How to Remove the mspaint.exe virus from PC

What is mspaint.exe?

mspaint.exe is a legitimate process file popularly known as Microsoft Paint. It is associated with Windows Operating System, developed by Microsoft Corporation. It is located in C:\Windows\System32 by default. Malware programmers create files with virus scripts and name them after mspaint.exe with an intention to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with mspaint.exe malware?

Keep an eye for the following symptoms to see if your PC is infected with mspaint.exe malware:

Internet connection fluctuates
mspaint.exe takes too much CPU space
PC slows down significantly
Browser automatically redirects to some irrelevant websites
Unsolicited ads and popups starts appearing
Screen freezes constantly

Take the following steps to diagnose your PC for possible mspaint.exe malware attack:

Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, then you should run an antivirus scan to get rid of the malware.

How to remove mspaint.exe malware from system using Comodo Free Antivirus?

Step 1: Download the award-winning Comodo Free Antivirus.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: After network detection is complete, press “Close” button for a scan window.

Step 4: Restart your PC.

Step 5: It will take some time for the Comodo Internet Security to update the antivirus.

Step 6: Proceed with a quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be prompted with an alert screen.

Step 8: Comodo Antivirus will remove mspaint.exe malware from your computer including all other malwares!

Malware Entries

Safe Entries

First Seen: 11 October 2011 at 11:14 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Microsoft Corporation	Executable	2c74148e33002834 4af4ec77e9e4a4fd d83c0132	02fdccc9fe5f25fd 251e4e909b1c4538	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2105)	5.1.2600.5 512	Macedonia	N/A
2	Microsoft Corporation	Executable	186f38512e964e20 49c8b7c16dcfe2eb 25a7dc0f	29d1b8a637db1d2d d3d7777a468f9878	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.32.15.247/32	N/A
3	Microsoft Corporation	Executable	103b1cb0366557ee e27bb5e8cf3e85bf 94090a20	d97dc7b6bc71449b 42ce95c13ba6e690	Virus.Win32. Ramnit.OV	No	5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118)	5.1.2600.5 918	Turkey	N/A
4	Microsoft Corporation	Executable	832cf8d9b414a672 d79ad465c9725e13 c2e25397	0c0878c23849a419 ffb104dbc0df5bc1	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	105.112.28.159/32	N/A
5	Microsoft Corporation	Executable	4950f89a3402b94b 6775444450851e3a 5547bd48	7ba8da69fc333a9c 70d7a3c41dc049bf	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Saudi Arabia	N/A
6	Корпорация Майкрософт	Executable	5d7974acc68fbe59 702ee11dcb5e73f0 0d02ecfa	00cb1131cbc357a8 39d0976ecd13ef2b	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2105)	5.1.2600.5 512	Russian Federation	N/A
7	Корпорация Майкрософт	Executable	d387438cda7c8b42 e58caa25544e9698 7558f9f7	571fdffaa90579c0 e739b651fc42c25d	Virus.Win32. Sality.gen	No	5.1.2600.5 918 (xpsp_sp3_ gdr.091216 -2054)	5.1.2600.5 918	Russian Federation	N/A
8	Microsoft Corporation	Executable	a460fb9664444b01 595f824a141b33e5 f517a8e1	b74be33c183f3553 f8f031afe9d08b7d	Virus.Win32. Parite.gen	No	5.1.2600.5 918 (xpsp_sp3_ gdr.091216 -2054)	5.1.2600.5 918	China	N/A
9	Microsoft Corporation	Executable	19339797f249b542 c7b49acf788a52e4 5847fa98	db0148b31bcf4502 c4aaefa94bc167fc	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Brazil	N/A
10	Microsoft Corporation	Executable	1a1edc4cc407e0fe 2c19d3a5666f295f 5ce4134b	dbf77d116a931156 144f05d991f0e8e4	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	India	N/A
11	Корпорация Майкрософт	Executable	3ba958889103af80 c3b1de32a6f359ee a34e3421	1fb79fa767f836e9 3067c3fb2fea535d	Virus.Win32. Virut.CE	No	5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118)	5.1.2600.5 918	Uzbekistan	N/A
12	Microsoft Corporation	Executable	0515c2a36194c467 8a6d0e6a0d832faf c47efb56	f8fdd64d412d6507 833f3a227923a643	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Algeria	N/A
13	Microsoft Corporation	Executable	6563b7e5cf81e3e5 6a76ffa0b146f283 470e993c	e604e6adecae9e93 644deb0f4d8f8cb1	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Algeria	N/A
14	Microsoft Corporation	Executable	070f33be9e3d918f d548a1d959e798fe bfc787ad	7d268db53ef5c580 7192ce446c70eb8d	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
15	Microsoft Corporation	Executable	20b5d5f5b1dc8ed7 feae5bfc8b954f12 0283a24c	92a989dc374412d4 b7530576fbf320ba	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	149.255.253.74/32	N/A
16	Microsoft Corporation	Executable	2943cb8627ff9724 5c96515b516d60b4 279e7b02	ba428f7d62524a56 15c6ef3280d1526b	Virus.Win32. Sality.Q	No	5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118)	5.1.2600.5 918	Poland	N/A
17	Microsoft Corporation	Executable	43f7f75da76ebbe5 0fe5638125f7088d dd1c845c	c6cf8963f2f4bc76 55564eee4b4dc177	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Philippines	N/A
18	1994	Executable	9bbdcbe1d75283f7 86605b260fc62737 92f89843	66f1ded8253f5f47 1f9e07c74e99b033	Unclassified Malware	No	1.00	1.00	Internal Submission	N/A
19	Microsoft Corporation	Executable	220cda87235360ed e237a5f90005223f 363e28d0	d80e8f2f30609991 b2b9a0ccd544e024	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2105)	5.1.2600.5 512	Egypt	N/A
20	N/A	Executable	d600c7b604a08221 166a92a3e7ffcd72 3784fda6	8d9281749d5c2de3 236f6d77618e858c	Win32.Neshta .A	No	N/A	N/A	181.66.169.99/32	N/A
21	Microsoft Corporation	Executable	bfcc5a0413d806b9 dd9452082ee32880 e297e7b1	1da5b6021d579017 957510e1b909fc7d	Worm.Win32.M abezat.b2	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Libyan Arab Jamahiriya	N/A
22	Microsoft Corporation	Executable	47fb504c5d43669c 79c7fe555db85e11 7cf79adc	3ed0786413741cd3 47ba8d44f684d24f	Virus.Win32. Virut.Ce	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Indonesia	N/A
23	Корпорация Майкрософт	Executable	00cdf732a7e9d819 44d69b296dee7e30 6a62e335	c0a18248ede57c9f 7cb8884510e34501	Virus.Win32. Expiro.nw	No	5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118)	5.1.2600.5 918	Russian Federation	N/A
24	Microsoft Corporation	Executable	8d646be5531f83c4 9e395e86f3f9f50a a7daf4fb	177b6d29d39cfa12 409839b52995a190	MalCrypt.Ind us!	No	5.1.2600.3 660 (xpsp_sp2_ gdr.091216 -1517)	5.1.2600.3 660	Indonesia	N/A
25	Корпорация Майкрософт	Executable	3d7a76cde8dcd8ff 4f09cf1e596ab47e 8895c0a0	32cd7a9252ce6eda 17060900cafd8661	Virus.Win32. Expiro.nw	No	5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118)	5.1.2600.5 918	Russian Federation	N/A
26	Microsoft Corporation	Executable	1faf1cd80e4aee5a 9743561450941b4f e5e75239	ab529c58adaf3043 0f0dd9a674c43703	Win32.Jeefo. A	No	5.1.2600.3 660 (xpsp_sp2_ gdr.091216 -1517)	5.1.2600.3 660	Germany	N/A
27	N/A	Executable	b60c2016a686f90b e6a73ddd164cbdcd 9d97e6dd	9b42c307bd2118af 26d4d2e4dd2d1ea7	Backdoor.Win 32.Poison.as	No	N/A	N/A	Brazil	N/A
28	Microsoft Corporation	Executable	f2f94efb58b002df 48b7a6c109efb547 f2be34a3	4f0f95b07e8d0ea3 3473a56edfbff1ae	Virus.Win32. Expiro.ew	No	5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118)	5.1.2600.5 918	United States	N/A
29	Корпорация Майкрософт	Executable	ebe0f1fd403b622c 62f39c5b1b266b95 b2e07c2c	f0d5d066d1517a1e e64520cb6e1695f5	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2105)	5.1.2600.5 512	Russian Federation	N/A
30	Microsoft Corporation	Executable	3cdb35b512ea1160 339d0b637b8356f3 b80c545c	20aef20dad80f899 85f833ea74942283	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	China	N/A
31	Microsoft Corporation	Executable	58ed701cd8cf695e 4bcab0eb27ef430c 1da5bbf6	823965e0d49cd220 185345db30243095	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Sudan	N/A
32	Microsoft Corporation	Executable	5ae95e48e15135f9 41d3a6d3e87e25c3 9babbb21	2ebec62addbd326d d6ec66f2c00b3492	P2PWorm.Win3 2.Polip.A	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Vietnam	N/A
33	Microsoft Corporation	Executable	6c5c541038143ea7 c810fc801e62ffad d005f34f	f82d1a7805f29cac 5a3a16c09b66f064	Virus.Win32. Parite.gen	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	102.164.99.57/32	N/A
34	Microsoft Corporation	Executable	226dd38375f00ce7 a52da57707e29c1a 4efe159f	ab03e20a0bb630ed f397838c06ab9927	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Romania	N/A
35	1994	Executable	e99af846309f1edc 22dc83fac375a43e 84ea03b9	9931ff71548b9a09 a2f73ded51bc72ce	Unclassified Malware	No	1.00	1.00	10.224.1.116/32	N/A

Prev 1 2 3...9 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 29 June 2009 at 2:38 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	N/A	Executable	093bd097fe3929e8 fc37dfc44bc48c82 f96f0a4b	1c3b322dec133f41 cf5d3ee8e152f7c5	No	N/A	N/A	Canada
2	Microsoft Corporation	Executable	53e78b8cf86e91c7 fbd9cefa9285b561 bf413eaf	aa54c722fb567db9 50db470ae2fd6c7b	No	4.00	4.00	United States
3	NULL	Executable	fdf2337900e9b01d c073b4d8179b10d2 3389646e	1cc539d5c9f557d3 071eb1057435b5f1	No	NULL	NULL	Norway
4	Microsoft Corporation	Executable	7b99baa564d7edcf e63f2a478df7a130 8a9535e4	ac083fcffacd1350 f756e5c3cec4650c	No	10.0.19041 .3758 (WinBuild. 160101.080 0)	10.0.19041 .3758	United States
5	Microsoft Corporation	Executable	abb7e1beba53d836 5b5751f6cd439fb7 fc4fb2ec	2033d2200365d4d8 99f1bef74b9f305a	No	5.1.2600.5 918 (xpsp_sp3_ gdr.091216 -2054)	5.1.2600.5 918	Netherlands
6	N/A	Executable	e120b70f38adc361 4deefec2d42152e3 8f1942fe	a51afe57ae612a05 1faa6b5688644c30	No	N/A	N/A	United States
7	NULL	Executable	1ab80dbc1f84a88e fa207ca87fbad031 d0217de4	e862c993b95afa6c d55674a47d6bd978	No	NULL	NULL	United States
8	NULL	Executable	32481eeee60f71a2 159cc9a0717dafcb c5cfb72a	d45be9d2d9eedcfa 184079f1a6fdf9b5	No	NULL	NULL	United States
9	NULL	Executable	db1691bc393a48eb 10e3089193bae6a3 517249fd	c72cd10966f14e11 75d1ca17dfb85fae	No	NULL	NULL	Russian Federation
10	NULL	Executable	11f6650da26ffe9f 8bb92992d72102a9 47bcd6e3	8433c306841d6a5b a802a98addd393da	No	NULL	NULL	India
11	Microsoft Corporation	Executable	1095d2f45e210f8e 715b060fb3ffa639 83483f84	bc8d2c0e8b157430 0edfc21e4d6f039c	No	4.00	4.00	United States
12	ReactOS Development Team	Executable	e8dfe8861afc6673 9e3fad045df43fcb de40f7fe	9fa81ea578fd5f22 ecbcca32a10a1d78	No	0.4.9	0.4.9	10.108.51.116/32
13	N/A	Executable	edc7bd9e274cef10 1f92f0ba2f29e412 7744818b	8a0b636e42b172dd c5db852f2e4010bf	No	N/A	N/A	Europe
14	Microsoft Corporation	Executable	bd488aef7de78cf5 d82c246d4be6dcff 291da33e	9de44d84edeb3df1 0fa715b101da1ee4	No	5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	Spain
15	NULL	Executable	507031bd6c0fd92f 086e152a8d3c2f68 497c7fa8	51ae44591ba956a4 9f7bb6182280a8bf	No	NULL	NULL	Japan
16	Microsoft Corporation	Executable	e6353ccd671ed8ee ffbb012d744a7e3b 0c56bd81	4c99142651aba730 0ad7ffbb5be2e81a	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	United States
17	Microsoft Corporation	Executable	5d884786b7d8b29b ab3dabb08df996f6 bef500ef	aaaaa95e704085e3 6007aa3923183d45	No	5.1.2600.5 918 (xpsp_sp3_ gdr.091216 -2054)	5.1.2600.5 918	Hungary
18	N/A	Executable	8469f572543d1ea6 2679dca50a6e1e0c 996c7f9d	883e0c5cdaa2bfc3 464640c311950250	No	N/A	N/A	United States
19	N/A	Non-executable	0ccf9b8a647a0a98 04e336e4e743f2f5 175f4be8	d5afb88784dfc1eb efd333d9beb58d99	No	N/A	N/A	United States
20	N/A	Executable	847c1188d9ddd627 c804bb5477b9a498 28aa961c	d2ae9592f55599eb b243d74ddeaf4ba6	No	N/A	N/A	Italy
21	N/A	Executable	d20b20f70bb5ad82 381de2bac519a2a3 3db0512f	bb2249e1723170c3 3951cf069f2e7585	No	N/A	N/A	India
22	Microsoft Corporation	Executable	1e2a48f1088ca5ab 78617a7eeb8aa5f6 2abd4846	986a191e95952c9e 3fe6be112fb92026	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	United States
23	N/A	Non-executable	bdc051856cf58750 51c520f6b454c3f9 a80ae45c	627f649373f2e134 b1dcb33d23740338	No	N/A	N/A	United States
24	Microsoft Corporation	Executable	8f5eca6b1d7ebe63 0f4b747baf812da1 2505a4b9	22c6bc912e310196 d02d9a2ff876a4ff	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Czech Republic
25	N/A	Executable	9b3da124799a90cf e0a58d8fcc5a6708 0682757a	af019013875b03c6 b2ecf0f1e09612f8	No	N/A	N/A	United States
26	Microsoft Corporation	Executable	77ee60f30a7b7e0c d4e19c42ec75c016 c57702e6	131607ca49962e89 611e9b36d25263bc	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Finland
27	N/A	Non-executable	1c0d14d63d054b86 ff6cc7d41e6de90d ff895ed6	4cb88e8ed3e75e8a a096923738d22ef1	No	N/A	N/A	United States