is win32cfg.exe nasty?

From: Yankele Cakker (yankelecakker_at_hotmail.com)
Date: 10/24/03

Next message: BadvokVMC: "Print Shares on peer-peer don't work"
Previous message: Steven L Umbach: "Re: Print file and folder permission"
Next in thread: Yankele Cakker: "Re: is win32cfg.exe nasty? -found it"
Reply: Yankele Cakker: "Re: is win32cfg.exe nasty? -found it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 24 Oct 2003 20:35:58 GMT

I noticed that my win2k system began to run agonizingly slowly. Found that it
was winlogon which was hogging most of my resources. In the registry key
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
found an entry for Shell for which the value was "explorer.exe win32cfg.exe".
This didn't look too good to me because it corresponded with a "strange"
entry in my RunOnce registry key named MS38495 for which the value was
"win32cfg.exe". If I tried to delete this it would reload by itself. Which is
where the winlogon came in. So I removed the win32cfg part of the Shel entry
and just left the explorer.exe. When I eliminated all of this stuff, my pc
ran fine again. I was unable to find anything useful regarding either MS38495
or win32cfg.exe in the Knowledge Base or in a search of the Newsgroups.
Google also had almost nothing. Does anyone have any information about this?
What does win32cfg.exe do and was I correct in removing it? I seem to
remember reading somewhere that it was put in by a virus, a worm or spyware
but I am not quite sure. Any help would be greatly appreciated.
Thanks.

-- 
Yankele Cakker
My reply e-mail address is correct as is. The courtesy of providing a
correct reply address is more important to me than time spent deleting spam.
Celeron 500, 256RAM, 20G HD, Cable
Gigabyte GA-GF 1280, SB PCI128
Win2k, IE6, OE6, AVG, Kerio

Next message: BadvokVMC: "Print Shares on peer-peer don't work"
Previous message: Steven L Umbach: "Re: Print file and folder permission"
Next in thread: Yankele Cakker: "Re: is win32cfg.exe nasty? -found it"
Reply: Yankele Cakker: "Re: is win32cfg.exe nasty? -found it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Re: RE: New Error When I Start
... Check the following registry key: ... When all else fails, HijackThis v1.99.1 ... forums for expert analysis, not here. ... Now the event log table shows only winlogon for each ...
(microsoft.public.windowsxp.general)
Re: ntbackup problem with BITS
... BITS service writes BITS_Metadata regvalue in this registry key, ... >> Options, Excluded Files tab), the first entry on the list ... >> Attempts to delete the entry from within ntbackup failed. ...
(microsoft.public.windowsxp.security_admin)
Re: Winlogon is not logging events in event viewer
... Have you done the same tests on other XP workstations? ... import the Winlogon registry key from a working computer to see whether it ... |> If the file system type of the volume which you'd like to check is NTFS, ...
(microsoft.public.windowsxp.help_and_support)
Re: Winlogon is not logging events in event viewer
... Have you done the same tests on other XP workstations? ... import the Winlogon registry key from a working computer to see whether it ... |> screen of checking file system before you logon. ...
(microsoft.public.windowsxp.help_and_support)
RE: Remove app from both device and desktop
... You might have a bunch of GUIDs entries at this location. ... > I modified the INI file I did not see any entry in the registry like MSDN ... > "String that identifies the application's Windows Uninstall registry key ... > I did not see a any entry there for my app. ...
(microsoft.public.dotnet.framework.compactframework)