How to remove the sysdiag virus

Most antivirus programs identify sysdiag.exe as malware—e.g. TrendMicro identifies it as Mal_DLDER or TROJ_SPNR.0BJT11, and McAfee identifies it as Artemis!194752F6BB87.

The free file information forum can help you find out how to remove it. If you have additional information about this file, please leave a comment or a suggestion for other users.

Click to Run a Free Virus Scan for the sysdiag.exe malware

Sysdiag.exe file information

Windows Task Manager with sysdiag
Sysdiag.exe process in Windows Task Manager

The process known as Spytech SpyAgent appears to belong to software Spytech SpyAgent by unknown.

Description: Sysdiag.exe is not essential for Windows and will often cause problems. Sysdiag.exe is located in a subfolder of "C:\Program Files". Known file sizes on Windows 10/8/7/XP are 1,052,160 bytes (20% of all occurrences), 583,680 bytes, 570,629 bytes, 1,426,944 bytes or 559,104 bytes. 
There is no file information. It is not a Windows system file. The software starts when Windows starts (see Registry key: MACHINE\Run, Run). The program has no visible window. It is able to record keyboard inputs. Sysdiag.exe is able to hide itself, monitor applications and record keyboard and mouse inputs. Therefore the technical security rating is 76% dangerous, however you should also read the user reviews.

Uninstalling this variant: You can also uninstall Spytech SpyAgent software via Windows Control Panel/Add or Remove Programs (Windows XP) or Programs and Features (Windows 10/8/7).

Recommended: Identify sysdiag.exe related errors

If sysdiag.exe is located in the user's profile folder, the security rating is 74% dangerous. The file size is 1,374,720 bytes. It is a file with no information about its developer. The program is not visible. The application is loaded during the Windows boot process (see Registry key: MACHINE\Run, Run). It is not a Windows system file. sysdiag.exe appears to be a compressed file.

External information from Paul Collins:
There are different files with the same name:

Important: You should check the sysdiag.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.


User Comments

On my computer, its is one of several SpyAgent files
  dsa   (further information)
main application of Spytech's SpyAgent
    (further information)
It is a keylogger and can be possible used to collect and send user data.

Summary: Average user rating of sysdiag.exe: based on 3 votes with 3 user comments. 3 users think sysdiag.exe is dangerous and recommend removing it.

Do you have additional information? Help other users!
What do you know about sysdiag.exe:
How would you rate it:
Link for more info:
Your Name:

Best practices for resolving sysdiag issues

The following programs have also been shown useful for a deeper analysis: ASecurity Task Manager examines the active sysdiag process on your computer and clearly tells you what it is doing. Malwarebytes' well-known Banti-malware tool tells you if the sysdiag.exe on your computer displays annoying ads, slowing it down. This type of unwanted adware program is not considered by some antivirus software to be a virus and is therefore not marked for cleanup.

A clean and tidy computer is the key requirement for avoiding PC trouble. This means running a scan for malware, cleaning your hard drive using 1cleanmgr and 2sfc /scannow, 3uninstalling programs that you no longer need, checking for Autostart programs (using 4msconfig) and enabling Windows' 5Automatic Update. Always remember to perform periodic backups, or at least to set restore points.

Should you experience an actual problem, try to recall the last thing you did, or the last thing you installed before the problem appeared for the first time. Use the 6resmon command to identify the processes that are causing your problem. Even for serious problems, rather than reinstalling Windows, you are better off repairing of your installation or, for Windows 8 and later versions, executing the 7DISM.exe /Online /Cleanup-image /Restorehealth command. This allows you to repair the operating system without losing data.

Other processes

sysdiag.exe [all]