Is MSWin.exe some form of malware?

Yes, I understand msconfig doesn't remove malware--in fact it doesn't remove
anything on it's own--it just provides an interface for making manual changes
to a PC's configuration, including which items will run at startup. What I
was trying to say is I haven't yet used msconfig to remove MSWin.exe
manually--I'm hoping to get some feedback about it on this forum to see if
people here agree that it is in fact some form of malware. I ran NAV and
SpySweeper (both current in regard to definition updates) and neither of them
flagged MSWin.exe. I've also run Spybot and AdAware within the last few
weeks with current updates and they didn't flag it either. Since the google
search indicates MSWin.exe is malware but none of the apps I mentioned
flagged it as a problem/risk, I'm trying to determine whether or not it's
really malware/adware/spyware/virus etc.
--
So much to learn... So little time.


"Ted Zieglar" wrote:

> A Google search had many references...and all of them you checked
> indicated it's malware...but you're still not sure...
>
> Msconfig won't remove malware. For that you need antivirus and
> anti-spyware software with updated malware definitions.
>
> ---
> Ted Zieglar
> "Backup is a computer user's best friend."
>
> Roughneck wrote:
> > I'm using msconfig to remove all the startup items I can from my son's PC and
> > found an entry for MSWin.exe that we don't have on our other computers. The
> > path name is C:\Documents and Settings\All Users\Start
> > Menu\Programs\Startup\MSWin.exe
> >
> > A google search found many references to this file and all of them I checked
> > indicated the file is some form of malware--but I'd like to get some feedback
> > from this forum. Does anyone know if this is in fact a file I should remove
> > from startup? Maybe even get rid of entirely?
>
 >> Stay informed about: Is MSWin.exe some form of malware? 

If your computer has the mswin.exe process on it, your system might be
infected with a trojan known as 'netcrack.b'.

Google for netcrack.b removal.


"Roughneck" <Roughneck.TakeThisOut@discussions.microsoft.com> wrote in message
news:2E60733C-1566-41DA-8CBF-90C78055C3A5@microsoft.com...
| Yes, I understand msconfig doesn't remove malware--in fact it doesn't
remove
| anything on it's own--it just provides an interface for making manual
changes
| to a PC's configuration, including which items will run at startup. What
I
| was trying to say is I haven't yet used msconfig to remove MSWin.exe
| manually--I'm hoping to get some feedback about it on this forum to see if
| people here agree that it is in fact some form of malware. I ran NAV and
| SpySweeper (both current in regard to definition updates) and neither of
them
| flagged MSWin.exe. I've also run Spybot and AdAware within the last few
| weeks with current updates and they didn't flag it either. Since the
google
| search indicates MSWin.exe is malware but none of the apps I mentioned
| flagged it as a problem/risk, I'm trying to determine whether or not it's
| really malware/adware/spyware/virus etc.
| --
| So much to learn... So little time.
|
|
| "Ted Zieglar" wrote:
|
| > A Google search had many references...and all of them you checked
| > indicated it's malware...but you're still not sure...
| >
| > Msconfig won't remove malware. For that you need antivirus and
| > anti-spyware software with updated malware definitions.
| >
| > ---
| > Ted Zieglar
| > "Backup is a computer user's best friend."
| >
| > Roughneck wrote:
| > > I'm using msconfig to remove all the startup items I can from my son's
PC and
| > > found an entry for MSWin.exe that we don't have on our other
computers. The
| > > path name is C:\Documents and Settings\All Users\Start
| > > Menu\Programs\Startup\MSWin.exe
| > >
| > > A google search found many references to this file and all of them I
checked
| > > indicated the file is some form of malware--but I'd like to get some
feedback
| > > from this forum. Does anyone know if this is in fact a file I should
remove
| > > from startup? Maybe even get rid of entirely?
| >
 >> Stay informed about: Is MSWin.exe some form of malware? 

The thing about malware these days is that it's very tricky to find, let
alone eliminate. The lucky ones get infected with something everyone
knows about (if you can call that luck.) Others get hit with something
that's hard to pinpoint because it keeps changing its form, or because
it disguises itself as part of the operating system. Also, if you've
been picking away at it you may have removed just enough so that a
scanner can no longer see it.

The startup tab of the system configuration utility (aka msconfig) was
designed as way to test which item that runs at startup is causing a
problem for the PC. Basically, you start with everything prevented from
starting, then you allow one thing at a time to start until you hit on
which startup item is causing the problem. It's tedious, but it usually
works.

Once you know which startup item is causing a problem, you find out
which program 'owns' that startup item and troubleshoot in the program
itself. Msconfig is not the cure - it's the diagnostic tool. It's not a
good idea to interfere with a program's startup process on a full-time
basis.

Of course, malware will often try to insert itself in Windows startup.
Once you have determined that a startup item belongs to malware you have
to get rid of the malware. These days, that means trying half a dozen or
more different scanners, or (if you're lucky) finding specific manual
removal instructions from the website of one of the major anti-malware
companies, a HiJackThis analysis and, when nothing else works, a clean
install.

---
Ted Zieglar
"Backup is a computer user's best friend."

Roughneck wrote:
> Yes, I understand msconfig doesn't remove malware--in fact it doesn't remove
> anything on it's own--it just provides an interface for making manual changes
> to a PC's configuration, including which items will run at startup. What I
> was trying to say is I haven't yet used msconfig to remove MSWin.exe
> manually--I'm hoping to get some feedback about it on this forum to see if
> people here agree that it is in fact some form of malware. I ran NAV and
> SpySweeper (both current in regard to definition updates) and neither of them
> flagged MSWin.exe. I've also run Spybot and AdAware within the last few
> weeks with current updates and they didn't flag it either. Since the google
> search indicates MSWin.exe is malware but none of the apps I mentioned
> flagged it as a problem/risk, I'm trying to determine whether or not it's
> really malware/adware/spyware/virus etc.
 >> Stay informed about: Is MSWin.exe some form of malware?