MPSigStub.exe
- Thread starter Trying
- Start date
Without further information it is hard to say if the file is safe or not. Even if support from Microsoft is not sure about the file, it does not mean that the file is bad, it just means, they have so many files that they lost track 
The properties info of the file could be faked, so with the name and the info alone, there is no telling if the file is ok or not.
I believe it would be best if you would submit the file for analysis, if possible also include a Spybot and/or Hijackthis log. For example use this adress: detections-at-spybot.info (replace -at- with @ )
When submitting a suspicious file please, zip or rar the file an put a password like infected on the archive. Otherwise the file could be filtered by automatic scanners.
The properties info of the file could be faked, so with the name and the info alone, there is no telling if the file is ok or not.
I believe it would be best if you would submit the file for analysis, if possible also include a Spybot and/or Hijackthis log. For example use this adress: detections-at-spybot.info (replace -at- with @ )
When submitting a suspicious file please, zip or rar the file an put a password like infected on the archive. Otherwise the file could be filtered by automatic scanners.
Thanks for responding.
I got paranoid about having the program on my machine so I erased it. Can't send you a copy.
I also found a log file that has MPSigStub as part of the name and it appears that the program may be part of the upgrade or update process for Windows Defender. At any rate I haven't noticed any problems with my machine so I think everything is okay.
Again, Thanks for your help.
I got paranoid about having the program on my machine so I erased it. Can't send you a copy.
I also found a log file that has MPSigStub as part of the name and it appears that the program may be part of the upgrade or update process for Windows Defender. At any rate I haven't noticed any problems with my machine so I think everything is okay.
Again, Thanks for your help.
whereisian
New member
Same file found, have a copy
I also found this file on my fileserver. The server is running Windows 2003 and Windows defender. The file details also say MS. I haven't called them about it though.
It was found in F:\781115a6699d2ccd5d
I've attached a zip file with the .exe with the password of 'infected'. Any insight would be appreciated. Cheers.
I also found this file on my fileserver. The server is running Windows 2003 and Windows defender. The file details also say MS. I haven't called them about it though.
It was found in F:\781115a6699d2ccd5d
I've attached a zip file with the .exe with the password of 'infected'. Any insight would be appreciated. Cheers.
Last edited by a moderator:
tashi
Member of Team Spybot
Hello whereisian
Please see:
Infected Files. How To Submit. Please do not attach them here.
http://forums.spybot.info/showthread.php?t=1699
Thanks.
Please see:
Infected Files. How To Submit. Please do not attach them here.
http://forums.spybot.info/showthread.php?t=1699
Thanks.
whereisian
New member
Emailed
Sorry 'bout that. I've submitted via email.
Sorry 'bout that. I've submitted via email.
whereisian
New member
ping
Just seeing if anything was found.
Cheers
Just seeing if anything was found.
Cheers
Copied from Spyware-Net:
Description of mpsigstub.exe
This is a component of Microsoft Windows Application. Microsoft Windows Application is the widely popular Windows operating system. The Windows family of operating systems developed the point-and-click graphical user interface for easy interaction with programs and files.
Description of mpsigstub.exe
This is a component of Microsoft Windows Application. Microsoft Windows Application is the widely popular Windows operating system. The Windows family of operating systems developed the point-and-click graphical user interface for easy interaction with programs and files.
hdBattousai
New member
unusual way to run
i woke up this morning to my real time spyware shield tellin me a process (mpsigstub.exe) was trying to run from my external hard drive i went to look into this file and what it was where it was and why it was there it was in H:\1b3b00f54712297a6b47e4c2 witch wasn't there for 100 percent sure last night my updates dont run during the night so it shouldn't be anysort of update either so i tried to scan the file and avast tells me access is denied for a scan i checked the security properties of the file system has full access and user has none other than read and execute i thought all this was very odd for ANY standard running file also theres no signature in any way. i zipped the file up and put the "infected" password on in and im sending the file now if you can give me any information it would be much appreciated
i woke up this morning to my real time spyware shield tellin me a process (mpsigstub.exe) was trying to run from my external hard drive i went to look into this file and what it was where it was and why it was there it was in H:\1b3b00f54712297a6b47e4c2 witch wasn't there for 100 percent sure last night my updates dont run during the night so it shouldn't be anysort of update either so i tried to scan the file and avast tells me access is denied for a scan i checked the security properties of the file system has full access and user has none other than read and execute i thought all this was very odd for ANY standard running file also theres no signature in any way. i zipped the file up and put the "infected" password on in and im sending the file now if you can give me any information it would be much appreciated
hdBattousai
New member
actually i can't zip it up access is denied any help?
hdBattousai
New member
also i just noticed the file is changing its directory path by itself whenever i access it and exit it changes and when i told my spyware shield to blobk it it just straightt disapeared