msmsgs.exe
Messenger by Microsoft Corporation (Signed)
Warning 7 antivirus scanners has detected malware in various versions of msmsgs.exe.
Overview
There are 33 versions of msmsgs.exe in the wild, the latest version being 5.1.0715. msmsgs.exe is run as a standard windows process with the logged in user's account privileges. The process displays a GUI (graphical user interface) which allows the user to interact with it as well as displays a notification icon in the taskbar. By adding a startup entry to the run registry key, the file will be executed when the user logs into Windows. It is integrated as a plugin to Internet Explorer and will load for each instance of IE. The average file size is about 1.61 MB. The file is a digitally signed and issued to Microsoft Corporation by Microsoft Corporation. Some variations of the file have been seen to be installed with the program Windows Messenger 5.1 from Microsoft Corporation. During the process's lifecycle, the typical CPU resource utilization is about 0.0034% including both foreground and background operations, the average private memory consumption is about 2.53 MB with the maximum memory reaching around 3.28 MB. Addionally, typically read and write I/O disk operations is about 472 Bytes per minute for reads and 1.31 KB per minute for writes.
What is msmsgs.exe?
Windows Messenger is a client by Microsoft that is included in Windows. It has a variety of features, such as instant messaging, presence awareness, support for Session Initiation Protocol (SIP), file transfer, application sharing and whiteboarding. The software integrates with Microsoft Exchange, Microsoft Outlook, Outlook Express, and the Remote Assistance feature of Windows XP.
About msmsgs.exe (from Microsoft Corporation)
“Share photos and videos while you chat. Video chat in high definition or send a video message to a friend. And connect your social networks to see important updates in one place—Messenger. Have more f”
Details |
File name: | msmsgs.exe |
Publisher: | Microsoft Corporation |
Product name: | Messenger |
Description: | Windows Messenger |
Typical file path: | C:\Program Files\messenger\msmsgs.exe |
Certificate |
Issued to: | Microsoft Corporation |
Authority (CA): | Microsoft Corporation |
Effective date: | Friday, October 24, 2003 |
Expiration date: | Monday, January 24, 2005 |
Programs installed in
(Note, the programs listed below are for all versions of Messenger.)
Microsoft Windows Messenger allows real-time communication with other contacts who use Windows Messenger and who are signed in to the same instant messaging service.
Behaviors
(Note, the behaviors below are for all versions of msmsgs.exe, select a unique version for details.)
Internet Explorer extensions
- CLSID: {FB5F1910-F110-11d2-BB9E-00C04F795683}
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'MSMSGS' → "C:\Program Files\Messenger\Msmsgs.exe" /background
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\Messenger\msmsgs.exe'
- Firewall exception for 'C:\Program Files\Messenger\msmsgs.exe'
- Firewall exception for 'C:\Program Files\Messenger\msmsgs.exe'
Malware detections
Based on 40+ industry antivirus scanners, 7 of them detected the following malware.
Antivirus engine | Engine version | Detection | File version |
Comodo Internet Security |
15136 |
Heur.Suspicious |
4.7.3001 |
Comodo Internet Security |
12645 |
Heur.Suspicious |
4.7.3001 |
The Hacker |
None |
W32/Mabezat.b |
4.7.3000 |
The Hacker |
6.7.0.1.114 |
W32/Mabezat.b |
4.7.3000 |
The Hacker |
None |
W32/Mabezat.b |
4.7.3000 |
The Hacker |
6.8.0.5.388 |
W32/Mabezat.b |
4.7.3000 |
The Hacker |
None |
W32/Mabezat.b |
4.7.3000 |
All file variations of msmsgs.exe
Distribution by Windows OS
OS version | distribution |
Microsoft Windows XP |
95.56% |
|
Windows 7 Home Premium |
2.22% |
|
Windows XP Professional |
2.22% |
|
Distribution by country
Hong Kong installs about 13.64% of Messenger.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Dell |
21.62% |
|
GIGABYTE |
18.92% |
|
American Megatrends |
18.92% |
|
ASUS |
16.22% |
|
Sahara |
8.11% |
|
Hewlett-Packard |
5.41% |
|
Intel |
5.41% |
|
MSI |
5.41% |
|