Possible Malware? svchost.exe

Discussion in 'ESET Smart Security' started by mark407119, Feb 12, 2013.

Thread Status:
Not open for further replies.
  1. mark407119

    mark407119 Registered Member

    Joined:
    Feb 11, 2013
    Posts:
    2
    Location:
    USA
    Hi. I have recently installed ESET smart security. I ran the in-depth custom scan which came back with zero infections but a few errors with files not accessible.

    Afterwards I ran the Sysinspector which gave a "9: Risky" score to this file:

    "Module" = "c:\windows\system32\eventproviders\spcmsg.dll" ( 9: Risky ) ; SP Installer Msg Dll ; Microsoft Corporation ;
    "SHA1" = "069C71BD5E59AE119340C49B583CE89031EDEA94" ( 9: Risky ) ;
    "Last Write Time" = "2013/01/27 11:48" ( 9: Risky ) ;
    "Creation Time" = "2013/01/27 11:48" ( 9: Risky ) ;
    "File Size" = "13312" ( 9: Risky ) ;
    "File Description" = "SP Installer Msg Dll" ( 9: Risky ) ;
    "Company Name" = "Microsoft Corporation" ( 9: Risky ) ;
    "File Version" = "6.1.7601.17514 (win7sp1_rtm.101119-1850)" ( 9: Risky ) ;
    "Product Name" = "Microsoft® Windows® Operating System" ( 9: Risky ) ;
    "Internal Name" = "spcmsg.dll" ( 9: Risky ) ;
    "(Cloud) Age" = "2 years ago" ( 9: Risky ) ;
    "(Cloud) Volume" = "100000" ( 9: Risky ) ;
    "Linked to" = "Running processes -> svchost.exe -> c:\windows\system32\eventproviders\spcmsg.dll"

    Should I be concerned?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    What version of SysInspector (ESI) do you use? What version of the Anti-Stealth module is shown in the About section in the ESI log?
     
  3. mark407119

    mark407119 Registered Member

    Joined:
    Feb 11, 2013
    Posts:
    2
    Location:
    USA
    Thank you for the reply Marcos.

    I am using SysInspector version 6.0.308.0

    Anti-Stealth support module: 1038 (30130110)
     
Thread Status:
Not open for further replies.