home

psmsgr.exe

PayEasy Shopping Messenger

InfoThink Technology CO., LTD.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘psmsgr’.
Publisher:
InfoThink Technology CO., LTD.  (signed and verified)

Product:
PayEasy Shopping Messenger

Version:
1, 2, 3, 0

MD5:
b336f9fab03ae1bc7f709767e45cc73b

SHA-1:
858ea455775f013364ebb684a5b8a9c4f02fd1d6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/11/2026 7:22:43 PM UTC  (today)

File size:
810.9 KB (830,384 bytes)

Product version:
1, 2, 3, 0

Copyright:
Copyright (c) InfoThink. 2003 - 2008

Original file name:
psmsgr.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\payeasy\shopping messenger\psmsgr.exe

Digital Signature
Signed by:
InfoThink Technology CO., LTD.

Authority:
The USERTRUST Network

Valid from:
4/26/2007 8:00:00 AM

Valid to:
4/26/2008 7:59:59 AM

Subject:
CN="InfoThink Technology CO., LTD.", OU=I-TRAVEL, O="InfoThink Technology CO., LTD.", STREET="2F., No.508, Sec. 5, Zhongxiao E. Rd., Xinyi District, Taipei City 11083, Taiwan(R.O.C.)", L=TAIPEI, S=N/A, PostalCode=11083, C=TW

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
77E98A2CDE15BD7139323B68AC8A7EF5

File PE Metadata
Compilation timestamp:
1/7/2008 11:24:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:v5SSOZOoSAcPMSzSRQmQFBr68QV/cxyhGoZ4JzarVOhA4yJq:v54O/MIz7xQV/8QGoZKar8hA3Jq

Entry address:
0x6F478

Entry point:
E8, A2, C6, 00, 00, E9, 16, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 3C, 1F, 4B, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 3C, 1F, 4B, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
6.6285

Code size:
568 KB (581,632 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
psmsgr

Command:
C:\Program Files\payeasy\shopping messenger\psmsgr.exe


Scan psmsgr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.