Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.0.0.390 20.00%
6.0.0.381 20.00%
6.0.0.339 20.00%
5.4.0.148 20.00%
5.2.2.121 20.00%

Relationships

Parent process
Child process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
ImpersonateSelf, GetUserNameA, RegNotifyChangeKeyValue, DuplicateToken, ConvertSidToStringSidW, CheckTokenMembership, RevertToSelf, RegEnumValueW, ImpersonateNamedPipeClient, OpenThreadToken, StartServiceCtrlDispatcherW, OpenSCManagerW, DeregisterEventSource, ReportEventW, RegisterEventSourceW, DeleteService, ControlService, ChangeServiceConfig2W, CloseServiceHandle, RegEnumKeyW, ChangeServiceConfigW, GetSecurityDescriptorLength, OpenServiceW, RegOpenKeyW, MakeSelfRelativeSD, CreateServiceW, StartServiceW, QueryServiceStatus, SetServiceStatus, RegisterServiceCtrlHandlerW, RegQueryValueExW, RegFlushKey, RegDeleteKeyW, RegSetValueExW, RegDeleteValueW, RegCreateKeyExW, RegOpenKeyExW, RegEnumKeyExW, RegQueryInfoKeyW, RegCloseKey, GetSecurityDescriptorSacl, SetSecurityDescriptorDacl, GetSecurityDescriptorDacl, SetSecurityDescriptorGroup, GetSecurityDescriptorGroup, GetTokenInformation, SetSecurityDescriptorOwner, GetSecurityDescriptorOwner, IsValidSid, GetLengthSid, GetAce, GetAclInformation, AddAce, OpenProcessToken, InitializeAcl, InitializeSecurityDescriptor, SetSecurityInfo, MakeAbsoluteSD, CopySid, GetSecurityInfo, GetSidSubAuthority, GetSecurityDescriptorControl, InitializeSid, GetSidLengthRequired
kernel32.dll
GetPrivateProfileSectionNamesW, GetPrivateProfileSectionW, GetSystemDefaultLCID, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, EnumUILanguagesW, GetUserDefaultLCID, IsValidLocale, GetLocaleInfoW, GetUserDefaultLangID, ConvertDefaultLocale, WriteFile, SetFilePointer, OutputDebugStringA, FileTimeToDosDateTime, FileTimeToLocalFileTime, GetFileAttributesExA, MoveFileW, GetFileSizeEx, FormatMessageA, GetComputerNameA, GetSystemTimeAsFileTime, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetStartupInfoW, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, LoadLibraryA, InterlockedCompareExchange, GetVersionExA, GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, HeapAlloc, HeapDestroy, CreateFileW, DeleteFileW, FindFirstFileW, FindClose, FindNextFileW, GetModuleFileNameA, GetCurrentThread, GetTickCount, WideCharToMultiByte, SetProcessWorkingSetSize, SetEnvironmentVariableW, GetProcAddress, LoadLibraryW, Sleep, lstrlenA, OutputDebugStringW, DebugBreak, SetErrorMode, GetCommandLineW, SetConsoleCtrlHandler, GetEnvironmentVariableW, lstrcpynW, GetFileAttributesW, GetWindowsDirectoryW, WaitForSingleObject, CreateEventW, FindResourceExW, LockResource, WaitForMultipleObjects, LoadLibraryExW, FreeLibrary, FindResourceW, LoadResource, GetModuleFileNameW, SizeofResource, GetModuleHandleW, InterlockedDecrement, InitializeCriticalSection, InterlockedIncrement, lstrlenW, MultiByteToWideChar, DeleteCriticalSection, lstrcmpiW, LeaveCriticalSection, EnterCriticalSection, FlushInstructionCache, SetEvent, OpenEventW, RaiseException, CloseHandle, GetCurrentProcessId, GetLocalTime, GetLastError, LocalFree, SetLastError, GetVersionExW, GetCurrentThreadId, GetCurrentProcess
msvcp80.dll
DllMain
msvcr80.dll
DllMain
ole32.dll
CoInitializeSecurity, CLSIDFromProgID, CoTaskMemAlloc, CoTaskMemFree, CoTaskMemRealloc, CoFreeUnusedLibraries, CoMarshalInterThreadInterfaceInStream, CoCreateInstance, CoInitializeEx, CoUninitialize, StringFromGUID2, CoRevokeClassObject, CoRegisterClassObject, CoInitialize, CoCreateGuid, StringFromCLSID, CoImpersonateClient, CoRevertToSelf, CoDisconnectObject, CoGetInterfaceAndReleaseStream
shell32.dll
SHCreateDirectoryExW
shfolder.dll
SHGetFolderPathW
shlwapi.dll
PathFileExistsW, SHSetValueW, PathStripPathW, PathRenameExtensionW, PathFindFileNameW, PathAppendW, PathFindFileNameA, PathFindExtensionA
user32.dll
UnregisterClassA, GetProcessWindowStation, CreateWindowExW, RegisterClassExW, GetClassInfoExW, CallWindowProcW, LoadCursorW, SetWindowLongW, GetWindowLongW, DefWindowProcW, DestroyWindow, CharNextW, wsprintfW, PostThreadMessageW, MessageBoxW, wvsprintfW, LoadStringW, GetMessageW, TranslateMessage, DispatchMessageW, MsgWaitForMultipleObjects, PeekMessageW, GetUserObjectInformationA
userenv.dll
UnloadUserProfile

myAgtSvc.exe

McAfee Security-as-a-Service by McAfee (Signed)

Remove myAgtSvc.exe
Version:   5.2.2.121
MD5:   b87beb634f4bc08c2c5e319a5f7b66a4
SHA1:   75669d70f1d72ca4cb8325f5403611053fd48b87
SHA256:   323ce64c562b0e264f5d83737193cf016dea9f3473796254cdb9b5b3727073ab

Overview

myagtsvc.exe runs as a service under the name McAfee Virus and Spyware Protection Service (myAgtSvc) with extensive SYSTEM privileges (full administrator access). The file is digitally signed by McAfee which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:myagtsvc.exe
Publisher:McAfee, Inc.
Product name:McAfee® Security-as-a-Service
Description:Managed Services Agent
Typical file path:C:\Program Files\mcafee\managed virusscan\agent\myagtsvc.exe
File version:5.2.2.121
Product version:5.2.2
Size:284.24 KB (291,064 bytes)
Certificate
Issued to:McAfee
Authority (CA):VeriSign
Effective date:Wednesday, October 5, 2011
Expiration date:Tuesday, December 31, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

BehaviorsBehaviors

Service
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'myAgtSvc' (McAfee Virus and Spyware Protection Service)
Network connections
  • [UDP] listens on port 6516
  • [UDP] listens on port 6514

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00651678%
    0.028634%
    Kernel CPU:0.00265312%
    0.013761%
    User CPU:0.00386367%
    0.014873%
    Kernel CPU time:4,820 ms/min
    100,923,805ms/min
    CPU cycles:2,345,065/sec
    17,470,203/sec
    Memory
    Private memory:6.31 MB
    21.59 MB
    Private (maximum):8.3 MB
    Private (minimum):4.31 MB
    Non-paged memory:6.31 MB
    21.59 MB
    Virtual memory:94.21 MB
    140.96 MB
    Virtual memory (peak):102.54 MB
    169.69 MB
    Working set:6.63 MB
    18.61 MB
    Working set (peak):12.37 MB
    37.95 MB
    Page faults:29,586/min
    2,039/min
    I/O
    I/O read transfer:21.21 KB/sec
    1.02 MB/min
    I/O read operations:159/sec
    343/min
    I/O write transfer:1.89 KB/sec
    274.99 KB/min
    I/O write operations:4/sec
    227/min
    I/O other transfer:2.89 KB/sec
    448.09 KB/min
    I/O other operations:251/sec
    1,671/min
    Resource allocations
    Threads:16
    12
    Handles:343
    600

    BehaviorsProcess properties

    Integrety level:System
    Platform:64-bit
    Command lines:
    • "C:\Program Files\mcafee\managed virusscan\agent\myagtsvc.exe" /servicestart
    • "C:\Program Files\mcafee\managed virusscan\agent\myagtsvc.exe" /rundll=rumorserver.dll;servicehost
    Owner:SYSTEM
    Windows Service
    Service name:myAgtSvc
    Display name:McAfee Virus and Spyware Protection Service
    Description:“Contrôle les activités d'analyse et de mise à jour du poste de travail pour le service de protection antivirus et antispyware.”
    Type:Win32OwnProcess, InteractiveProcess
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    myAgtSvc.exe (main module)
    Total CPU:0.01878711%
    0.272967%
    Kernel CPU:0.01049037%
    0.107585%
    User CPU:0.00829673%
    0.165382%
    CPU cycles:473,529/sec
    5,741,424/sec
    Memory:284 KB
    1.16 MB
    wow64.dll (Win32 Emulation on NT64 by Microsoft)
    Total CPU:0.00985165%
    Kernel CPU:0.00431879%
    User CPU:0.00553286%
    CPU cycles:185,066/sec
    Memory:252 KB
    ntdll.dll
    Total CPU:0.00026342%
    Kernel CPU:0.00026342%
    User CPU:0.00000000%
    CPU cycles:8,357/sec
    Memory:1.66 MB

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Professional 40.00%
    Windows 8 20.00%
    Windows Vista Ultimate 20.00%
    Windows 7 Home Premium 20.00%

    Distribution by countryDistribution by country

    United States installs about 40.00% of McAfee® Security-as-a-Service.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    ASUS 33.33%
    Intel 33.33%
    Lenovo 33.33%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE