What is mspaint.exe?
mspaint.exe is a legitimate process file popularly known as Microsoft Paint. It is associated with Windows Operating System, developed by Microsoft Corporation. It is located in C:\Windows\System32 by default. Malware programmers create files with virus scripts and name them after mspaint.exe with an intention to spread virus on the internet.
Affected Platform: Windows OS
How to check if your computer is infected with mspaint.exe malware?
Keep an eye for the following symptoms to see if your PC is infected with mspaint.exe malware:
- Internet connection fluctuates
- mspaint.exe takes too much CPU space
- PC slows down significantly
- Browser automatically redirects to some irrelevant websites
- Unsolicited ads and popups starts appearing
- Screen freezes constantly
Take the following steps to diagnose your PC for possible mspaint.exe malware attack:
Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.
Step 2: If you notice the file located outside C:\Windows\System32, then you should run an antivirus scan to get rid of the malware.
How to remove mspaint.exe malware from system using Comodo Free Antivirus?
Step 1: Download the award-winning Comodo Free Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: After network detection is complete, press “Close” button for a scan window.
Step 4: Restart your PC.
Step 5: It will take some time for the Comodo Internet Security to update the antivirus.
Step 6: Proceed with a quick scan that automatically begins after the update.
Step 7: If threats are found during the scanning, you will be prompted with an alert screen.
Step 8: Comodo Antivirus will remove mspaint.exe malware from your computer including all other malwares!
No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
---|---|---|---|---|---|---|---|---|---|---|
1 | Microsoft Corporation | Executable | 2c74148e33002834 4af4ec77e9e4a4fd d83c0132 |
02fdccc9fe5f25fd 251e4e909b1c4538 |
Virus.Win32. Sality.gen |
No | 5.1.2600.5 512 (xpsp.0804 13-2105) |
5.1.2600.5 512 |
Macedonia | N/A |
2 | Microsoft Corporation | Executable | 186f38512e964e20 49c8b7c16dcfe2eb 25a7dc0f |
29d1b8a637db1d2d d3d7777a468f9878 |
Virus.Win32. Virut.CE |
No | 6.1.7600.1 6385 (win7_rtm. 090713-125 5) |
6.1.7600.1 6385 |
197.32.15.247/32 | N/A |
3 | Microsoft Corporation | Executable | 7b5d68386a1cd331 91d1a787d1575f9b d6a34642 |
c954e255689e4161 3cd27c8bba3df0bc |
Virus.Win32. Virut.CE |
No | 6.1.7600.1 6385 (win7_rtm. 090713-125 5) |
6.1.7600.1 6385 |
154.178.42.223/32 | N/A |
4 | Microsoft Corporation | Executable | 103b1cb0366557ee e27bb5e8cf3e85bf 94090a20 |
d97dc7b6bc71449b 42ce95c13ba6e690 |
Virus.Win32. Ramnit.OV |
No | 5.1.2600.5 918 (xpsp_sp3_ qfe.091216 -2118) |
5.1.2600.5 918 |
Turkey | N/A |
No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
---|---|---|---|---|---|---|---|---|
1 | N/A | Executable | 093bd097fe3929e8 fc37dfc44bc48c82 f96f0a4b |
1c3b322dec133f41 cf5d3ee8e152f7c5 |
No | N/A | N/A | Canada |
2 | Microsoft Corporation | Executable | 7b99baa564d7edcf e63f2a478df7a130 8a9535e4 |
ac083fcffacd1350 f756e5c3cec4650c |
No | 10.0.19041 .3758 (WinBuild. 160101.080 0) |
10.0.19041 .3758 |
United States |
3 | Microsoft Corporation | Executable | abb7e1beba53d836 5b5751f6cd439fb7 fc4fb2ec |
2033d2200365d4d8 99f1bef74b9f305a |
No | 5.1.2600.5 918 (xpsp_sp3_ gdr.091216 -2054) |
5.1.2600.5 918 |
Netherlands |
4 | NULL | Executable | 1ab80dbc1f84a88e fa207ca87fbad031 d0217de4 |
e862c993b95afa6c d55674a47d6bd978 |
No | NULL | NULL | United States |