Re: msrcsnt.exe

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 08/18/05

  • Next message: Dan: "Re: Local Security Settings"
    Date: Thu, 18 Aug 2005 15:34:33 -0500
    
    

    It probably is malware or a parasite [spyware/adware/hijack].

    You could try submitting it to http://www.virustotal.com/flash/index_en.html
    to see what is found. Also check your services [services.msc] to see if any
    bogus services have been added using that file. If your antivirus/parasite
    detection and removal programs do not detect it you probably can get rid of
    it by booting into safe mode to remove the file and registry entries. Tools
    such as Process Explorer, TCPView, and Autoruns from SysInternals can help
    determine what is going on. Autoruns will allow you to try and stop the
    process from starting and TCPView will let you know if it is associated with
    a port being used on your computer. --- Steve

    http://www.sysinternals.com/utilities/autoruns.html --- Autoruns and link
    to SysInternals

    "NETCRAMMER" <netcrammer@yahoo.com> wrote in message
    news:uIDP4DDpFHA.1412@TK2MSFTNGP09.phx.gbl...
    > Does anyone have a clue what this file is (msrcsnt.exe)? it's found in the
    > system32 dir
    > and in the HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
    > registry key.
    > Virus? Worm?
    > I could not find anything on MS site nor on web.
    >
    > TIA!!!
    >
    >


  • Next message: Dan: "Re: Local Security Settings"

    Relevant Pages

    • Re: Anyone know how to remove and verify these hacking tools are gone?
      ... harden it and your network to prevent the same from happening again. ... In particular download TCPView, Process ... Explorer, Autoruns, and PsList. ... Process Explorer will give much ...
      (microsoft.public.win2000.group_policy)
    • Re: Anyone know how to remove and verify these hacking tools are gone?
      ... harden it and your network to prevent the same from happening again. ... In particular download TCPView, Process ... Explorer, Autoruns, and PsList. ... Process Explorer will give much ...
      (microsoft.public.win2000.security)
    • Re: Ping of Death
      ... Two tools that may help are TCPView and Process Explorer which are free from ... SysInternals. ... Process Explorer will give more detailed info on the process. ... > Hi one of our Servers is doing a regular ping of death, ...
      (microsoft.public.win2000.networking)
    • Re: BBN IAD
      ... I don't know offhand but I suggest that you use TCPView and Process Explorer from ... SysInternals to find out. ... TCPView will show what open ports map to what ...
      (microsoft.public.win2000.security)