG

17.3.22

IKARUS anti.virus

Trojan-Spy.Win32.Banker.add

t3scan.2.0.3.0

K7 AntiVirus

Trojan

13.170.8800

Kaspersky

Trojan.Win32.Genome

14.0.0.-1314

McAfee

Artemis!081FECA15A24

5600.6094

Microsoft Security Essentials

Trojan:Win32/Delf

1.163.1557.0

MicroWorld eScan

Gen:Trojan.Heur.3K0@r89HTbmG

18.0.0.222

NANO AntiVirus

Trojan.Win32.FakeMSN.oryez

0.24.0.52593

Norman

Banker.FOFU

11.20170315

Panda Antivirus

Generic Trojan

17.03.15.07

Quick Heal

Spyware.Keylogger (Not a Virus)

3.17.12.00

Sophos

Mal/Banker-U

4.89

Trend Micro House Call

TROJ_SPNR.0CA012

7.2.74

Trend Micro

TROJ_SPNR.0CA012

10.465.15

Vba32 AntiVirus

Trojan.Svchost.5505

3.12.22.2

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

18396

File size:

895.8 KB (917,248 bytes)

Product version:

9.5.2.1

Microsoft Live Messenger

Trademarks:

Microsoft Live Messenger

Original file name:

Microsoft Live Messenger

File type:

Executable application (Win32 EXE)

Language:

Urdu (República Islâmica do Paquistão)

Common path:

C:\Windows\System32\msngrss.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x123000

Entry point:

60, 66, D3, FD, 0F, 84, 02, 00, 00, 00, 87, E9, 2B, F0, D3, D6, 77, 02, 87, C1, 0F, 8A, 03, 00, 00, 00, C1, D6, 38, 87, F1, 7B, 01, 40, 66, C1, C6, AC, 8B, CE, 48, E8, 0B, 00, 00, 00, 7D, 83, 04, 24, 04, C3, 74, 11, 75, 0F, 77, 83, C4, 04, 76, F6, 77, F4, 73, E8, E9, FF, FF, FF, EA, EB, F8, 7C, 0F, 8C, 03, 00, 00, 00, C1, D0, 8C, BF, 69, 8C, 4B, CD, 66, 33, D5, B8, 28, 31, 52, 00, 46, 68, D1, 07, CC, 6D, F9, 5D, 0F, 84, 03, 00, 00, 00, 66, D3, CF, F8, 68, 3E, 00, 00, 00, 4A, 5B, E8, 0B, 00, 00, 00, EB, 7E... 
[+]

Code size:

1.2 MB (1,239,040 bytes)

Remove msngrss.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.