Infinst.exe trusted application

[Tissalda]

Hello everyone,

 

While checking the Intrusion Prevention using Kaspersky Plus (version 21.17.7.539(a)) I noticed a program that I didn't recognize. Its called infinst.exe, it ran from the Temp folder.

Kaspersky flagged it as trusted, the temp folder where it was located isnt there anymore. I have attached a screenshot. Should I be worried about this? I couldn't find definitive information searching on google about what this file is.

I am using Windows 10.

 

I would appreciate any help.

 

[Berny]

@Tissalda Welcome.

Please delete temporary files and run a full scan ?

[Tissalda]

Thank you for your reply. I have deleted everything in the temp folder and finished a full scan. The scan found nothing suspicious.

One thing that I have noticed was that the time where this exe ran corresponded with a direct x update. Inside the direct x log file, I could find this:

Quote

06/29/24 16:55:10: dxupdate: DirectXUpdateGetSetupInformation(): Section [4.09.00.0904.0-4.09.00.0904.0_WinNT@64] is being installed.
06/29/24 16:55:10: dxupdate: Extracted file C:\Users\~1\AppData\Local\Temp\DXBD1D.tmp\d3dx11_43.dll from cab
06/29/24 16:55:10: dxupdate: Extracted file C:\Users\~1\AppData\Local\Temp\DXBD1D.tmp\d3dx11_43_x64.cat from cab
06/29/24 16:55:10: dxupdate: Extracted file C:\Users\~1\AppData\Local\Temp\DXBD1D.tmp\d3dx11_43_x64.inf from cab
06/29/24 16:55:10: dxupdate: Extracted file C:\Users\~1\AppData\Local\Temp\DXBD1D.tmp\d3dx11_43_x64_xp.inf from cab
06/29/24 16:55:10: dxupdate: Extracted file C:\Users\~1\AppData\Local\Temp\DXBD1D.tmp\infinst.exe from cab
06/29/24 16:55:10: dxupdate: Files:    6
06/29/24 16:55:10: dxupdate: Size:    1938432
06/29/24 16:55:10: dxupdate: InstallEXE(): Command:    infinst.exe d3dx11_43_x64.inf
06/29/24 16:55:10: infinst: Installing C:\Users\~1\AppData\Local\Temp\DXBD1D.tmp\d3dx11_43_x64.inf [DefaultInstall]
06/29/24 16:55:10: infinst: Installed file C:\Windows\system32\d3dx11_43.dll
06/29/24 16:55:10: dxupdate: InstallEXE(): infinst.exe returned 0.

 

Could this be the culprit? The folder looks to be the same. I am slightly paranoid after reinstalling windows 10. Whenever I see an unknown file, I fear for the worst.

[harlan4096]

Also, click In Intrusion Prevention -> Manage App -> Clean Up

 

It seems just an installation temporal file...

[Tissalda]

Thank you. I have hit the Clean Up button on the top.

Am I maybe being too paranoid with this? The created and modified dates were both empty and the size showed as 0 in the screenshot which made me suspicious.

[Tissalda]

Thank you both for your help.

Can I safely ignore this? Sorry if I am being pushy or obnoxious, this made me feel very paranoid.

[harlan4096]

Yes, I guess the files not there anymore...

[Tissalda]

Thank you again for taking the time to answer. I was just worried that if it was a malware, it might have installed something malicious before deleting itself, but I think Kaspersky would have flagged that. The time corresponding with the directx installation and your comments make me feel safer. Cheers.

 

[Tissalda]

I have one final question. Since I used the Clean Up function and the exe was removed, if it ever runs again, would Kaspersky pick it up again and list it? Or is this now in the "memory" as a trusted application and wouldn't be picked up?

[harlan4096]

The file will be analyzed and categorized again.