What is Psinfo.exe?
Psinfo.exe is a legitimate process file popularly known as Sysinternals PsInfo. It belongs to Sysinternals PsInfo, developed by Sysinternals. It is located in C:\Windows\System32 by default.
Malware programmers write virus files with malicious scripts and save them as Psinfo.exe with an intention to spread virus on the internet.
Affected Platforms: Windows OS
How to determine if your computer is infected with Psinfo.exe malware?
Look out for these symptoms to check if your PC is infected with Psinfo.exe malware:
- Unstable internet connection
- Psinfo.exe occupies extra CPU space
- PC processing speed slows down
- Browser often redirects to irrelevant websites
- Browser is bombarded with hordes of popup ads
- Computer screen freezes repeatedly
Take the following steps to diagnose your PC for possible Psinfo.exe malware attack:
Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.
Step 2: If you notice the file located outside C:\Window\System32, perform an antivirus scan to get rid of the malware.
How to remove Psinfo.exe malware from system using Comodo Antivirus?
Step 1: Download our award-winning Free Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
Step 4: Restart your PC after the installation gets over.
Step 5: Wait for Comodo Internet Security to update the antivirus.
Step 6: Proceed with the quick scan that automatically begins after the update.
Step 7: If threats are found during the scanning, you will be notified through an alert screen.
Step 8: Comodo Antivirus will remove Psinfo.exe malware from your computer including all other malwares!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | N/A | Executable | 4c4f3d89f7592f29 118b0f225eed04ef 12e592ac |
04c0b78be8b70409 31b8a5e5aa071d16 |
TrojWare.Win 32.Inject.d1 7 |
No | N/A | N/A |  India |
N/A |
| 2 | N/A | Executable | 44f29ffcfbb24527 73fe8a1ebc280da5 bef7e129 |
b4598e81f8b457ac 6b74f7b21b99babe |
TrojWare.Win 32.Agent.NVA |
No | N/A | N/A |  Myanmar |
N/A |
| 3 | Sysinternals - www.sysinternals.com | Executable | 3f83adff48b17631 387f96bed29aa4ba a95d3c37 |
2c5d969bd1e5c8fa a864fd7ee67c24d7 |
Virus.Win32. Sality.gen |
No | 1.75 | 1.75 |  Brazil |
N/A |
| 4 | Synaptics | Executable | 6509b50ff7568b97 4d00b9f291ab1bd3 44c56e82 |
d29da3fc9d160105 989b21015293465f |
Virus.Win32. Agent.DE |
No | 1.0.0.4 | 1.0.0.0 |  10.224.25.177/32 |
N/A |
Australia
Netherlands| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | Sysinternals | Executable | d8cf5250dc2043cd 722f0f2a109e4c5e f414d39f |
715e9f1a7af55583 bbc8b51967b378d8 |
No | 1.36 | 1.36 | Internal Submission |
| 2 | Sysinternals - www.sysinternals.com | Executable | e839ce1e0446d8da 889935f411f0fb7a d54d4b3e |
624adb0f45cbb9ca dad83c264df98891 |
Yes | 1.78 | 1.78 | 10.224.25.107/32 |
| 3 | Sysinternals - www.sysinternals.com | Executable | fddf011b81da0ee6 6fad2f1cdeb67e5e eef4e142 |
53e433146f2060b0 1e80128652d63c36 |
Yes | 1.77 | 1.77 | 10.100.19.9/32 |
| 4 | Sysinternals - www.sysinternals.com | Executable | 7f66f109db5f30e1 7bc4a6705acbcace 123c2765 |
2691d7f266050e68 49793d4b6661dddf |
Yes | 1.79 | 1.79 |  United States |
France
China
